The branch, v4-15-test has been updated
via f9815fddb5e s3:rpcclient: Goto done in cmd_samr_setuserinfo_int()
via 31617c2e6d7 mdssvc: return all-zero policy handle if spotlight is
disabled
via 0553d07c8d3 CI: fix check for correct mdsvc resonse when connecting
to a share with Spotlight disabled
via 2df19cddd55 mdssvc: convert mds_init_ctx() to return NTSTATUS
from c38d9d6fe9b VERSION: Bump version up to Samba 4.15.10...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-15-test
- Log -----------------------------------------------------------------
commit f9815fddb5e1a49c18e43c31a6f07af4def43393
Author: Andreas Schneider <a...@samba.org>
Date: Thu Aug 19 12:09:28 2021 +0200
s3:rpcclient: Goto done in cmd_samr_setuserinfo_int()
We need to free the frame or we will run into:
smb_panic (why=0x7fa8c511aa88 "Frame not freed in order.")
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15124
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
(cherry picked from commit 2b32d932223e61935fc530eff1c05034ff817e21)
Autobuild-User(v4-15-test): Jule Anger <jan...@samba.org>
Autobuild-Date(v4-15-test): Sun Jul 31 19:07:36 UTC 2022 on sn-devel-184
commit 31617c2e6d7ded813d8991ce762197d4a0d78742
Author: Ralph Boehme <s...@samba.org>
Date: Wed May 25 17:37:22 2022 +0200
mdssvc: return all-zero policy handle if spotlight is disabled
A Mac SMB server returns an all zero handle and an empty path if Spotlight
is
disabled on a share. We must return the exact same error return in order to
trigger client-side searching.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086
pcap:
https://www.samba.org/~slow/pcaps/mac-bigsur-smbserver-spotlight-disabled.pcapng.gz
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Noel Power <npo...@samba.org>
Autobuild-User(master): Noel Power <npo...@samba.org>
Autobuild-Date(master): Tue Jul 12 15:42:52 UTC 2022 on sn-devel-184
(cherry picked from commit 23e6e50c0f82b997dea4a67069f65252045514c0)
commit 0553d07c8d380340112ec86230050c7e1ae31035
Author: Ralph Boehme <s...@samba.org>
Date: Tue Jun 7 09:52:53 2022 +0200
CI: fix check for correct mdsvc resonse when connecting to a share with
Spotlight disabled
A Mac SMB server returns an all zero handle and an empty path if Spotlight
is
disabled on a share. We must return the exact same error return in order to
trigger client-side searching.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086
pcap:
https://www.samba.org/~slow/pcaps/mac-bigsur-smbserver-spotlight-disabled.pcapng.gz
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Noel Power <npo...@samba.org>
(backported from commit 8e997bd6e9250499fd8e569d708edc29e304a0e8)
[s...@samba.org: unrelated test changes in tests.py]
commit 2df19cddd5530a0299449b0b0306207803a5a60e
Author: Ralph Boehme <s...@samba.org>
Date: Wed May 25 17:26:29 2022 +0200
mdssvc: convert mds_init_ctx() to return NTSTATUS
No change in behavour. In preperation for returning a special error to
signal
the caller that spotlight is disabled for a share.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Noel Power <npo...@samba.org>
(backported from commit 72468166b250de26747071cbbf3613c016ebfd42)
[s...@samba.org: use p->session_info as mds_init_ctx() arg]
-----------------------------------------------------------------------
Summary of changes:
source3/rpc_server/mdssvc/mdssvc.c | 40 ++++++++++++++++++++-----------
source3/rpc_server/mdssvc/mdssvc.h | 15 ++++++------
source3/rpc_server/mdssvc/srv_mdssvc_nt.c | 28 ++++++++++++++--------
source3/rpcclient/cmd_samr.c | 22 ++++++++++-------
source3/selftest/tests.py | 2 +-
source4/torture/rpc/mdssvc.c | 17 +++++++------
6 files changed, 75 insertions(+), 49 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_server/mdssvc/mdssvc.c
b/source3/rpc_server/mdssvc/mdssvc.c
index 956e097eaf4..a4b082b3274 100644
--- a/source3/rpc_server/mdssvc/mdssvc.c
+++ b/source3/rpc_server/mdssvc/mdssvc.c
@@ -1585,13 +1585,14 @@ static int mds_ctx_destructor_cb(struct mds_ctx
*mds_ctx)
* This ends up being called for every tcon, because the client does a
* RPC bind for every tcon, so this is acually a per tcon context.
**/
-struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct messaging_context *msg_ctx,
- struct auth_session_info *session_info,
- int snum,
- const char *sharename,
- const char *path)
+NTSTATUS mds_init_ctx(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct messaging_context *msg_ctx,
+ struct auth_session_info *session_info,
+ int snum,
+ const char *sharename,
+ const char *path,
+ struct mds_ctx **_mds_ctx)
{
const struct loadparm_substitution *lp_sub =
loadparm_s3_global_substitution();
@@ -1603,21 +1604,22 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
smb_iconv_t iconv_hnd = (smb_iconv_t)-1;
NTSTATUS status;
+ if (!lp_spotlight(snum)) {
+ return NT_STATUS_WRONG_VOLUME;
+ }
+
mds_ctx = talloc_zero(mem_ctx, struct mds_ctx);
if (mds_ctx == NULL) {
- return NULL;
+ return NT_STATUS_NO_MEMORY;
}
talloc_set_destructor(mds_ctx, mds_ctx_destructor_cb);
mds_ctx->mdssvc_ctx = mdssvc_init(ev);
if (mds_ctx->mdssvc_ctx == NULL) {
- goto error;
+ return NT_STATUS_NO_MEMORY;
}
backend = lp_spotlight_backend(snum);
- if (!lp_spotlight(snum)) {
- backend = SPOTLIGHT_BACKEND_NOINDEX;
- }
switch (backend) {
case SPOTLIGHT_BACKEND_NOINDEX:
mds_ctx->backend = &mdsscv_backend_noindex;
@@ -1637,6 +1639,7 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
default:
DBG_ERR("Unknown backend %d\n", backend);
TALLOC_FREE(mdssvc_ctx);
+ status = NT_STATUS_INTERNAL_ERROR;
goto error;
}
@@ -1645,6 +1648,7 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
"UTF8-NFC",
false);
if (iconv_hnd == (smb_iconv_t)-1) {
+ status = NT_STATUS_INTERNAL_ERROR;
goto error;
}
mds_ctx->ic_nfc_to_nfd = iconv_hnd;
@@ -1654,17 +1658,20 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
"UTF8-NFD",
false);
if (iconv_hnd == (smb_iconv_t)-1) {
+ status = NT_STATUS_INTERNAL_ERROR;
goto error;
}
mds_ctx->ic_nfd_to_nfc = iconv_hnd;
mds_ctx->sharename = talloc_strdup(mds_ctx, sharename);
if (mds_ctx->sharename == NULL) {
+ status = NT_STATUS_NO_MEMORY;
goto error;
}
mds_ctx->spath = talloc_strdup(mds_ctx, path);
if (mds_ctx->spath == NULL) {
+ status = NT_STATUS_NO_MEMORY;
goto error;
}
@@ -1672,6 +1679,7 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
mds_ctx->pipe_session_info = session_info;
if (session_info->security_token->num_sids < 1) {
+ status = NT_STATUS_BAD_LOGON_SESSION_STATE;
goto error;
}
sid_copy(&mds_ctx->sid, &session_info->security_token->sids[0]);
@@ -1680,6 +1688,7 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
mds_ctx->ino_path_map = db_open_rbt(mds_ctx);
if (mds_ctx->ino_path_map == NULL) {
DEBUG(1,("open inode map db failed\n"));
+ status = NT_STATUS_INTERNAL_ERROR;
goto error;
}
@@ -1704,16 +1713,19 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
if (ret != 0) {
DBG_ERR("vfs_ChDir [%s] failed: %s\n",
conn_basedir.base_name, strerror(errno));
+ status = map_nt_error_from_unix(errno);
goto error;
}
ok = mds_ctx->backend->connect(mds_ctx);
if (!ok) {
DBG_ERR("backend connect failed\n");
+ status = NT_STATUS_CONNECTION_RESET;
goto error;
}
- return mds_ctx;
+ *_mds_ctx = mds_ctx;
+ return NT_STATUS_OK;
error:
if (mds_ctx->ic_nfc_to_nfd != NULL) {
@@ -1724,7 +1736,7 @@ error:
}
TALLOC_FREE(mds_ctx);
- return NULL;
+ return status;
}
/**
diff --git a/source3/rpc_server/mdssvc/mdssvc.h
b/source3/rpc_server/mdssvc/mdssvc.h
index 392482767dd..205417c4be1 100644
--- a/source3/rpc_server/mdssvc/mdssvc.h
+++ b/source3/rpc_server/mdssvc/mdssvc.h
@@ -149,13 +149,14 @@ struct mdssvc_backend {
*/
extern bool mds_init(struct messaging_context *msg_ctx);
extern bool mds_shutdown(void);
-struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct messaging_context *msg_ctx,
- struct auth_session_info *session_info,
- int snum,
- const char *sharename,
- const char *path);
+NTSTATUS mds_init_ctx(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct messaging_context *msg_ctx,
+ struct auth_session_info *session_info,
+ int snum,
+ const char *sharename,
+ const char *path,
+ struct mds_ctx **_mds_ctx);
extern bool mds_dispatch(struct mds_ctx *query_ctx,
struct mdssvc_blob *request_blob,
struct mdssvc_blob *response_blob);
diff --git a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c
b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c
index b8eed8b6ff9..9f75796fbdd 100644
--- a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c
+++ b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c
@@ -91,19 +91,22 @@ static NTSTATUS create_mdssvc_policy_handle(TALLOC_CTX
*mem_ctx,
struct policy_handle *handle)
{
struct mds_ctx *mds_ctx;
+ NTSTATUS status;
ZERO_STRUCTP(handle);
- mds_ctx = mds_init_ctx(mem_ctx,
- messaging_tevent_context(p->msg_ctx),
- p->msg_ctx,
- p->session_info,
- snum,
- sharename,
- path);
- if (mds_ctx == NULL) {
- DEBUG(1, ("error in mds_init_ctx for: %s\n", path));
- return NT_STATUS_UNSUCCESSFUL;
+ status = mds_init_ctx(mem_ctx,
+ messaging_tevent_context(p->msg_ctx),
+ p->msg_ctx,
+ p->session_info,
+ snum,
+ sharename,
+ path,
+ &mds_ctx);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_DEBUG("mds_init_ctx() path [%s] failed: %s\n",
+ path, nt_errstr(status));
+ return status;
}
if (!create_policy_hnd(p, handle, 0, mds_ctx)) {
@@ -149,6 +152,11 @@ void _mdssvc_open(struct pipes_struct *p, struct
mdssvc_open *r)
r->in.share_name,
path,
r->out.handle);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_WRONG_VOLUME)) {
+ ZERO_STRUCTP(r->out.handle);
+ talloc_free(path);
+ return;
+ }
if (!NT_STATUS_IS_OK(status)) {
DBG_ERR("Couldn't create policy handle for %s\n",
r->in.share_name);
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index eb7f7fc8424..a048a4f935e 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -3296,7 +3296,8 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct
rpc_pipe_client *cli,
break;
default:
- return NT_STATUS_INVALID_INFO_CLASS;
+ status = NT_STATUS_INVALID_INFO_CLASS;
+ goto done;
}
/* Get sam policy handle */
@@ -3356,16 +3357,19 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct
rpc_pipe_client *cli,
&types,
&result);
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ goto done;
}
if (!NT_STATUS_IS_OK(result)) {
- return result;
+ status = result;
+ goto done;
}
if (rids.count != 1) {
- return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
}
if (types.count != 1) {
- return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
}
status = dcerpc_samr_OpenUser(b, frame,
@@ -3375,10 +3379,11 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct
rpc_pipe_client *cli,
&user_pol,
&result);
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ goto done;
}
if (!NT_STATUS_IS_OK(result)) {
- return result;
+ status = result;
+ goto done;
}
}
@@ -3398,7 +3403,8 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct
rpc_pipe_client *cli,
&result);
break;
default:
- return NT_STATUS_INVALID_PARAMETER;
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto done;
}
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("status: %s\n", nt_errstr(status)));
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 376e356ba3d..c53b2815eba 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -874,7 +874,7 @@ for t in tests:
plansmbtorture4testsuite(t, "ad_dc", '//$SERVER_IP/tmp
-U$USERNAME%$PASSWORD', 'over ncacn_np ')
plansmbtorture4testsuite(t, "ad_dc", 'ncacn_ip_tcp:$SERVER_IP
-U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ')
elif t == "rpc.mdssvc":
- plansmbtorture4testsuite(t, "fileserver", '//$SERVER_IP/tmp
-U$USERNAME%$PASSWORD
--option=torture:no_spotlight_localdir=$SELFTEST_PREFIX/fileserver/share')
+ plansmbtorture4testsuite(t, "fileserver", '//$SERVER_IP/tmp
-U$USERNAME%$PASSWORD')
elif t == "rpc.samr.passwords.validate":
plansmbtorture4testsuite(t, "nt4_dc", 'ncacn_ip_tcp:$SERVER_IP[seal]
-U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ')
plansmbtorture4testsuite(t, "ad_dc", 'ncacn_ip_tcp:$SERVER_IP[seal]
-U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ')
diff --git a/source4/torture/rpc/mdssvc.c b/source4/torture/rpc/mdssvc.c
index 17e895a8cc2..8f16af66476 100644
--- a/source4/torture/rpc/mdssvc.c
+++ b/source4/torture/rpc/mdssvc.c
@@ -264,7 +264,7 @@ static bool test_mdssvc_open_spotlight_disabled(struct
torture_context *tctx,
data, struct torture_mdsscv_state);
struct dcerpc_binding_handle *b = state->p->binding_handle;
struct policy_handle ph;
- const char *localdir = NULL;
+ struct policy_handle nullh;
uint32_t device_id;
uint32_t unkn2;
uint32_t unkn3;
@@ -282,17 +282,12 @@ static bool test_mdssvc_open_spotlight_disabled(struct
torture_context *tctx,
share_mount_path = torture_setting_string(
tctx, "share_mount_path", "/foo/bar");
- localdir = torture_setting_string(
- tctx, "no_spotlight_localdir", NULL);
- torture_assert_not_null_goto(
- tctx, localdir, ok, done,
- "need 'no_spotlight_localdir' torture option \n");
-
device_id_out = device_id = generate_random();
unkn2_out = unkn2 = 23;
unkn3_out = unkn3 = 0;
ZERO_STRUCT(ph);
+ ZERO_STRUCT(nullh);
status = dcerpc_mdssvc_open(b,
tctx,
@@ -315,8 +310,12 @@ static bool test_mdssvc_open_spotlight_disabled(struct
torture_context *tctx,
torture_assert_u32_equal_goto(tctx, unkn3, unkn3_out,
ok, done, "Bad unkn3\n");
- torture_assert_str_equal_goto(tctx, share_path, localdir, ok, done,
- "Wrong share path\n");
+ torture_assert_goto(tctx, share_path[0] == '\0', ok, done,
+ "Expected empty string as share path\n");
+
+ torture_assert_mem_equal_goto(tctx, &ph, &nullh,
+ sizeof(ph), ok, done,
+ "Expected all-zero policy handle\n");
done:
return ok;
--
Samba Shared Repository
