[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5c8032b s3: libsmb: Fix valgrind read-after-free error in cli_smb2_close_fnum_recv(). from 9f9c5d3 testprogs: Fix a typo in the net ads test https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5c8032b6b8ce4439b3ef8f43a62a419f081eb787 Author: Jeremy Allison <j...@samba.org> Date: Wed Nov 29 09:21:30 2017 -0800 s3: libsmb: Fix valgrind read-after-free error in cli_smb2_close_fnum_recv(). cli_smb2_close_fnum_recv() uses tevent_req_simple_recv_ntstatus(req), which frees req, then uses the state pointer which was owned by req. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13171 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Nov 30 05:47:12 CET 2017 on sn-devel-144 --- Summary of changes: source3/libsmb/cli_smb2_fnum.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c index 628b17b..78f61fb 100644 --- a/source3/libsmb/cli_smb2_fnum.c +++ b/source3/libsmb/cli_smb2_fnum.c @@ -449,8 +449,12 @@ NTSTATUS cli_smb2_close_fnum_recv(struct tevent_req *req) { struct cli_smb2_close_fnum_state *state = tevent_req_data( req, struct cli_smb2_close_fnum_state); - NTSTATUS status = tevent_req_simple_recv_ntstatus(req); - state->cli->raw_status = status; + NTSTATUS status = NT_STATUS_OK; + + if (tevent_req_is_nterror(req, )) { + state->cli->raw_status = status; + } + tevent_req_received(req); return status; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1da1720 vfs_fruit: proper VFS-stackable conversion of FinderInfo via 84976cb vfs_fruit: add AfpInfo prototypes via 7b00b55 s4/torture: fruit: in test_adouble_conversion() also check stream list and AFPINFO_STREAM via ebbffd8 s4/torture: fruit: remove use of localdir from test_adouble_conversion test via 3f9b45a selftest: add "fruit:veto_appledouble = no" to fruit shares via ac88084 s4/torture: let write_stream() deal with stream=NULL via e28dd6a selftest: run AppleDouble sidecar-file conversion test runs against all fruit shares via 9af9c5c s4/torture: use torture_assert_goto in a vfs.fruit test via 75a3c0f s4/torture: rework stream names tests usage of local xattr call via 3c1bdaf selftest: add localdir option to fruit subtests via 06542b2 selftest: reorder arguments for fruit tests from 8b6f581 systemd: Start processes in forground and without a process group https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1da17204344a99a3bfa289355a996027a21814b8 Author: Ralph Boehme <s...@samba.org> Date: Wed Nov 15 16:52:48 2017 +0100 vfs_fruit: proper VFS-stackable conversion of FinderInfo This fixes the problem that conversion failed with fruit:metadata=stream. Before we were calling ad_set() which stores the metadata in the Netatalk compatible format. Rewrite to fully go through the VFS by calling SMB_VFS_CREATE_FILE() and SMB_VFS_PWRITE(). Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Nov 29 08:38:06 CET 2017 on sn-devel-144 commit 84976cb670847f199598995d48bd9c3f3dd0f035 Author: Ralph Boehme <s...@samba.org> Date: Wed Nov 15 16:52:16 2017 +0100 vfs_fruit: add AfpInfo prototypes Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 7b00b558761b6564928289efcf835e9b9cc86a89 Author: Ralph Boehme <s...@samba.org> Date: Fri Nov 17 12:57:14 2017 +0100 s4/torture: fruit: in test_adouble_conversion() also check stream list and AFPINFO_STREAM This reveals that the conversion doesn't work properly with fruit:metadata=stream. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ebbffd80862d7d7b025eca219bc0c8f818585ac9 Author: Ralph Boehme <s...@samba.org> Date: Fri Nov 17 12:53:42 2017 +0100 s4/torture: fruit: remove use of localdir from test_adouble_conversion test The previous use of localdir and torture_setup_local_file() was motivated by the fact that by default vfs_fruit rejects access to files with a "._" prefix. Since a previous commit allowed SMB access to ._ files, rewrite the test_adouble_conversion() test to create the ._ AppleDouble file over SMB. This also renders torture_setup_local_file() obsolete. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 3f9b45a410384904d64bdd0d68ff2a5bc25bd3e9 Author: Ralph Boehme <s...@samba.org> Date: Fri Nov 17 13:52:25 2017 +0100 selftest: add "fruit:veto_appledouble = no" to fruit shares This is needed for a subsequent commit that modifies an existing test to write a ._ file over SMB instead of using the ugly local creation hack. SMB acces of ._ files requires "fruit:veto_appledouble = no", so let's set it. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ac880848a905a3840b69af2cb1d842d307401a07 Author: Ralph Boehme <s...@samba.org> Date: Fri Nov 17 08:13:10 2017 +0100 s4/torture: let write_stream() deal with stream=NULL Bug: https://bugzilla.samba.org/show_bug.cgi?id=13155 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e28dd6a0ce753a880b2512eb62661411b20f763b Author: Ralph Boehme <s...@samba.org> Date: Wed Nov 15 18:39:53 2017 +0100 selftest: run AppleDouble sidecar-file conversion test runs against all fruit shares This needs for work in all possible fruit configs, so test it. This currently fails with stream_depot, as we don't propely copy over
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via deaaff6 s3/loadparm: don't mark IPC$ as autoloaded via ea4e6f9 s3/loadparm: ensure default service options are not changed via 1fc1035 s3/loadparm: allocate a fresh sDefault object per lp_ctx via 81e9ae1 smbstatus: correctly denote not fully authenticated sessions via eb6dd7d s3/smbstatus: add a NULL check from aace1f8 lib: Fix a typo https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit deaaff6843159f02bb15aeaf457f8af305e40164 Author: Ralph Boehme <s...@samba.org> Date: Tue Nov 21 14:34:28 2017 +0100 s3/loadparm: don't mark IPC$ as autoloaded A related problem that affects configuration for the hidden IPC$ share. This share is marked a "autoloaded" and such shares are not reloaded when requested. That resulted in the tcon to IPC$ still using encrpytion after running the following sequence of changes: 1. stop Samba 2. set [global] smb encrypt = required 3. start Samba 4. remove [global] smb encrypt = required 5. smbcontrol smbd reload-config 6a bin/smbclient -U slow%x //localhost/raw -c quit, or 6b bin/smbclient -U slow%x -mNT1 //localhost/raw -c ls In 6a the client simply encrypted packets on the IPC$ tcon. In 6b the client got a tcon failure with NT_STATUS_ACCESS_DENIED, but silently ignore the error. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13051 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Nov 28 02:02:37 CET 2017 on sn-devel-144 commit ea4e6f95ae5c97e8570b8090ee7e7a577b49a8c3 Author: Ralph Boehme <s...@samba.org> Date: Tue Nov 21 14:28:48 2017 +0100 s3/loadparm: ensure default service options are not changed Rename sDefault to _sDefault and make it const. sDefault is make a copy of _sDefault in in the initialisation function lp_load_ex(). As we may end up in setup_lp_context() without going through lp_load_ex(), sDefault may still be uninitialized at that point, so I'm initializing lp_ctx->sDefault from _sDefault. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13051 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 1fc103547023aa1c880713e5b65ec164acb58b54 Author: Ralph Boehme <s...@samba.org> Date: Wed Nov 22 11:49:57 2017 +0100 s3/loadparm: allocate a fresh sDefault object per lp_ctx This is in preperation of preventing direct access to sDefault in all places that currently modify it. As currently s3/loadparm is afaict not accessing lp_ctx->sDefault, but changes sDefault indirectly through lp_parm_ptr() this change is just a safety measure to prevent future breakage. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13051 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 81e9ae1368c34bf59d0a100c9f03ea67d64f2979 Author: Ralph Boehme <s...@samba.org> Date: Tue Jul 4 12:22:00 2017 +0200 smbstatus: correctly denote not fully authenticated sessions Currently for sessions where authentication is still in progress we print uid and gid as -1. With this change we nicely list them like this: PID Username GroupMachine Protocol Version 6604 (auth in progress) 127.0.0.1 (ipv4:127.0.0.1:47930) SMB3_11 .... Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit eb6dd7dc29a9b89d155d987331aaa79fd4c9a9bb Author: Ralph Boehme <s...@samba.org> Date: Wed Nov 22 10:43:19 2017 +0100 s3/smbstatus: add a NULL check Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/param/loadparm.c | 20 +++--- source3/utils/status.c | 55 +++- 2 files changed, 53 insertions(+), 22 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index d346324..01c022e 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -111,7 +111,7 @@ static bool defaults_saved = false; static struct loadparm_global Globals; /* This is a default service used to prime a services structure */ -static struct loadparm_service sDefault = +static const struct loadparm_service _sDefault = { .valid = true, .autoloaded = false, @@ -249,6 +249,12 @@ static struct loadparm_service sDefault =
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 76f370e libgpo: Fix CID 1422263 Resource leak via 4806f05 libgpo: Fix CID 1422262 Explicit null dereferenced from 33f88ab s3: smbd: Chain code can return uninitialized memory when talloc buffer is grown. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 76f370edae59d11143edb5983e3277b33d9af422 Author: Volker Lendecke <v...@samba.org> Date: Tue Nov 21 20:41:47 2017 +0100 libgpo: Fix CID 1422263 Resource leak Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Nov 22 02:03:17 CET 2017 on sn-devel-144 commit 4806f0505e3ab6cd1aedd0e79c81e3a87afb9b18 Author: Volker Lendecke <v...@samba.org> Date: Tue Nov 21 20:30:08 2017 +0100 libgpo: Fix CID 1422262 Explicit null dereferenced Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: libgpo/pygpo.c | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/libgpo/pygpo.c b/libgpo/pygpo.c index a54ddb9..d7bb173 100644 --- a/libgpo/pygpo.c +++ b/libgpo/pygpo.c @@ -175,12 +175,16 @@ static int py_ads_init(ADS *self, PyObject *args, PyObject *kwds) } if (lp_obj) { + bool ok; lp_ctx = pytalloc_get_type(lp_obj, struct loadparm_context); if (lp_ctx == NULL) { return -1; } + ok = lp_load_initial_only(lp_ctx->szConfigFile); + if (!ok) { + return -1; + } } - if (!lp_load_initial_only(lp_ctx->szConfigFile)) return -1; if (self->cli_creds) { realm = cli_credentials_get_realm(self->cli_creds); @@ -244,6 +248,7 @@ static PyObject* py_ads_connect(ADS *self) if (!strupper_m(self->ads_ptr->auth.realm)) { PyErr_SetString(PyExc_SystemError, "Failed to strdup"); TALLOC_FREE(frame); + SAFE_FREE(passwd); Py_RETURN_FALSE; } @@ -251,6 +256,7 @@ static PyObject* py_ads_connect(ADS *self) if (!ADS_ERR_OK(status)) { PyErr_SetString(PyExc_SystemError, "ads_connect() failed"); TALLOC_FREE(frame); + SAFE_FREE(passwd); Py_RETURN_FALSE; } } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 050ca45 winbind: Remove winbind_messaging_context via d8a01d0 winbind: winbind_messaging_context -> server_messaging_context via e1f12ac winbind: Remove winbind_event_context via 7e83d14 winbind: Replace winbind_event_context with server_event_context via d27f38d libnet_join: fix "net rpc oldjoin" via 9466796 s3:selftest: add samba3.blackbox.net_rpc_oldjoin test via d74c608 nsswitch: Slightly simplify winbindd_request_response via ffbf393 ntlm_auth: Use libwbclient in get_winbind_netbios_name() via 403003b ntlm_auth: Use libwbclient in get_require_membership_sid() via 25e85a4 ntlm_auth: Use libwbclient in get_winbind_domain() via 5781cef ntlm_auth: Use libwbclient in winbind_separator() via 87c4432 libwbclient: Fix two signed/unsigned hickups via e83f389 lib: Save a few bytes of .text via 73533b9 lib: Fix a false/NULL hickup via 98dd651 lib: Simplify is_ipaddress_v6 via 2a86876 lib: Avoid a pointless static variable via 03be840 winbindd: Fix some signed/unsigned warnings via df5a534 nsswitch: Fix a typo via c19b49b tevent: Fix typos via 625d27d libsmb: Fix a typo from 993fa57 lib: tevent: Minor cleanup. wakeup_fd can always be gotten from the event context. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 050ca45dc7fc5bbab6e1c60b919ac0b1e9661e27 Author: Volker Lendecke <v...@samba.org> Date: Fri Nov 17 11:47:37 2017 +0100 winbind: Remove winbind_messaging_context BUG: https://bugzilla.samba.org/show_bug.cgi?id=13150 Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Nov 18 04:07:24 CET 2017 on sn-devel-144 commit d8a01d09c13728f36107f6eb94ecb7653706a4db Author: Volker Lendecke <v...@samba.org> Date: Fri Nov 17 11:42:34 2017 +0100 winbind: winbind_messaging_context -> server_messaging_context Don't use winbind_messaging_context anymore. This fixes a bug analysed by Peter Somogyi <psomo...@hu.ibm.com>: If a parent winbind forks, it only called reinit_after_fork on winbind_messaging_context. On the other hand, deep in dbwrap_open we use server_messaging_context(). This is not reinitialized by winbind_reinit_after fork, so the parent and child share a ctdb connection. This is invalid, because replies from ctdb end up in the wrong process. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13150 Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e1f12acc13a3cc004518ac3460c6000ea0b95115 Author: Volker Lendecke <v...@samba.org> Date: Fri Nov 17 11:37:30 2017 +0100 winbind: Remove winbind_event_context BUG: https://bugzilla.samba.org/show_bug.cgi?id=13150 Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 7e83d1489406cd53d72097e40bf02295c88ea61e Author: Volker Lendecke <v...@samba.org> Date: Fri Nov 17 11:35:19 2017 +0100 winbind: Replace winbind_event_context with server_event_context There's no point in having two global event contexts BUG: https://bugzilla.samba.org/show_bug.cgi?id=13150 Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit d27f38d35bf111a5c0a898a5ef8b7dd0b320da0d Author: Stefan Metzmacher <me...@samba.org> Date: Thu Nov 16 21:09:20 2017 + libnet_join: fix "net rpc oldjoin" We need to open the ncacn_np (smb) transport connection with anonymous credentials. In order to do netr_ServerPasswordSet*() we need to establish a 2nd netlogon connection using dcerpc schannel authentication. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13149 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 9466796c87cc4ca8d32da553421cd8ecef1bb8e4 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Nov 17 15:51:36 2017 +0100 s3:selftest: add samba3.blackbox.net_rpc_oldjoin test This demonstrates that "net rpc oldjoin" is currently broken. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13149 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit d74c60807cdaec2835c400a6de0fa5e381cc1392 Author: Volker Lendecke <v...@samba.org> Date: Sat Jul 15 11:54:14 2017 +0200 nsswitch: Slightly simplify winbindd_request_response
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6c0d053 s4: torture: Ensure kernel oplock test can't hang in pause(). from f8cd211 s3: smbclient: tests: Test "volume" command over SMB1 and SMB2+. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6c0d053ec0ea54e4152878564c5d21dfae9f346b Author: Jeremy Allison <j...@samba.org> Date: Wed Nov 15 10:12:06 2017 -0800 s4: torture: Ensure kernel oplock test can't hang in pause(). Use an alarm to break out of waiting for a signal. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13121 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Nov 16 22:27:06 CET 2017 on sn-devel-144 --- Summary of changes: source4/torture/smb2/oplock.c | 67 +++ 1 file changed, 67 insertions(+) Changeset truncated at 500 lines: diff --git a/source4/torture/smb2/oplock.c b/source4/torture/smb2/oplock.c index 1830a01..b6d9f84 100644 --- a/source4/torture/smb2/oplock.c +++ b/source4/torture/smb2/oplock.c @@ -4817,6 +4817,17 @@ static void got_rt_break(int sig) got_break = 1; } +static int got_alarm; + +/* + * Signal handler. + */ + +static void got_alarm_fn(int sig) +{ + got_alarm = 1; +} + /* * Child process function. */ @@ -4835,6 +4846,13 @@ static int do_child_process(int pipefd, const char *name) if (ret == -1) { return 1; } + /* Set up a signal handler for SIGALRM. */ + ZERO_STRUCT(act); + act.sa_handler = got_alarm_fn; + ret = sigaction(SIGALRM, , NULL); + if (ret == -1) { + return 1; + } /* Open the passed in file and get a kernel oplock. */ fd = open(name, O_RDWR, 0666); if (fd == -1) { @@ -4857,16 +4875,26 @@ static int do_child_process(int pipefd, const char *name) return 5; } + /* Ensure the pause doesn't hang forever. */ + alarm(5); + /* Wait for RT_SIGNAL_LEASE. */ ret = pause(); if (ret != -1 || errno != EINTR) { return 6; } + if (got_alarm == 1) { + return 10; + } + if (got_break != 1) { return 7; } + /* Cancel any pending alarm. */ + alarm(0); + /* Force the server to wait for 3 seconds. */ sleep(3); @@ -4928,6 +4956,23 @@ static bool wait_for_child_oplock(struct torture_context *tctx, } #endif +static void child_sig_term_handler(struct tevent_context *ev, + struct tevent_signal *se, + int signum, + int count, + void *siginfo, + void *private_data) +{ + int *pstatus = (int *)private_data; + int status; + wait(); + if (WIFEXITED(status)) { + *pstatus = WEXITSTATUS(status); + } else { + *pstatus = status; + } +} + /* * Deal with a non-smbd process holding a kernel oplock. */ @@ -4944,6 +4989,8 @@ static bool test_smb2_kernel_oplocks8(struct torture_context *tctx, struct smb2_handle h1 = {{0}}; struct smb2_handle h2 = {{0}}; const char *localdir = torture_setting_string(tctx, "localdir", NULL); + struct tevent_signal *se = NULL; + int child_exit_code = -1; time_t start; time_t end; @@ -4963,6 +5010,14 @@ static bool test_smb2_kernel_oplocks8(struct torture_context *tctx, smb2_util_close(tree, h1); ZERO_STRUCT(h1); + se = tevent_add_signal(tctx->ev, + tctx, + SIGCHLD, + 0, + child_sig_term_handler, + _exit_code); + torture_assert(tctx, se != NULL, "tevent_add_signal failed\n"); + /* Take the oplock locally in a sub-process. */ ret = wait_for_child_oplock(tctx, localdir, fname); torture_assert_goto(tctx, ret = true, ret, done, @@ -5013,6 +5068,18 @@ static bool test_smb2_kernel_oplocks8(struct torture_context *tctx, "Error opening the file\n"); h2 = io.out.file.handle; + /* Wait for the exit code from the child. */ + while (child_exit_code == -1) { + int rval = tevent_loop_once(tctx->ev); + torture_assert(tctx, rval == 0, "tevent_loop_once error\n"); + } + + if (child_exit_code != 0) { + torture_comment(tctx, "Bad child exit code %d\n"
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2e5ea35 smbtorture: Remove an unused variable via a1b2daa dreplsrv: Use is_null_sid via 01a5462 lib: Save a few bytes of .text via 3b2ba9c rpcclient: Avoid a ZERO_STRUCT, save a few bytes .text via 1c6e270 lib: Avoid a ZERO_STRUCT, save a few bytes .text via 1f071b1 smbd: Avoid an "else" via cd5d726 util_tdb: Make a few functions static via 3c50275 passdb: Fix a typo via b0e2c66 libcli: Fix a signed/unsigned hickup via fe4e24e netsamlogon_cache: Use ndr_pull_struct_blob_all from 2e573ee tevent: version 0.9.34 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2e5ea35f0b6c114581a8434a8b8824d17b353062 Author: Volker Lendecke <v...@samba.org> Date: Sun Nov 12 16:09:35 2017 +0100 smbtorture: Remove an unused variable Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Nov 14 03:55:37 CET 2017 on sn-devel-144 commit a1b2daa06f85772fd23b59b24c838b6f699dce89 Author: Volker Lendecke <v...@samba.org> Date: Sun Nov 12 16:07:48 2017 +0100 dreplsrv: Use is_null_sid Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 01a54627a09d1c0d32aba3faf1b114a46f1e5bff Author: Volker Lendecke <v...@samba.org> Date: Sun Nov 12 14:55:40 2017 +0100 lib: Save a few bytes of .text Looks surprising, but this does save bytes if you look at the object with "size". Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 3b2ba9c884931808cc1870dbad5d072366b16d2a Author: Volker Lendecke <v...@samba.org> Date: Sun Nov 12 14:48:24 2017 +0100 rpcclient: Avoid a ZERO_STRUCT, save a few bytes .text Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 1c6e2704fb8f97ab8658df6354e9b5dc1e7b1b96 Author: Volker Lendecke <v...@samba.org> Date: Sun Nov 12 14:48:24 2017 +0100 lib: Avoid a ZERO_STRUCT, save a few bytes .text Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 1f071b1a25b33d5667acd6d4185de2a4b6826b2d Author: Volker Lendecke <v...@samba.org> Date: Fri Aug 4 10:44:59 2017 +0200 smbd: Avoid an "else" We always return in the if-branch before. The else is redundant Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit cd5d726c89466b4e5af11d02d98ad8be7af936da Author: Volker Lendecke <v...@samba.org> Date: Thu Aug 3 17:08:48 2017 +0200 util_tdb: Make a few functions static Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 3c5027556aece81942bc8dc3baed25cd8d869653 Author: Volker Lendecke <v...@samba.org> Date: Fri Aug 4 14:47:17 2017 +0200 passdb: Fix a typo Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b0e2c669e14c83cbd198c5ea4bee94e276402c9f Author: Volker Lendecke <v...@samba.org> Date: Mon Nov 13 08:53:04 2017 +0100 libcli: Fix a signed/unsigned hickup Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit fe4e24e143c28fd98faaac97ef6bc56180f0ecc7 Author: Volker Lendecke <v...@samba.org> Date: Thu Aug 3 17:03:26 2017 +0200 netsamlogon_cache: Use ndr_pull_struct_blob_all Be a bit more strict for error checking Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: lib/util/util_tdb.c | 11 +++ lib/util/util_tdb.h | 24 libcli/security/util_sid.c | 4 ++-- source3/libnet/libnet_dssync.c | 4 +--- source3/libsmb/samlogon_cache.c | 5 +++-- source3/passdb/lookup_sid.c | 2 +- source3/rpcclient/cmd_drsuapi.c | 4 +--- source3/smbd/process.c | 3 ++- source4/dsdb/repl/drepl_partitions.c | 4 +--- source4/torture/drs/rpc/dssync.c | 2 -- 10 files changed, 18 insertions(+), 45 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/util_tdb.c b/lib/util/util_tdb.c index e3eefda..24fb658 100644 --- a/lib/util/util_tdb.c +++ b/lib/util/util_tdb.c @@ -132,7 +132,7 @@ void tdb_read_unlock_bystring(struct tdb_context *td
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a0f6ea8 libsmbclient: Allow server (NetApp) to return STATUS_INVALID_PARAMETER from an echo. via 37ac8ad vfs: remove SMB_VFS_INIT_SEARCH_OP via bb40fa8 vfs_unityed_media: remove handling of init_search_op via 7a34ed8 vfs_media_harmony: remove handling of init_search_op via fba8bd6 vfs_time_audit: remove init_search_op implementation via 0f1dede vfs_glusterfs: remove init_search_op handling via fd1aa4a VFS examples: remove init_search_ops via 1d9e8ff smbd: remove dptr_init_search_op() via b8aa599 smbd: remove calls to dptr_init_search_op() from TRANS2 search code via f53ee12 smbd: remove calls to dptr_init_search_op() via 6381044 vfs: Remove aio_linux from 20cfcb7 tevent: Fix a race condition https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a0f6ea8dec1ab3d19bc93da12a9b0a1c0ccf6142 Author: Jeremy Allison <j...@samba.org> Date: Fri Sep 8 16:20:34 2017 -0700 libsmbclient: Allow server (NetApp) to return STATUS_INVALID_PARAMETER from an echo. It does this if we send a session ID of zero. The server still replied. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13007 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Nov 11 08:44:37 CET 2017 on sn-devel-144 commit 37ac8ad4bf3122c369eec6f213bb8a62f8e92884 Author: Uri Simchoni <u...@samba.org> Date: Fri Nov 10 21:53:58 2017 +0200 vfs: remove SMB_VFS_INIT_SEARCH_OP This VFS is no longer being called, hence removed. Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit bb40fa8445d650e6d840abe96b0143950da037ca Author: Uri Simchoni <u...@samba.org> Date: Fri Nov 10 21:50:17 2017 +0200 vfs_unityed_media: remove handling of init_search_op init_search_op is about to be removed from the VFS in a following commit. In the meantime, removing it poses no issue because he underlying impementation is a no-op. Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 7a34ed88c88036942d955fcc1e303e147f2001fb Author: Uri Simchoni <u...@samba.org> Date: Fri Nov 10 21:48:26 2017 +0200 vfs_media_harmony: remove handling of init_search_op This VFS function is about to be removed in a following commit. In the meantime, not handling it by vfs_media_harmony poses no issue because the underlying implenentation is a no-op. Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit fba8bd6cb8315cfbab8883b12eb818a0f8fddfa7 Author: Uri Simchoni <u...@samba.org> Date: Fri Nov 10 21:47:29 2017 +0200 vfs_time_audit: remove init_search_op implementation This VFS call is about to be removed in a following commit. Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 0f1dede9a90996d0a0cbbe91c2a0389b47b706b7 Author: Uri Simchoni <u...@samba.org> Date: Fri Nov 10 21:39:54 2017 +0200 vfs_glusterfs: remove init_search_op handling This VFS function is about to be removed. It can be removed by a separate commit because both the glusterfs and the default implementations are no-ops. Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit fd1aa4a6b0f58882e3ae6a53f9116d254e036cdf Author: Uri Simchoni <u...@samba.org> Date: Fri Nov 10 21:20:47 2017 +0200 VFS examples: remove init_search_ops Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 1d9e8ff87b1c0e7e495ebbfb230a3f0ac7c57285 Author: Uri Simchoni <u...@samba.org> Date: Fri Nov 10 21:38:41 2017 +0200 smbd: remove dptr_init_search_op() This function is now not being used. Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b8aa599f060ea6de7277b0af42659a09f4469165 Author: Uri Simchoni <u...@samba.org> Date: Fri Nov 10 21:35:54 2017 +0200 smbd: remove calls to dptr_init_search_op() from TRANS2 search code dptr_init_search_op() invokes VFS operations which are no-op in all in-tree VFS modules. Furthermore, it's not being called by the SMB2 search code, so probably it's not being used by any out-of-tree VFS module either. Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit f53ee1284f785e85fea33506263
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 20cfcb7 tevent: Fix a race condition via 71720e2 libcli: Fix a typo via 15597a9 s4: torture: kernel_oplocks. Create a regression test case for bug #13058. via 62a556d Revert "s3/smbd: fix deferred open with streams and kernel oplocks" from 732ba3c vfs_glusterfs: include glusterfs/api/glfs.h without relying on -I options https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 20cfcb7dbc5dd099384b76a76e3d35cf627100b6 Author: Volker Lendecke <v...@samba.org> Date: Fri Nov 10 21:22:26 2017 +0100 tevent: Fix a race condition We can't rely on tctx to exist after we unlocked the mutex. It took a while, but this does lead to data corruption. If *tctx is replaced with something where tctx->wakeup_fd points to a real, existing file descriptor, we're screwed. And by screwed, this means file corruption on disk. Again. I am not tall enough for this business. http://bholley.net/blog/2015/must-be-this-tall-to-write-multi-threaded-code.html BUG: https://bugzilla.samba.org/show_bug.cgi?id=13130 Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Nov 11 03:20:09 CET 2017 on sn-devel-144 commit 71720e2e9c414f8ae823a5c6cfa624a4d8683926 Author: Volker Lendecke <v...@samba.org> Date: Mon Oct 30 13:46:04 2017 +0100 libcli: Fix a typo Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Richard Sharpe <sha...@samba.org> commit 15597a95ecd2d1c2b7edce4942d489c95796951f Author: Jeremy Allison <j...@samba.org> Date: Fri Nov 3 12:02:17 2017 -0700 s4: torture: kernel_oplocks. Create a regression test case for bug #13058. It implements the following test case: 1. client of smbd-1 opens the file and sets the oplock. 2. client of smbd-2 tries to open the file. open() fails(EAGAIN) and open is deferred. 3. client of smbd-1 sends oplock break request to the client. 4. client of smbd-1 closes the file. 5. client of smbd-1 opens the file and sets the oplock. 6. client of smbd-2 calls defer_open_done(), sees that the file lease was not changed and does not reschedule open. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13058 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> commit 62a556d5c8ce0650e3a2095ee62bea16c8eab1d5 Author: Jeremy Allison <j...@samba.org> Date: Fri Nov 3 21:47:01 2017 + Revert "s3/smbd: fix deferred open with streams and kernel oplocks" This reverts commit b35a296a27a0807c780f2a9e7af2f2e93feefaa8. This was the cause of BUG: https://bugzilla.samba.org/show_bug.cgi?id=13058 1. client of smbd-1 opens the file and sets the oplock. 2. client of smbd-2 tries to open the file. open() fails(EAGAIN) and open is deferred. 3. client of smbd-1 sends oplock break request to the client. 4. client of smbd-1 closes the file. 5. client of smbd-1 opens the file and sets the oplock. 6. client of smbd-2 calls defer_open_done(), sees that the file lease was not changed and does not reschedule open. and is no longer needed now vfs_streams_xattr.c no longer opens the base file internally. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> --- Summary of changes: lib/tevent/tevent_threads.c | 6 ++- libcli/smb/smbXcli_base.c | 2 +- source3/smbd/open.c | 115 - source4/torture/smb2/oplock.c | 117 ++ 4 files changed, 133 insertions(+), 107 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tevent/tevent_threads.c b/lib/tevent/tevent_threads.c index 4d1a880..2e83f1b 100644 --- a/lib/tevent/tevent_threads.c +++ b/lib/tevent/tevent_threads.c @@ -451,7 +451,7 @@ void _tevent_threaded_schedule_immediate(struct tevent_threaded_context *tctx, { #ifdef HAVE_PTHREAD struct tevent_context *ev; - int ret; + int ret, wakeup_fd; ret = pthread_mutex_lock(>event_ctx_mutex); if (ret != 0) { @@ -495,6 +495,8 @@ void _tevent_threaded_schedule_immediate(struct tevent_threaded_context *tctx, abort(); } + wakeup_fd = tctx->wakeup_fd; + ret = pthread_mutex_unlock(>event_ctx_mutex); if (ret != 0) { abort(); @@ -510,7 +512,7 @@ void _tevent_threaded_schedule_immediate(struct tevent_threa
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d12ba2d manpages: add vfs_nfs4acl_xattr.8 via d147698 selftest: run raw.acls test with XDR NFS41 ACLs via e981b41 selftest: run raw.acls tests against a share with XDR NFS4 ACLs via a167155 vfs_nfs4acl_xattr: add XDR backend via 8b1b1cd vfs_nfs4acl_xattr: implement take-ownership as in vfs_acl_common via 0fdbe62 vfs_nfs4acl_xattr: add POSIX mode check and reset via b407296 vfs_nfs4acl_xattr: do xattr ops as root via 08a6ae4 selftest: test vfs_nfs4acl_xattr with NFS 4.1 ACLs via 60c8090 nfs4acls: update default NFS4 ACL version to 4.1 via 12f4263 selftest: add explicit default NFS4 acl version via 0697f79 vfs_nfs4acl_xattr: add support for NFS 4.1 ACL flags in the NDR backend via e295032 librpc/idl: add NFS 4.1 ACL flags via f5b2c66 vfs_nfs4acl_xattr: move the meat of the implementation to a seperate file via d4d7e38 vfs_nfs4acl_xattr: fsp->fh->fd can legally be -1 via 2fb6b0c vfs_nfs4acl_xattr: refactoring via 383312a vfs_nfs4acl_xattr: code polish via 7f62b16 vfs_nfs4acl_xattr: modernize ACL inheritance via 31a8fbf vfs_nfs4acl_xattr: add a runtime configuration object via 5890c74 librpc/idl: add versions consts to nfs4acl.idl via df99ac2 librpc/idl: rename NFS4 ACL xattr name via 20d3ae6 librpc/idl: rename NFS4 ACL xattr name define via afe11cb vfs_nfs4acl_xattr: move interesting functions pointers to the top via 914dfe6 vfs_nfs4acl_xattr: remove a layer of indirection via dd36606 s3/posix_acls: add default ACL style "everyone" via 33c0b0d s3/smbd: make make_default_filesystem_acl public via c373102 vfs_acl_common: directly pass default_acl_style via f3f119e selftest: split out failing owner related subtest from samba3.raw.acls.create_file|dir from 5c354e1 ctdb-tests: Add sock_daemon test for stale socket handling https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d12ba2d342c4efa26057122025f5692b075af73b Author: Ralph Boehme <s...@samba.org> Date: Mon Oct 23 18:56:37 2017 +0200 manpages: add vfs_nfs4acl_xattr.8 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Nov 8 04:27:28 CET 2017 on sn-devel-144 commit d1476988408a676176cddbe6ffb1c42a66dd756f Author: Ralph Boehme <s...@samba.org> Date: Thu Oct 19 14:24:03 2017 +0200 selftest: run raw.acls test with XDR NFS41 ACLs Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e981b41a37c78de1d7ad114921f65502a365dd66 Author: Ralph Boehme <s...@samba.org> Date: Thu Sep 7 17:29:03 2017 +0200 selftest: run raw.acls tests against a share with XDR NFS4 ACLs Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a1671558af014bd9303f62120e7fc3a9978be6fe Author: Ralph Boehme <s...@samba.org> Date: Wed Oct 18 20:48:37 2017 +0200 vfs_nfs4acl_xattr: add XDR backend Add a NFS4 ACL backend that stores the ACL blob in an XDR encoded xattr, by default in "security.nfs4acl_xdr". This backend is enabled by setting "nfs4acl_xattr:encoding = xdr" in a share definition. Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 8b1b1cd8cc561378058b915e03996ff567355d81 Author: Ralph Boehme <s...@samba.org> Date: Mon Oct 23 12:46:07 2017 +0200 vfs_nfs4acl_xattr: implement take-ownership as in vfs_acl_common This allows take-ownership to work if the user has SEC_STD_WRITE_OWNER. Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 0fdbe624fd708f372b9a1fe4176e04ebb1b040d6 Author: Ralph Boehme <s...@samba.org> Date: Wed Oct 18 20:45:05 2017 +0200 vfs_nfs4acl_xattr: add POSIX mode check and reset The vfs_nfs4acl_xattr VFS module is supposed to work the same as vfs_acl_xattr|tdb with "ignore system acls" set to true. That is, filesystem permissions should never restrict access and the actual access checks are done by smbd in userspace. To better cope with POSIX mode changes via other protocols (eg NFS) or local filesystem access, add the following tweaks: o validate ACL blob: if POSIX mode is not 0777/0666 discard the ACL blob from the xattr and synthesize a default ACL based on the POSIX mode o when setting an ACL, check and reset POSIX mode to 0777/0666 Signed-off-by: Ral
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 11da1e5 vfs_zfsacl: fix compilation error from 8be4236 gitlab-ci: add .gitlab-ci.yml https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 11da1e5c056c92fd7f51ecce0285628cac65f174 Author: Ralph Boehme <s...@samba.org> Date: Sat Oct 28 16:13:16 2017 +0200 vfs_zfsacl: fix compilation error Bug: https://bugzilla.samba.org/show_bug.cgi?id=6133 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Nov 2 03:16:11 CET 2017 on sn-devel-144 --- Summary of changes: source3/modules/vfs_zfsacl.c | 10 ++ 1 file changed, 6 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c index dd0f343..2e277c6 100644 --- a/source3/modules/vfs_zfsacl.c +++ b/source3/modules/vfs_zfsacl.c @@ -51,6 +51,7 @@ static NTSTATUS zfs_get_nt_acl_common(struct connection_struct *conn, SMB_STRUCT_STAT sbuf; const SMB_STRUCT_STAT *psbuf = NULL; int ret; + bool is_dir; if (VALID_STAT(smb_fname->st)) { psbuf = _fname->st; @@ -65,10 +66,7 @@ static NTSTATUS zfs_get_nt_acl_common(struct connection_struct *conn, } psbuf = } - - if (S_ISDIR(psbuf->st_ex_mode) && (ace->aceMask & SMB_ACE4_ADD_FILE)) { - ace->aceMask |= SMB_ACE4_DELETE_CHILD; - } + is_dir = S_ISDIR(psbuf->st_ex_mode); /* read the number of file aces */ if((naces = acl(smb_fname->base_name, ACE_GETACLCNT, 0, NULL)) == -1) { @@ -115,6 +113,10 @@ static NTSTATUS zfs_get_nt_acl_common(struct connection_struct *conn, aceprop.aceMask |= SMB_ACE4_SYNCHRONIZE; } + if (is_dir && (aceprop.aceMask & SMB_ACE4_ADD_FILE)) { + aceprop.aceMask |= SMB_ACE4_DELETE_CHILD; + } + if(aceprop.aceFlags & ACE_OWNER) { aceprop.flags = SMB_ACE4_ID_SPECIAL; aceprop.who.special_id = SMB_ACE4_WHO_OWNER; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e5251ee winbindd: Remove a misleading comment via 61176a6 printing: Avoid an "extern current_user" via e03e947 printing: Avoid an "extern current_user" via e62253a smbd: Fix the memory hierarchy in the unix token via 7e4908d lib: Use all_zero where appropriate via dea1881 smbd: Remove an indentation level in smb2_negprot via 6475293 samba: Fix CID 1420179 Code maintainability issues UNUSED_VALUE via e7a4c31 samba: Fix CID 1420180 Null pointer dereferences via e56626e s4:pyparam: Fix resource leaks on error via b012f15 s4:torture: Avoid useless strdup in libsmbclient test via 9f3151a libsmbclient: Use const for the user from 0a796f5 testprogs: Update the kpasswd setpassword test https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e5251ee188e948f37e76d4071d435496c5be27d7 Author: Volker Lendecke <v...@samba.org> Date: Fri Oct 27 14:01:41 2017 +0200 winbindd: Remove a misleading comment The reality is a bit more complex than this comment indicates. We should never suggest anywhere that we can connect to domains that we don't have a direct trust account to. For the member case, it's "our" domain, and for the DC case, it's the direct trusts. Everything else is pure luck. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Oct 28 00:31:58 CEST 2017 on sn-devel-144 commit 61176a66cc8d9daacad4470a9977ab0e4e8afa51 Author: Volker Lendecke <v...@samba.org> Date: Wed Oct 4 13:30:13 2017 +0200 printing: Avoid an "extern current_user" Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e03e947e0c4319af6521cf50b201cca6da21a0cb Author: Volker Lendecke <v...@samba.org> Date: Wed Oct 4 13:27:43 2017 +0200 printing: Avoid an "extern current_user" Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e62253a52a10be8719369325a5b1e146f8405c7c Author: Volker Lendecke <v...@samba.org> Date: Wed Oct 4 15:04:01 2017 +0200 smbd: Fix the memory hierarchy in the unix token "groups" should hang off the token itself, not its parent Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 7e4908d72b4e3bd662bdc2da18e8b5272c15c13e Author: Volker Lendecke <v...@samba.org> Date: Thu Oct 19 17:52:31 2017 +0200 lib: Use all_zero where appropriate Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit dea1881fc5e53b5d1750c16b4d7f7d0ddd971875 Author: Volker Lendecke <v...@samba.org> Date: Thu Oct 19 08:13:59 2017 +0200 smbd: Remove an indentation level in smb2_negprot Do an early return. Best viewed with "git show -b" Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 6475293bc800a343464955fe8027aa8033c5513d Author: Volker Lendecke <v...@samba.org> Date: Thu Oct 26 21:13:52 2017 +0200 samba: Fix CID 1420179 Code maintainability issues UNUSED_VALUE I don't think pid is used at all here. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e7a4c31047f55a5bd0160f5b4fb614bff9c3c421 Author: Volker Lendecke <v...@samba.org> Date: Thu Oct 26 21:08:14 2017 +0200 samba: Fix CID 1420180 Null pointer dereferences Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e56626e864492831a3dbbca2d4fb8f3281547a90 Author: Andreas Schneider <a...@samba.org> Date: Wed Oct 25 19:25:20 2017 +0200 s4:pyparam: Fix resource leaks on error BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b012f1589b3e0cb482e14ca76b5d150792d30643 Author: Andreas Schneider <a...@samba.org> Date: Wed Oct 25 19:23:02 2017 +0200 s4:torture: Avoid useless strdup in libsmbclient test BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 9f3151a4e240480f2ed66115314b2f19a06967bf Author: Andreas Schneider <a...@samba.org> Date: Wed Oct 25 19:22:34 2017 +0200 libsmbclient: Use const for
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3271908 s3:modules: Check correct variable for NULL in posixacl_xattr via 5274beb s3:passdb: Make sure the salt is fully initialized before passing via d6a418c s3:secrets: Do not leak memory of pw and old_pw from 4f45843 s3:vfs_glusterfs: Use SAFE_FREE https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 327190893f5f3352a2e6abc4872b54092ee7de68 Author: Andreas Schneider <a...@samba.org> Date: Wed Oct 25 19:55:32 2017 +0200 s3:modules: Check correct variable for NULL in posixacl_xattr BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Oct 27 04:54:22 CEST 2017 on sn-devel-144 commit 5274beba4cf722a34403dc07bf287815a6df6281 Author: Andreas Schneider <a...@samba.org> Date: Wed Oct 25 19:50:57 2017 +0200 s3:passdb: Make sure the salt is fully initialized before passing Otherwise the magic member is not initialized. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit d6a418c13f0a41851ecc0579765502e076a5cd3b Author: Andreas Schneider <a...@samba.org> Date: Wed Oct 25 19:30:28 2017 +0200 s3:secrets: Do not leak memory of pw and old_pw BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/modules/posixacl_xattr.c | 2 +- source3/passdb/machine_account_secrets.c | 18 -- 2 files changed, 17 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/posixacl_xattr.c b/source3/modules/posixacl_xattr.c index 759d372..8f6f365 100644 --- a/source3/modules/posixacl_xattr.c +++ b/source3/modules/posixacl_xattr.c @@ -384,7 +384,7 @@ SMB_ACL_T posixacl_xattr_acl_get_file(vfs_handle_struct *handle, TALLOC_CTX *frame = talloc_stackframe(); struct smb_filename *smb_fname_tmp = cp_smb_filename_nostream(frame, smb_fname); - if (smb_fname == NULL) { + if (smb_fname_tmp == NULL) { errno = ENOMEM; ret = -1; } else { diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c index 5a0f7a8..75f31cb 100644 --- a/source3/passdb/machine_account_secrets.c +++ b/source3/passdb/machine_account_secrets.c @@ -1090,8 +1090,10 @@ static int secrets_domain_info_kerberos_keys(struct secrets_domain_info1_passwor return krb5_ret; } - salt.data = discard_const(salt_data); - salt.length = strlen(salt_data); + salt = (krb5_data) { + .data = discard_const(salt_data), + .length = strlen(salt_data), + }; ok = convert_string_talloc(keys, CH_UTF16MUNGED, CH_UTF8, p->cleartext_blob.data, @@ -1367,6 +1369,8 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char *domain, DBG_ERR("secrets_fetch_domain_sid(%s) failed\n", domain); dbwrap_transaction_cancel(db); + SAFE_FREE(old_pw); + SAFE_FREE(pw); TALLOC_FREE(frame); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -1381,6 +1385,8 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char *domain, if (info->account_name == NULL) { DBG_ERR("talloc_asprintf(%s$) failed\n", info->computer_name); dbwrap_transaction_cancel(db); + SAFE_FREE(old_pw); + SAFE_FREE(pw); TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } @@ -1418,6 +1424,8 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char *domain, DBG_ERR("talloc_asprintf(%s#%02X) failed\n", domain, NBT_NAME_PDC); dbwrap_transaction_cancel(db); + SAFE_FREE(pw); + SAFE_FREE(old_pw); TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } @@ -1438,6 +1446,8 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char *domain, p = kerberos_secrets_fetch_salt_princ(); if (p == NULL) { dbwrap_tran
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 16389be s3:vfs_glusterfs: Fix a double free in vfs_gluster_getwd() from 30584a2 linked attribute tests: correct add_all_at_once test https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 16389bed0773952ca563b7bf1fecc2a737587257 Author: Andreas Schneider <a...@samba.org> Date: Wed Oct 25 19:39:34 2017 +0200 s3:vfs_glusterfs: Fix a double free in vfs_gluster_getwd() Found by cppcheck. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13100 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Oct 26 09:34:40 CEST 2017 on sn-devel-144 --- Summary of changes: source3/modules/vfs_glusterfs.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index 8d12ac6..32074cb 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -1099,8 +1099,9 @@ static struct smb_filename *vfs_gluster_getwd(struct vfs_handle_struct *handle, } ret = glfs_getcwd(handle->data, cwd, PATH_MAX - 1); - if (ret == 0) { + if (ret == NULL) { free(cwd); + return NULL; } smb_fname = synthetic_smb_fname(ctx, ret, -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 886bc64 NEWS[gsoc_summit_2017]: Google Summer of Code 2017 Mentor Summit from b259472 Add Samba 4.6.9 to the list. https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 886bc640d457cbe9dc2f87e2a0f25b0b0acb8cb5 Author: David Disseldorp <dd...@samba.org> Date: Wed Oct 25 14:14:17 2017 +0200 NEWS[gsoc_summit_2017]: Google Summer of Code 2017 Mentor Summit Signed-off-by: David Disseldorp <dd...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: .../20171025-115035.gsoc_summit_2017.body.html | 66 ++ .../20171025-115035.gsoc_summit_2017.headline.html | 3 + .../20171025-115035.gsoc_summit_2017.snip.html | 10 3 files changed, 79 insertions(+) create mode 100644 posted_news/20171025-115035.gsoc_summit_2017.body.html create mode 100644 posted_news/20171025-115035.gsoc_summit_2017.headline.html create mode 100644 posted_news/20171025-115035.gsoc_summit_2017.snip.html Changeset truncated at 500 lines: diff --git a/posted_news/20171025-115035.gsoc_summit_2017.body.html b/posted_news/20171025-115035.gsoc_summit_2017.body.html new file mode 100644 index 000..d2fb713 --- /dev/null +++ b/posted_news/20171025-115035.gsoc_summit_2017.body.html @@ -0,0 +1,66 @@ + +25 October 2017 +Google Summer of Code 2017 Mentor Summit + +I attended the GSoC 2017 Mentor Summit - + https://plus.google.com/photos/photo/104819401577700081823/642806020186354;>Photo! +It was an enjoyable event, and a good learning experience. + + + +The Google Summer of Code 2017 Mentor Summit ran from Oct 13th to the +15th, at Googles Sunnyvale campus. It was held as an "Unconference", so +most of the sessions were pretty ad-hoc. + + +On Saturday morning I ran into a couple of ex-colleagues, attending +the summit on behalf of the Performance Co-Pilot project. +We took the opportunity to start the conference with a monitoring BoF, +which focussed on some of the current upstream PCP challenges, such as +bulk archive analysis and caching (with Redis). +We had a quick look at the PCP cifs.ko monitoring agent, where I raised +concerns about it only supporting the SMB1 /proc/fs/cifs/Stats format. +My preference would be to in future move the cifs.ko stats into +per-metric files nested under per-mount/session sysfs directories, to +make the stats easier to parse programatically. + + +I attended quite a few other interesting talks, covering Computer +Vision/AI, Linux/ChromeOS (Grant Grundler), Crypto Currencies, and +fuzzing. +The libfuzzy talk, held by Kostya Serebryany, was probably the most +relevant to Samba. Kostya walked through the list of FOSS projects which +are automatically tested as part of Googles oss-fuzz program, and +described the breakdown of bugs discovered (hundreds of potential +security vulnerabilities). Most of the material can be found at +https://testing.googleblog.com/2017/05/oss-fuzz-five-months-later-and.html;>https://testing.googleblog.com/2017/05/oss-fuzz-five-months-later-and.html . +As a GSoC participant, Samba is in a position to receive GCE backed +automated fuzz testing. It should just be a matter of ensuring that +Samba can be built with LLVM/Clang, identifying target APIs, and +submitting a request via +https://github.com/google/oss-fuzz#accepting-new-projects;>https://github.com/google/oss-fuzz#accepting-new-projects . + + +I gave a quick presentation on rapid testing of cifs.ko against Samba +from source (similar to https://youtu.be/XTEGe0lG3yc;>https://youtu.be/XTEGe0lG3yc). +Not many attendees, but still got some good questions at the end. + + +In the hallway track, I spoke with Ton Roosendaal about a few issues that +hed been seeing regarding macOS SMB clients against Samba. +A few questions came in about cross-share server-side copy, which I was +gladly able to answer. +On Sunday, we had a get together for +https://sfconservancy.org/;>Software Freedom Conservency +member projects. After introductions, we discussed upcoming events, and fund +raising challenges; the SFC are ramping up for an end of year fund raising +drive. + + +[I would like to thank https://opensource.google.com/;>Google for +paying for my travel to the event.] + + +Cheers, David Disseldorp + + diff --git a/posted_news/20171025-115035.gsoc_summit_2017.headline.html b/posted_news/20171025-115035.gsoc_summit_2017.headline.html new file mode 100644 index 000..4e5ace5 --- /dev/null +++ b/posted_news/20171025-115035.gsoc_summit_2017.headline.html @@ -0,0 +1,3 @@ + + 25 October 2017 Google Summer of Code 2017 Mentor Summit + diff --git a/posted_news/20171025-115035.gsoc_summit_2017.snip.html b/posted_news/20171025-115035.gsoc_summit_2017.snip.html new file mode 100644 index 000..0c593ac -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7abe56c s3: smbclient: Test we can rename with a name containing. via f81c34c s3: smbclient: Ensure we call client_clean_name() before all operations on remote pathnames. via d4d9d19 s3: client: Add new utility function client_clean_name(). from 65442e1 ctdb-client: Fix CID 1419820 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7abe56ccfa4aba75c5e166a7bd0bb8141c3f258b Author: Jeremy Allison <j...@samba.org> Date: Mon Oct 23 15:40:04 2017 -0700 s3: smbclient: Test we can rename with a name containing. Samba always allowed this anyway, but it's a good place to ensure we don't regress. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13093 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Oct 24 23:32:58 CEST 2017 on sn-devel-144 commit f81c34c296f87127c6d1e4dd6ea74aa75660885d Author: Jeremy Allison <j...@samba.org> Date: Fri Oct 20 15:09:38 2017 -0700 s3: smbclient: Ensure we call client_clean_name() before all operations on remote pathnames. This allows names containing .. components to be resolved on the client side before being sent to the server. Relative names work in SMB1 but not in SMB2. Fix both client.c and clitar.c BUG: https://bugzilla.samba.org/show_bug.cgi?id=13093 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit d4d9d1941bdac9993968c34cf928c645e4152fd3 Author: Jeremy Allison <j...@samba.org> Date: Sat Oct 21 00:08:08 2017 + s3: client: Add new utility function client_clean_name(). Correctly canonicalizes a remote pathname removing '..' elements before sending to a remote server. '..' elements work in SMB1 pathnames, but not in SMB2. Not yet used. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13093 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> --- Summary of changes: source3/client/client.c | 235 +- source3/client/client_proto.h | 1 + source3/client/clitar.c | 31 source3/script/tests/test_smbclient_s3.sh | 49 +++ 4 files changed, 308 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/client.c b/source3/client/client.c index df16496..8f449e8 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -346,6 +346,37 @@ static void normalize_name(char *newdir) } / + Local name cleanup before sending to server. SMB1 allows relative pathnames, + but SMB2 does not, so we need to resolve them locally. +/ + +char *client_clean_name(TALLOC_CTX *ctx, const char *name) +{ + char *newname = NULL; + if (name == NULL) { + return NULL; + } + + /* First ensure any path separators are correct. */ + newname = talloc_strdup(ctx, name); + if (newname == NULL) { + return NULL; + } + normalize_name(newname); + + /* Now remove any relative (..) path components. */ + if (cli->requested_posix_capabilities & CIFS_UNIX_POSIX_PATHNAMES_CAP) { + newname = unix_clean_name(ctx, newname); + } else { + newname = clean_name(ctx, newname); + } + if (newname == NULL) { + return NULL; + } + return newname; +} + +/ Change directory - inner section. / @@ -399,7 +430,7 @@ static int do_cd(const char *new_dir) } client_set_cur_dir(new_cd); - new_cd = clean_name(ctx, new_cd); + new_cd = client_clean_name(ctx, new_cd); client_set_cur_dir(new_cd); status = cli_resolve_path(ctx, "", popt_get_cmdline_auth_info(), @@ -443,7 +474,7 @@ static int do_cd(const char *new_dir) client_set_cur_dir(saved_dir); goto out; } - targetpath = clean_name(ctx, targetpath); + targetpath = client_clean_name(ctx, targetpath); if (!targetpath) { client_set_cur_dir(saved_dir); goto out; @@ -953,6 +984,11 @@ static int cmd_dir(void) return 1;
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 629fc066 lib: Remove fncall.c via 4b84d7c lib: Remove unused getaddinfo_send/recv via 05bc26c torture: Remove GETADDRINFO test via a15f58a smbd: Simplify cleanupdb a bit via 37725f0 smbd: cleanupdb.c is used in smbd only via 1249801 vfs_glusterfs: Fix exporting subdirs with shadow_copy2 from da8af83 selftest: Print link meta-data when developer debugging is used https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 629fc066860fead544e51bd6fa056c08b3343f9d Author: Volker Lendecke <v...@samba.org> Date: Wed Oct 18 17:15:53 2017 +0200 lib: Remove fncall.c This was meant as a nice wrapper around pthreadpool_add_job. pthreadpool_tevent_job_send does the same thing. The getaddrinfo_send/recv was the only example and can easily be re-added on top of pthreadpool_tevent_job_send. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Oct 21 00:04:59 CEST 2017 on sn-devel-144 commit 4b84d7cb54838a790915f214e3d39b5ce4a3197b Author: Volker Lendecke <v...@samba.org> Date: Wed Oct 18 17:13:04 2017 +0200 lib: Remove unused getaddinfo_send/recv Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 05bc26cbc96bed22e6cfc0cc98e8889c7195caab Author: Volker Lendecke <v...@samba.org> Date: Wed Oct 18 17:11:21 2017 +0200 torture: Remove GETADDRINFO test This was the only user of getaddrinfo_send and not run anyway Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a15f58a628549c389112e1e873e128d119db04d8 Author: Volker Lendecke <v...@samba.org> Date: Wed Oct 18 16:56:49 2017 +0200 smbd: Simplify cleanupdb a bit Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 37725f0bf81448bc7f981a67402c8b4bebb10861 Author: Volker Lendecke <v...@samba.org> Date: Wed Oct 18 17:02:56 2017 +0200 smbd: cleanupdb.c is used in smbd only Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 1249801ec73c55449068dd72efde81ce6235ec8e Author: Michael Adam <ob...@samba.org> Date: Fri Oct 20 14:55:10 2017 +0200 vfs_glusterfs: Fix exporting subdirs with shadow_copy2 Since the glusterfs vfs module does not operate on a locally mounted path, but on a "virtual" path starting at the volume root, some assumptions of the code about the vfs connect path fail. One example is the shadow_copy2 module which tries to detect the mount point from the connectpath. In order to circumvent this problem, this patch forces the "shadow:mountpoint" option to "/", which skips the mount-point-detection code. This patch will only have an effect if both the glusterfs and the shadow_copy2 module are listed in vfs objects in the right order, i.e. first shadow_copy2, and then glusterfs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13091 Pair-Programmed-With: Anoop C S <anoo...@redhat.com> Signed-off-by: Michael Adam <ob...@samba.org> Signed-off-by: Anoop C S <anoo...@redhat.com> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: selftest/skip | 1 - source3/include/proto.h | 17 -- source3/include/smb.h | 1 - source3/lib/cleanupdb.c | 35 ++--- source3/lib/fncall.c| 332 source3/lib/util_sock.c | 82 -- source3/modules/vfs_glusterfs.c | 10 ++ source3/selftest/tests.py | 2 +- source3/torture/torture.c | 54 --- source3/wscript_build | 3 +- 10 files changed, 26 insertions(+), 511 deletions(-) delete mode 100644 source3/lib/fncall.c Changeset truncated at 500 lines: diff --git a/selftest/skip b/selftest/skip index c2c4553..dd60ab5 100644 --- a/selftest/skip +++ b/selftest/skip @@ -145,4 +145,3 @@ bench # don't run benchmarks in our selftest ^samba4.blackbox.ktpass # this test isn't portable ... ^samba4.rpc.unixinfo # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use ^samba.tests.dcerpc.unix # This contains a server-side getpwuid call which hangs the server when nss_winbindd is in use -GETADDRINFO # socket wrapper doesn't support threads diff --git a/source3/include/proto.h b/source3/include/proto.h inde
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1d1e1da s3:tests: Fix the smblcient utimes test in Europe via 5bfe93b s4:smbd: Add missing unistd.h include to fix build of process_prefork from 42e7671 nwrap: Fix strotoul checks for NSS_WRAPPER_MAX_HOSTENTS https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1d1e1da263313ce572a1601d9b630188ba643bb4 Author: Andreas Schneider <a...@samba.org> Date: Thu Oct 19 18:03:27 2017 +0200 s3:tests: Fix the smblcient utimes test in Europe Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Oct 20 03:37:31 CEST 2017 on sn-devel-144 commit 5bfe93b4eba48e290b25bd30175d7a36a6a421c5 Author: Andreas Schneider <a...@samba.org> Date: Thu Oct 19 17:27:23 2017 +0200 s4:smbd: Add missing unistd.h include to fix build of process_prefork error: implicit declaration of function ‘getpgrp’; did you mean ‘getpt’? [-Werror=implicit-function-declaration] Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/script/tests/test_smbclient_s3.sh | 18 +++--- source4/smbd/process_prefork.c| 2 ++ 2 files changed, 13 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/script/tests/test_smbclient_s3.sh b/source3/script/tests/test_smbclient_s3.sh index e402a2c..191f394 100755 --- a/source3/script/tests/test_smbclient_s3.sh +++ b/source3/script/tests/test_smbclient_s3.sh @@ -1442,11 +1442,11 @@ EOF # Now, we should have 2 identical create_time, write_time, change_time # values, but one access_time of Jan 1 05:10:20 AM. -out=`echo "$out" | sort | uniq` -num_create=`echo "$out" | grep 'create_time:' | wc -l` -num_access=`echo "$out" | grep 'access_time:' | wc -l` -num_write=`echo "$out" | grep 'write_time:' | wc -l` -num_change=`echo "$out" | grep 'change_time:' | wc -l` +out_sorted=`echo "$out" | sort | uniq` +num_create=`echo "$out_sorted" | grep -c 'create_time:'` +num_access=`echo "$out_sorted" | grep -c 'access_time:'` +num_write=`echo "$out_sorted" | grep -c 'write_time:'` +num_change=`echo "$out_sorted" | grep -c 'change_time:'` if [ "$num_create" != "1" ]; then echo "failed - should only get one create_time $out" false @@ -1467,11 +1467,15 @@ EOF false return fi -echo "$out" | grep 'access_time:.*Sun Jan.*1 05:10:20 AM 2017' + +# This could be: Sun Jan 1 05:10:20 AM 2017 +# or : Sun Jan 1 05:10:20 2017 CET +echo "$out" | grep 'access_time:.*Sun Jan.*1 05:10:20 .*2017.*' ret=$? if [ $ret -ne 0 ] ; then echo "$out" - echo "failed - should get access_time:Sun Jan 1 05:10:20 AM 2017" + echo + echo "failed - should get access_time:Sun Jan 1 05:10:20 [AM] 2017" false return fi diff --git a/source4/smbd/process_prefork.c b/source4/smbd/process_prefork.c index f2033e9..8e4d624 100644 --- a/source4/smbd/process_prefork.c +++ b/source4/smbd/process_prefork.c @@ -24,6 +24,8 @@ */ #include "includes.h" +#include + #include "lib/events/events.h" #include "lib/messaging/messaging.h" #include "lib/socket/socket.h" -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f7cdd39 rpc_client: Fix wording in a DEBUG statement via 267cd25 Removed unused 'oplock contention limit' config parameter via 44bcb08 s3: tests: Add smbclient test for utimes command. via 0030ce9 s3:Add a utimes command to smbclient so we can set the Windows times. from 962a1b3 dbcheck: Allow removal of one-way links to missing objects https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f7cdd396abfc4a5ff3c99e03398f28aa7342af69 Author: Volker Lendecke <v...@samba.org> Date: Wed Oct 18 13:26:07 2017 +0200 rpc_client: Fix wording in a DEBUG statement Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Oct 19 04:57:44 CEST 2017 on sn-devel-144 commit 267cd25290c2a378a81c8733c8559c4f210dc07e Author: Christof Schmitt <c...@samba.org> Date: Tue Oct 17 14:49:17 2017 -0700 Removed unused 'oplock contention limit' config parameter Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 44bcb08f83ead449851d8aeb92329cdb00cc2db4 Author: Jeremy Allison <j...@samba.org> Date: Wed Oct 18 13:54:22 2017 -0700 s3: tests: Add smbclient test for utimes command. Signed-off-by: Jeremy Allison <j...@samba.org> commit 0030ce900afcb6a4297c4a4dcf95bce51930d235 Author: Richard Sharpe <realrichardsha...@gmail.com> Date: Mon Oct 16 13:51:51 2017 -0700 s3:Add a utimes command to smbclient so we can set the Windows times. Add an update to the smbclient man page. Signed-off-by: Richard Sharpe <realrichardsha...@gmail.com> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: WHATSNEW.txt | 1 + docs-xml/manpages/smbclient.1.xml | 8 ++ .../smbdotconf/locking/oplockcontentionlimit.xml | 26 - examples/scripts/shares/python/smbparm.py | 1 - lib/param/loadparm.c | 2 - source3/client/client.c| 122 + source3/param/loadparm.c | 1 - source3/rpc_client/cli_netlogon.c | 2 +- source3/script/tests/test_smbclient_s3.sh | 67 +++ 9 files changed, 199 insertions(+), 31 deletions(-) delete mode 100644 docs-xml/smbdotconf/locking/oplockcontentionlimit.xml Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 2f2f2f6..cc03f20 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -40,6 +40,7 @@ smb.conf changes Parameter Name Description Default -- --- --- + oplock contention limitRemoved NT4-style replication based net commands removed diff --git a/docs-xml/manpages/smbclient.1.xml b/docs-xml/manpages/smbclient.1.xml index 432f60d..0325982 100644 --- a/docs-xml/manpages/smbclient.1.xml +++ b/docs-xml/manpages/smbclient.1.xml @@ -1175,6 +1175,14 @@ + + utimes filename create time access time write time + change time + Changes the timestamps on a file by name. + Times should be specified in the format YY:MM:DD-HH:MM:SS or -1 for no change. + + + diff --git a/docs-xml/smbdotconf/locking/oplockcontentionlimit.xml b/docs-xml/smbdotconf/locking/oplockcontentionlimit.xml deleted file mode 100644 index edaa7d7..000 --- a/docs-xml/smbdotconf/locking/oplockcontentionlimit.xml +++ /dev/null @@ -1,26 +0,0 @@ -http://www.samba.org/samba/DTD/samba-doc;> - - - This is a very advanced smbd - 8 tuning option to improve the efficiency of the - granting of oplocks under multiple client contention for the same file. - - - - In brief it specifies a number, which causes smbd - 8not to grant an oplock even when requested if the - approximate number of clients contending for an oplock on the same file goes over this - limit. This causes smbd to behave in a similar - way to Windows NT. - - - - DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND UNDERSTOOD THE SAMBA OPLOCK CODE. - - - -2 - diff --git a/examples/scripts/shares/python/smbparm.py b/examples/scripts/shares/python/smbparm.py index f182f57..e0786a4 100644 --- a/examples/scripts/shares/python/smbparm.py +++ b/examples/scripts/shares/py
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 962a1b3 dbcheck: Allow removal of one-way links to missing objects from 09104dc unittests: Fix missing include of signal.h https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 962a1b32201fce0a49c6be55943d4fbb57ed781e Author: Andrew Bartlett <abart...@samba.org> Date: Tue Oct 17 23:01:51 2017 +1300 dbcheck: Allow removal of one-way links to missing objects If dbcheck is not run within the tombstone lifetime, these links can persist in the database forever. The risk of unintentional information loss is why these links are only removed within the same partition. A replication may be in progress which has created only one end of the link, so we must keep that. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Rowland Penny <rpe...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Oct 19 00:50:19 CEST 2017 on sn-devel-144 --- Summary of changes: python/samba/dbchecker.py | 22 -- 1 file changed, 20 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py index 1a73fe0..82088a0 100644 --- a/python/samba/dbchecker.py +++ b/python/samba/dbchecker.py @@ -523,8 +523,26 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base))) # check if its a backlink linkID, _ = self.get_attr_linkID_and_reverse_name(attrname) if (linkID & 1 == 0) and str(dsdb_dn).find('\\0ADEL') == -1: -self.report("Not removing dangling forward link") -return + +linkID, reverse_link_name \ += self.get_attr_linkID_and_reverse_name(attrname) +if reverse_link_name is not None: +self.report("Not removing dangling forward link") +return + +nc_root = self.samdb.get_nc_root(dn) +target_nc_root = self.samdb.get_nc_root(dsdb_dn.dn) +if nc_root != target_nc_root: +self.report("Not removing dangling one-way " +"cross-partition link " +"(we might be mid-replication)") +return + +# Due to our link handling one-way links pointing to +# missing objects are plausible. +self.err_deleted_dn(dn, attrname, val, +dsdb_dn, dsdb_dn, True) + self.err_deleted_dn(dn, attrname, val, dsdb_dn, dsdb_dn, False) def err_missing_dn_GUID_component(self, dn, attrname, val, dsdb_dn, errstr): -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 156015a selftest: add some debugging to test_give_owner.sh via 36cbb4a Updated error message text and reduced its debug level from 2717263 s4:heimdal_build: there's no need to define HAVE_KRB5_ADDRESSES twice https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 156015aed0b5a72b2f7150beb5cdaffa32b554e5 Author: Ralph Boehme <s...@samba.org> Date: Thu Oct 12 17:07:15 2017 +0200 selftest: add some debugging to test_give_owner.sh Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Oct 13 01:22:05 CEST 2017 on sn-devel-144 commit 36cbb4ad49177d346ee5fe19a541dc71b4a73fdb Author: Marc Muehlfeld <mmuehlf...@samba.org> Date: Wed Oct 11 09:49:45 2017 +0200 Updated error message text and reduced its debug level Previously, "net rpc share add|remove" commands failed if no "add|delete share command" parameter was set in smb.conf. However, the error was only logged at level 10 and not very clear. This patch updates the error message text and sets the log level of this error to 1 to make it more obvious what is missing. Signed-off-by: Marc Muehlfeld <mmuehlf...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 4 ++-- source3/script/tests/test_give_owner.sh | 24 ++-- 2 files changed, 24 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c index f3173ae..2a8cf8d 100644 --- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c +++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c @@ -1984,7 +1984,7 @@ WERROR _srvsvc_NetShareAdd(struct pipes_struct *p, return WERR_ACCESS_DENIED; if (!lp_add_share_command(talloc_tos()) || !*lp_add_share_command(talloc_tos())) { - DEBUG(10,("_srvsvc_NetShareAdd: No add share command\n")); + DBG_WARNING("_srvsvc_NetShareAdd: No \"add share command\" parameter set in smb.conf.\n"); return WERR_ACCESS_DENIED; } @@ -2196,7 +2196,7 @@ WERROR _srvsvc_NetShareDel(struct pipes_struct *p, return WERR_ACCESS_DENIED; if (!lp_delete_share_command(talloc_tos()) || !*lp_delete_share_command(talloc_tos())) { - DEBUG(10,("_srvsvc_NetShareDel: No delete share command\n")); + DBG_WARNING("_srvsvc_NetShareDel: No \"delete share command\" parameter set in smb.conf.\n"); return WERR_ACCESS_DENIED; } diff --git a/source3/script/tests/test_give_owner.sh b/source3/script/tests/test_give_owner.sh index 64e09f3..c8f437e 100755 --- a/source3/script/tests/test_give_owner.sh +++ b/source3/script/tests/test_give_owner.sh @@ -76,14 +76,34 @@ add_ace() { # avoid duplicate out=$($SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD) +if [ $? -ne 0 ] ; then + echo "get acl failed" + echo "$out" + return 1 +fi +echo "Original ACL" +echo $out echo "$out" | grep "$local_ace" && return 0 # add it -$SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD -a "$ace" || return 1 +$SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD -a "$ace" +if [ $? -ne 0 ] ; then + echo "add acl failed" + return 1 +fi # check it's there -out=$($SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD) || return 1 +out=$($SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD) +if [ $? -ne 0 ] ; then + echo "get new acl failed" + echo "$out" + return 1 +fi +echo "New ACL" +echo $out +echo "Checking if new ACL has \"$local_ace\"" echo "$out" | grep "$local_ace" || return 1 +echo "ok" } chown_give_fails() { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 015bdbd s3: spoolss: Extend publish_toggle test to check returned GUID string format from 490c35d winbindd: idmap_rid: error code for failing id-to-sid mapping request https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 015bdbd10b43df0e792032248b50edf9157a0f3e Author: Samuel Cabrero <scabr...@suse.de> Date: Thu Oct 5 19:22:29 2017 +0200 s3: spoolss: Extend publish_toggle test to check returned GUID string format Extend the rpc.spoolss.printer.addprinter.publish_toggle test to check the format of the returned GUID string in GetPrinter info level 7 structure. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12993 Signed-off-by: Samuel Cabrero <scabr...@suse.de> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: David Disseldorp <dd...@suse.de> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Oct 11 06:39:00 CEST 2017 on sn-devel-144 --- Summary of changes: source4/torture/rpc/spoolss.c | 12 1 file changed, 12 insertions(+) Changeset truncated at 500 lines: diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index d4f6969..31b9525 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -9218,14 +9218,26 @@ static bool test_printer_set_publish(struct torture_context *tctx, "info7 publish flag not set"); } else { struct GUID guid; + char *ref_guid; torture_assert_int_equal(tctx, info.info7.action, DSPRINT_PUBLISH, "info7 publish flag not set"); + + /* GUID_from_string is able to parse both plain and +* curly-braced guids */ torture_assert_ntstatus_ok(tctx, GUID_from_string(info.info7.guid, ), "invalid published printer GUID"); + + /* Build reference GUID string */ + ref_guid = GUID_string2(tctx, ); + torture_assert_not_null(tctx, ref_guid, "ENOMEM"); + ref_guid = talloc_strdup_upper(tctx, ref_guid); + torture_assert_not_null(tctx, ref_guid, "ENOMEM"); + torture_assert_str_equal(tctx, info.info7.guid, ref_guid, + "invalid GUID format"); } return true; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 76a1c5a wbinfo: return "NOT MAPPED" instead of "S-0-0" for unmapped id-to-sid via 0666093 vfs_fake_acls: deny give-ownership via 7e7afef vfs_acl_common: fix take ownership vs give ownership via e62f90a vfs_acl_common: factor out a variable declaration via cc555be s3/smbd/posix_acls: return correct status in try_chown via 4b2e171 selftest: tests for change ownership on a file via ff199d8 selftest: fix samba3.blackbox.inherit_owner.default test script test_inherit_owner.sh via 3aff631 selftest: fix acl_xattr test script test_acl_xattr.sh via ea0ea82 selftest: fix acl_xattr test: sn-devel unreliable gid via 1fabe25 selftest: fix acl_xattr test: grep ouput before munging via 71a2d06 selftest: fix acl_xattr test: group, not user via 0f8de2d selftest: fix acl_xattr test: changing owner via 272f1c9 s3: smbd: Currently if getwd() fails after a chdir(), we panic. from a826394 smbcacls: no need to fetch the sd when changing ownership https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 76a1c5a1625f3593de0feac47741a3405b4c9275 Author: Ralph Boehme <s...@samba.org> Date: Mon Oct 9 13:25:21 2017 +0200 wbinfo: return "NOT MAPPED" instead of "S-0-0" for unmapped id-to-sid Currently wbinfo --unix-ids-to-sids prints "S-0-0" for failed mappings. Let it print "NOT MAPPED" instead. Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Oct 10 02:57:40 CEST 2017 on sn-devel-144 commit 0666093cb0d820cc27a265c1f0a87bc76cd3c167 Author: Ralph Boehme <s...@samba.org> Date: Fri Oct 6 15:25:54 2017 +0200 vfs_fake_acls: deny give-ownership Windows doesn't allow giving ownership away unless the user has SEC_PRIV_RESTORE privilege. This follows from MS-FSA 2.1.5.1, so it's a property of the filesystem layer, not the SMB layer. By implementing this restriction here, we can now have test for this restriction. Other filesystems may want to deliberately allow this behaviour -- although I'm not aware of any that does -- therefor I'm putting in this restriction in the implementation of the chmod VFS function and not into the caller. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 7e7afef819b4a858e6de48389c6f4fa7510cf5c6 Author: Ralph Boehme <s...@samba.org> Date: Wed Oct 4 22:27:24 2017 +0200 vfs_acl_common: fix take ownership vs give ownership Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e62f90a6d15626a2e20ba92f5cd552101ec4afe0 Author: Ralph Boehme <s...@samba.org> Date: Wed Oct 4 12:51:29 2017 +0200 vfs_acl_common: factor out a variable declaration Just some refactoring, no change in behaviour. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit cc555be4d01c4140445bd30e16be3fe8343d3872 Author: Ralph Boehme <s...@samba.org> Date: Wed Oct 4 15:45:54 2017 +0200 s3/smbd/posix_acls: return correct status in try_chown Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 4b2e171e6b90f9c3594ebb705a28c66b981c2bf5 Author: Ralph Boehme <s...@samba.org> Date: Fri Oct 6 15:31:20 2017 +0200 selftest: tests for change ownership on a file This test verifies that SEC_STD_WRITE_OWNER only effectively grants take-ownership permissions but NOT give-ownership. The latter requires SeRestorePrivilege privilege. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ff199d8e3ea7bd1ed12de8c39340ba640a2b83ca Author: Ralph Boehme <s...@samba.org> Date: Sat Oct 7 09:11:56 2017 +0200 selftest: fix samba3.blackbox.inherit_owner.default test script test_inherit_owner.sh Grant the test-user SeRestorePrivilege, this is needed for give-ownership operations. And then granting SeRestorePrivilege requires `net`, so add that as an additional argument to the script. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme <
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a826394 smbcacls: no need to fetch the sd when changing ownership from fc03049 s3: spoolss: Fix GUID string format on GetPrinter info https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a826394a2f556fe9bc50e430e86f01443e58ee2f Author: Ralph Boehme <s...@samba.org> Date: Fri Oct 6 08:01:46 2017 +0200 smbcacls: no need to fetch the sd when changing ownership Reading the SD may be denied but changing ownership could be allowed. As we don't really need the server SD for the change ownership request, don't fetch it. Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Oct 7 00:04:54 CEST 2017 on sn-devel-144 --- Summary of changes: source3/utils/smbcacls.c | 16 ++-- 1 file changed, 6 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index c42a188..0a5eeb3 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -397,21 +397,17 @@ static int owner_set(struct cli_state *cli, enum chown_mode change_mode, const char *filename, const char *new_username) { struct dom_sid sid; - struct security_descriptor *sd, *old; + struct security_descriptor *sd; size_t sd_size; if (!StringToSid(cli, , new_username)) return EXIT_PARSE_ERROR; - old = get_secdesc(cli, filename); - - if (!old) { - return EXIT_FAILED; - } - - sd = make_sec_desc(talloc_tos(),old->revision, SEC_DESC_SELF_RELATIVE, - (change_mode == REQUEST_CHOWN) ? : NULL, - (change_mode == REQUEST_CHGRP) ? : NULL, + sd = make_sec_desc(talloc_tos(), + SECURITY_DESCRIPTOR_REVISION_1, + SEC_DESC_SELF_RELATIVE, + (change_mode == REQUEST_CHOWN) ? : NULL, + (change_mode == REQUEST_CHGRP) ? : NULL, NULL, NULL, _size); if (!set_secdesc(cli, filename, sd)) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fc03049 s3: spoolss: Fix GUID string format on GetPrinter info from e1a8c9b ctdb-common: Make parse_ip() and parse_ipv4() static https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fc03049ca1721c25c6ad3d01cba2501af3f39b93 Author: Samuel Cabrero <scabr...@suse.de> Date: Thu Sep 21 09:53:35 2017 +0200 s3: spoolss: Fix GUID string format on GetPrinter info Fix regression introduced by commit a4157e7c5d75 which removed the braces around the printer GUID in the printer info level 7 structure. MS-RPRN section 2.2 says this protocol uses curly-braced GUIDs so printers are deleted from the directory by the domain controller's pruning service. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12993 Signed-off-by: Samuel Cabrero <scabr...@suse.de> Reviewed-by: David Disseldorp <dd...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Oct 6 05:21:25 CEST 2017 on sn-devel-144 --- Summary of changes: source3/rpc_server/spoolss/srv_spoolss_nt.c | 16 +--- 1 file changed, 13 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c index 663c623..1476dc6 100644 --- a/source3/rpc_server/spoolss/srv_spoolss_nt.c +++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c @@ -4241,7 +4241,7 @@ static WERROR construct_printer_info7(TALLOC_CTX *mem_ctx, if (is_printer_published(tmp_ctx, session_info, msg_ctx, servername, printer, )) { struct GUID guid; - struct GUID_txt_buf guid_txt; + char *guidstr; werr = nt_printer_guid_get(tmp_ctx, session_info, msg_ctx, printer, ); if (!W_ERROR_IS_OK(werr)) { @@ -4288,9 +4288,19 @@ static WERROR construct_printer_info7(TALLOC_CTX *mem_ctx, printer)); } } - r->guid = talloc_strdup_upper(mem_ctx, -GUID_buf_string(, _txt)); + + /* [MS-RPRN] section 2.2: must use curly-braced GUIDs */ + guidstr = GUID_string2(mem_ctx, ); + if (guidstr == NULL) { + werr = WERR_NOT_ENOUGH_MEMORY; + goto out_tmp_free; + } + /* Convert GUID string to uppercase otherwise printers +* are pruned */ + r->guid = talloc_strdup_upper(mem_ctx, guidstr); r->action = DSPRINT_PUBLISH; + + TALLOC_FREE(guidstr); } else { r->guid = talloc_strdup(mem_ctx, ""); r->action = DSPRINT_UNPUBLISH; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3794fa0 Changes in samba vxfs plugin. from 0e9fcc3 vfs_snapper man page: Fixed typo https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3794fa0a9833665492952680a2ffac6653eed5e0 Author: Pooja Mahadik <pooja.maha...@veritas.com> Date: Sun Aug 27 17:24:32 2017 +0530 Changes in samba vxfs plugin. Implemented two VFS operations(set/fset dos attribute) for vxfs plugin. Trapping set/clear of read-only attribute. Signed-off-by: Pooja Mahadik <pooja.maha...@veritas.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Sep 30 06:42:10 CEST 2017 on sn-devel-144 --- Summary of changes: source3/modules/lib_vxfs.c | 113 + source3/modules/vfs_vxfs.c | 89 +++ source3/modules/vfs_vxfs.h | 9 3 files changed, 211 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/modules/lib_vxfs.c b/source3/modules/lib_vxfs.c index 0d5ea60..f9394d6 100644 --- a/source3/modules/lib_vxfs.c +++ b/source3/modules/lib_vxfs.c @@ -22,6 +22,7 @@ #include "smbd/smbd.h" #include "system/filesys.h" #include "string.h" +#include "vfs_vxfs.h" /* * Available under GPL at @@ -36,6 +37,9 @@ static int (*vxfs_getxattr_fd_func) (int fd, const char *name, void *value, size_t *len); static int (*vxfs_removexattr_fd_func) (int fd, const char *name); static int (*vxfs_listxattr_fd_func) (int fd, void *value, size_t *len); +static int (*vxfs_setwxattr_fd_func) (int fd); +static int (*vxfs_clearwxattr_fd_func) (int fd); +static int (*vxfs_checkwxattr_fd_func) (int fd); int vxfs_setxattr_fd(int fd, const char *name, const void *value, size_t len, int flags) @@ -202,6 +206,109 @@ int vxfs_listxattr_path(const char *path, char *list, size_t size) return ret; } +int vxfs_setwxattr_fd(int fd) +{ + int ret = 0; + + if (vxfs_setwxattr_fd_func == NULL) { + errno = ENOSYS; + return -1; + } + ret = vxfs_setwxattr_fd_func(fd); + DBG_DEBUG("ret = %d\n", ret); + if (ret != 0) { + errno = ret; + ret = -1; + } + + return ret; +} + +int vxfs_setwxattr_path(const char *path) +{ + int ret, fd = -1; + + fd = open(path, O_WRONLY); + if (fd == -1) { + DBG_DEBUG("file %s not opened, errno:%s\n", + path, strerror(errno)); + return -1; + } + + ret = vxfs_setwxattr_fd(fd); + DBG_DEBUG("ret = %d\n", ret); + close(fd); + + return ret; +} + +int vxfs_clearwxattr_fd(int fd) +{ + int ret; + if (vxfs_clearwxattr_fd_func == NULL) { + errno = ENOSYS; + return -1; + } + ret = vxfs_clearwxattr_fd_func(fd); + DBG_DEBUG("ret = %d\n", ret); + if (ret != 0) { + errno = ret; + ret = -1; + } + + return ret; +} + +int vxfs_clearwxattr_path(const char *path) +{ + int ret, fd = -1; + + fd = open(path, O_WRONLY); + if (fd == -1) { + DBG_DEBUG("file %s not opened, errno:%s\n", + path, strerror(errno)); + return -1; + } + ret = vxfs_clearwxattr_fd(fd); + DBG_DEBUG("ret = %d\n", ret); + close(fd); + + return ret; +} + +int vxfs_checkwxattr_fd(int fd) +{ + int ret; + + if (vxfs_checkwxattr_fd_func == NULL) { + errno = ENOSYS; + return -1; + } + ret = vxfs_checkwxattr_fd_func(fd); + DBG_DEBUG("ret = %d\n", ret); + if (ret != 0) { + errno = ret; + ret = -1; + } + return ret; +} + +int vxfs_checkwxattr_path(const char *path) +{ + int ret, fd = -1; + + fd = open(path, O_WRONLY); + if (fd == -1) { + DBG_DEBUG("file %s not opened, errno:%s\n", + path, strerror(errno)); + return -1; + } + ret = vxfs_checkwxattr_fd(fd); + close(fd); + + return ret; +} + static bool load_lib_vxfs_function(void *lib_handle, void *fn_ptr, const char *fnc_name) { @@ -240,5 +347,11 @@ void vxfs_init() "vxfs_nxattr_remove"); load_lib_vxfs_function(_handle, _listxattr_fd_func, "vxfs_nxattr_list");
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3a360f5 selftest: Also run smbtorture smb2.compound with aio enabled via 508aebf torture: Add testcase for compound CREATE-WRITE-CLOSE request via a2b081e smbd/aio: Do not go async for SMB2 compound requests via cfa2c30 smbd: Move check for SMB2 compound request to new function from 835f506 s3: Fix a small spelling mistake in smbcacls. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3a360f552d6641952931d3aa8a9ce85a648de3e1 Author: Christof Schmitt <c...@samba.org> Date: Wed Sep 20 16:13:38 2017 -0700 selftest: Also run smbtorture smb2.compound with aio enabled BUG: https://bugzilla.samba.org/show_bug.cgi?id=13047 Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Sep 22 09:49:30 CEST 2017 on sn-devel-144 commit 508aebf40abe83b6319700260c405ada0566a46b Author: Christof Schmitt <c...@samba.org> Date: Wed Sep 20 16:07:50 2017 -0700 torture: Add testcase for compound CREATE-WRITE-CLOSE request BUG: https://bugzilla.samba.org/show_bug.cgi?id=13047 Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a2b081e159403e10295a1bc089b48e816ce698b9 Author: Christof Schmitt <c...@samba.org> Date: Thu Sep 21 12:08:01 2017 -0700 smbd/aio: Do not go async for SMB2 compound requests BUG: https://bugzilla.samba.org/show_bug.cgi?id=13047 Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit cfa2c3083080016a1288474b8879039db4dbf6b1 Author: Christof Schmitt <c...@samba.org> Date: Thu Sep 21 17:41:25 2017 -0700 smbd: Move check for SMB2 compound request to new function BUG: https://bugzilla.samba.org/show_bug.cgi?id=13047 Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: selftest/knownfail | 1 + source3/selftest/tests.py | 4 +++ source3/smbd/aio.c | 8 + source3/smbd/globals.h | 1 + source3/smbd/smb2_read.c| 2 +- source3/smbd/smb2_server.c | 5 +++ source4/torture/smb2/compound.c | 73 + 7 files changed, 93 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index aa89dab..953b181 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -172,6 +172,7 @@ ^samba3.smb2.setinfo.setinfo ^samba3.smb2.session.*reauth5 # some special anonymous checks? ^samba3.smb2.compound.interim2 # wrong return code (STATUS_CANCELLED) +^samba3.smb2.compound.aio.interim2 # wrong return code (STATUS_CANCELLED) ^samba3.smb2.replay.channel-sequence ^samba3.smb2.replay.replay3 ^samba3.smb2.replay.replay4 diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 139bba0..73479fc 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -518,6 +518,10 @@ for t in tests: elif t == "rpc.samr.users.privileges": plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=torture:nt4_dc=true') plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') +elif t == "smb2.compound": +plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') +plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/aio -U$USERNAME%$PASSWORD', 'aio') +plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') else: plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') diff --git a/source3/smbd/aio.c b/source3/smbd/aio.c index f455d04..d3611ba 100644 --- a/source3/smbd/aio.c +++ b/source3/smbd/aio.c @@ -697,6 +697,10 @@ NTSTATUS schedule_smb2_aio_read(connection_struct *conn, return NT_STATUS_RETRY; } + if (smbd_smb2_is_compound(smbreq->smb2req)) { + return NT_STATUS_RETRY; + } + /* Create the out buffer. */ *preadbuf = data_blob_talloc(ctx, NULL, smb_maxcnt); if (preadbuf->data == NULL) { @@ -841,6 +845,10 @@ NTSTATUS schedule_aio_smb2_write(connection_struct *conn, return NT_STATUS_RETRY; } + if (smbd_smb2_is_compound(smbreq->smb2req)) { + return NT_STATUS_RETRY; +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 75c152c auth3: Remove auth_domain from 503bc39 ctdb-tests: Add tests for PID with srvid https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 75c152c0d764165a4a9dd0a85390af063dd0192a Author: Volker Lendecke <v...@samba.org> Date: Wed Sep 20 09:18:33 2017 -0700 auth3: Remove auth_domain If you're a domain member, use winbind. Auth_domain is from times when we did not have winbind. It has served its purpose, but we should move on. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Sep 22 00:02:29 CEST 2017 on sn-devel-144 --- Summary of changes: source3/auth/auth.c| 4 +- source3/auth/auth_domain.c | 414 - source3/auth/wscript_build | 7 - source3/wscript| 2 +- 4 files changed, 3 insertions(+), 424 deletions(-) delete mode 100644 source3/auth/auth_domain.c Changeset truncated at 500 lines: diff --git a/source3/auth/auth.c b/source3/auth/auth.c index 54e9433..3890cbc 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -526,12 +526,12 @@ NTSTATUS make_auth3_context_for_ntlm(TALLOC_CTX *mem_ctx, switch (lp_server_role()) { case ROLE_DOMAIN_MEMBER: DEBUG(5,("Making default auth method list for server role = 'domain member'\n")); - methods = "guest sam winbind:ntdomain sam_ignoredomain"; + methods = "guest sam winbind sam_ignoredomain"; break; case ROLE_DOMAIN_BDC: case ROLE_DOMAIN_PDC: DEBUG(5,("Making default auth method list for DC\n")); - methods = "guest sam winbind:trustdomain sam_ignoredomain"; + methods = "guest sam winbind sam_ignoredomain"; break; case ROLE_STANDALONE: DEBUG(5,("Making default auth method list for server role = 'standalone server', encrypt passwords = yes\n")); diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c deleted file mode 100644 index 40d717d..000 --- a/source3/auth/auth_domain.c +++ /dev/null @@ -1,414 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Authenticate against a remote domain - Copyright (C) Andrew Tridgell 1992-1998 - Copyright (C) Andrew Bartlett 2001 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "auth.h" -#include "../libcli/auth/libcli_auth.h" -#include "../librpc/gen_ndr/ndr_netlogon.h" -#include "rpc_client/cli_pipe.h" -#include "rpc_client/cli_netlogon.h" -#include "secrets.h" -#include "passdb.h" -#include "libsmb/libsmb.h" -#include "libcli/auth/netlogon_creds_cli.h" -#include "libsmb/samlogon_cache.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_AUTH - -static struct named_mutex *mutex; - -/** - * Connect to a remote server for (inter)domain security authenticaion. - * - * @param cli the cli to return containing the active connection - * @param server either a machine name or text IP address to - * connect to. - * @param setup_creds_as domain account to setup credentials as - * @param sec_chan a switch value to distinguish between domain - * member and interdomain authentication - * @param trust_passwd the trust password to establish the - * credentials with. - * - **/ - -static NTSTATUS connect_to_domain_password_server(struct cli_state **cli_ret, - const char *domain, - const char *dc_name, - const struct sockaddr_storage *dc_ss, - struct rpc_pipe_client **pipe_ret, - TALLOC_CTX *mem_ctx, - struct netlogon_creds_
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 30ffc12 testsuite: Fix the 32-bit test build via f0df242 WHATSNEW: Mention code removal from "net" and "rpcclient" via 3a06a7a libnet: Remove libnet_samsync via a2fc00b net: Don't depend on libnet_samsync anymore via 66c608a net: Remove NT4-based vampire keytab via df7e7c6 net: Remove NT4-based rpc vampire ldif via adecdad net: Remove rpc vampire from NT4 domains via 4e9877d net: Remove rpc samdump via fe736f2 rpcclient: Remove sam_sync related commands via 2d97c8a Make sure smbtorture tests can run if someone has set their min protocol above NT1. from b092ed3 CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from writing server memory to file. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 30ffc120e299df1b346f664910cf9d73d3fe7dd9 Author: Volker Lendecke <v...@samba.org> Date: Wed Sep 20 00:12:33 2017 + testsuite: Fix the 32-bit test build samba_init_module returns 32-bit. For some reason on my 32-bit lxc "return 0" was converted to something but NT_STATUS_OK, making initialization fail. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Sep 21 02:49:32 CEST 2017 on sn-devel-144 commit f0df2426c0a6428ec1f7b9ede57adfa95e8d8382 Author: Volker Lendecke <v...@samba.org> Date: Tue Sep 19 15:26:55 2017 -0700 WHATSNEW: Mention code removal from "net" and "rpcclient" Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 3a06a7a14e66d5f11c7ca0ea52c8f0f59927c75d Author: Volker Lendecke <v...@samba.org> Date: Tue Sep 19 15:17:38 2017 -0700 libnet: Remove libnet_samsync Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a2fc00b1f5321e67a39bd3e834f3fd72af7be337 Author: Volker Lendecke <v...@samba.org> Date: Tue Sep 19 15:14:32 2017 -0700 net: Don't depend on libnet_samsync anymore Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 66c608a6baf220a91e80114dbf3ddb7e0fe66732 Author: Volker Lendecke <v...@samba.org> Date: Tue Sep 19 15:09:05 2017 -0700 net: Remove NT4-based vampire keytab Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit df7e7c65eda88af9c21cd32c95bcb36868321fed Author: Volker Lendecke <v...@samba.org> Date: Tue Sep 19 15:06:11 2017 -0700 net: Remove NT4-based rpc vampire ldif Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit adecdad28272b8f4ad426b9af21ae0788ed67d18 Author: Volker Lendecke <v...@samba.org> Date: Tue Sep 19 15:03:43 2017 -0700 net: Remove rpc vampire from NT4 domains Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 4e9877d30465baf381ae21a32e485910b02af35d Author: Volker Lendecke <v...@samba.org> Date: Tue Sep 19 15:02:09 2017 -0700 net: Remove rpc samdump This uses the NT4 replication commands. Samba does not have a server for this, no tests, and whoever needs to migrate a native domain can use an old Samba version Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit fe736f246bbe155d3621e891c7ea377b6aedf836 Author: Volker Lendecke <v...@samba.org> Date: Tue Sep 19 14:33:07 2017 -0700 rpcclient: Remove sam_sync related commands These three commands don't use the netlogon credential chain correctly. They are missing the netlogon_creds_store after the dcerpc call, so they destroy the correct use of the netlogon creds. The only valid server for these calls that I know of would be NT4, and that should be gone long ago. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 2d97c8a4a5128cb00386b9799310bdad1f8971ea Author: Richard Sharpe <richard.sha...@primarydata.com> Date: Sun Sep 10 12:50:57 2017 -0700 Make sure smbtorture tests can run if someone has set their min protocol above NT1. This code is SMB1 only, and already modifies maxprotocol, so this change is appropriate. Signed-off-by: Richard Sharpe <richard.sha...@primarydata.com> Reviewed-by: Jeremy Allison <j...@samba.org> ---
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e5a2e62 wafsamba: We need to honor DESTDIR in INSTALL_DIR via 05169a6 samba_upgradedns: When we setup the internal dns cleanup bind-dns dir via 8cf5c5f samba_upgradedns: Print better hints after we migrated the config via aef2b91 samba_upgradedns: Change the group of the 'binddns dir' too via ffb7d6b python:provision: Do not change the owner of the sam.ldb.d dir via 591b086 python:provision: Change the group of the 'binddns dir' too via bf64939 s4:bind_dlz: Try the 'binddns dir' first via 1c29a8b dynconfig: Fix location of the default 'binddns dir' via 4880e8a samba:provision: Give a hint to copy the krb5.conf and not symlink it via 2bf9b5e wafsamba: Do not chmod already existing dirs on install from e115a42 getncchanges.c: Send linked attributes in each chunk https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e5a2e6291a88757eae7a9e7ad58d8465c0509896 Author: Andreas Schneider <a...@samba.org> Date: Tue Sep 12 15:56:44 2017 +0200 wafsamba: We need to honor DESTDIR in INSTALL_DIR BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Sep 16 04:47:29 CEST 2017 on sn-devel-144 commit 05169a6047e6e3271949c96652a667f624e9a62d Author: Andreas Schneider <a...@samba.org> Date: Tue Sep 5 11:47:27 2017 +0200 samba_upgradedns: When we setup the internal dns cleanup bind-dns dir Make sure to remove everything from the bind-dns directory to avoid possible security issues with the named group having write access to all AD partions BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 8cf5c5f0fae97c7215eb09070049cdb29377dc97 Author: Andreas Schneider <a...@samba.org> Date: Wed Sep 6 07:25:40 2017 +0200 samba_upgradedns: Print better hints after we migrated the config BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit aef2b915a2020786f79650078b318d471a6f0381 Author: Andreas Schneider <a...@samba.org> Date: Wed Sep 6 10:06:40 2017 +0200 samba_upgradedns: Change the group of the 'binddns dir' too BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ffb7d6b50e0c079f10f881148c584da1c9681310 Author: Andreas Schneider <a...@samba.org> Date: Wed Sep 6 07:25:04 2017 +0200 python:provision: Do not change the owner of the sam.ldb.d dir BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 591b086bf18d771c1b34526431aea82a93d5d7a0 Author: Andreas Schneider <a...@samba.org> Date: Wed Sep 6 07:23:57 2017 +0200 python:provision: Change the group of the 'binddns dir' too BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit bf64939d22d33e26e11e73f41ee2db09a48c8d3c Author: Andreas Schneider <a...@samba.org> Date: Tue Aug 22 17:10:01 2017 +0200 s4:bind_dlz: Try the 'binddns dir' first The directory is normally empty if you did not provision or call samba_upgradedns for the bind_dlz module. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 1c29a8b3477cd2c030ee21465e0d4a9ec943b590 Author: Andreas Schneider <a...@samba.org> Date: Thu Aug 10 15:04:08 2017 +0200 dynconfig: Fix location of the default 'binddns dir' BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 4880e8a7e695663e820376d6c4e3933821dcb8fb Author: Andreas Schneider <a...@samba.org> Date: Tue Sep 5 20:36:47 2017 +0200 samba:provision: Give a hint to copy the krb5.conf and not symlink it BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 2bf9b5e166f8440a09db937e2936a43d1dcd2ae3 Author: Andreas Schnei
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f0a90a1 libcli: SMB2: NetApps negotiate SMB3_11 but also set the SMB2_CAP_ENCRYPTION flag. from 1b6aa39 vfs_streams_xattr: Fix segfault when running with log level 10 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f0a90a1287a8f4c4114919a32afaff52e3c69a9b Author: Jeremy Allison <j...@samba.org> Date: Mon Sep 11 16:36:47 2017 -0700 libcli: SMB2: NetApps negotiate SMB3_11 but also set the SMB2_CAP_ENCRYPTION flag. This is a SHOULD not, not a MUST not. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13009 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Steve French <sfre...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Sep 14 14:48:20 CEST 2017 on sn-devel-144 --- Summary of changes: libcli/smb/smbXcli_base.c | 15 --- 1 file changed, 12 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index d73949b..5493954 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -4916,10 +4916,19 @@ static void smbXcli_negprot_smb2_done(struct tevent_req *subreq) return; } + /* +* Here we are now at SMB3_11, so encryption should be +* negotiated via context, not capabilities. +*/ + if (conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION) { - tevent_req_nterror(req, - NT_STATUS_INVALID_NETWORK_RESPONSE); - return; + /* +* Server set SMB2_CAP_ENCRYPTION capability, +* but *SHOULD* not, not *MUST* not. Just mask it off. +* NetApp seems to do this: +* BUG: https://bugzilla.samba.org/show_bug.cgi?id=13009 +*/ + conn->smb2.server.capabilities &= ~SMB2_CAP_ENCRYPTION; } negotiate_context_offset = IVAL(body, 60); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 54e6f15 packaging: Remove Solaris directory and contents via ce61ce7 packaging: Remove RHEL directory and contents via bd67fab packaging: Remove RHEL-CTDB directory and contents from 7e0b2af s3/smbd: sticky write time offset miscalculation causes broken timestamps https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 54e6f1583a6066dc290ccb76556a60d697ed01aa Author: Rowland Penny <rpe...@samba.org> Date: Wed Sep 6 14:38:37 2017 +0100 packaging: Remove Solaris directory and contents Signed-off-by: Rowland Penny <rpe...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Sep 12 06:46:35 CEST 2017 on sn-devel-144 commit ce61ce76b546b55398e2cece0cbfdee5026e2270 Author: Rowland Penny <rpe...@samba.org> Date: Wed Sep 6 14:28:51 2017 +0100 packaging: Remove RHEL directory and contents Signed-off-by: Rowland Penny <rpe...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit bd67fab64da4d6cc4cd2feb28251c57871e83061 Author: Rowland Penny <rpe...@samba.org> Date: Wed Sep 6 14:33:58 2017 +0100 packaging: Remove RHEL-CTDB directory and contents Signed-off-by: Rowland Penny <rpe...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> --- Summary of changes: packaging/RHEL-CTDB/README | 21 - packaging/RHEL-CTDB/configure.rpm | 68 --- packaging/RHEL-CTDB/makerpms.sh| 159 -- packaging/RHEL-CTDB/makespec.sh| 63 --- packaging/RHEL-CTDB/samba.spec.tmpl| 549 - packaging/RHEL-CTDB/setup/filter-requires-samba.sh | 4 - packaging/RHEL-CTDB/setup/samba.log| 9 - packaging/RHEL-CTDB/setup/samba.pamd | 4 - packaging/RHEL-CTDB/setup/samba.sysconfig | 6 - packaging/RHEL-CTDB/setup/smb.conf | 271 -- packaging/RHEL-CTDB/setup/smb.init | 138 -- packaging/RHEL-CTDB/setup/smbusers | 3 - packaging/RHEL-CTDB/setup/swat.desktop | 8 - packaging/RHEL-CTDB/setup/winbind.init | 102 packaging/RHEL/makerpms.git.sh | 149 -- packaging/RHEL/makerpms.sh.tmpl| 81 --- packaging/RHEL/samba.spec.tmpl | 462 - packaging/RHEL/setup/filter-requires-samba.sh | 4 - packaging/RHEL/setup/samba.log | 9 - packaging/RHEL/setup/samba.pamd| 4 - packaging/RHEL/setup/samba.sysconfig | 6 - packaging/RHEL/setup/smb.conf | 271 -- packaging/RHEL/setup/smb.init | 137 - packaging/RHEL/setup/smbusers | 3 - packaging/RHEL/setup/swat.desktop | 8 - packaging/RHEL/setup/winbind.init | 102 packaging/Solaris/README | 13 - packaging/Solaris/copyright| 1 - packaging/Solaris/makepkg.sh | 214 packaging/Solaris/pkginfo.master | 14 - packaging/Solaris/postinstall | 15 - packaging/Solaris/preremove| 12 - packaging/Solaris/prototype.master | 37 -- packaging/Solaris/request | 13 - packaging/Solaris/samba.init.master| 53 -- packaging/Solaris/smb.conf.default | 271 -- 36 files changed, 3284 deletions(-) delete mode 100644 packaging/RHEL-CTDB/README delete mode 100755 packaging/RHEL-CTDB/configure.rpm delete mode 100755 packaging/RHEL-CTDB/makerpms.sh delete mode 100755 packaging/RHEL-CTDB/makespec.sh delete mode 100644 packaging/RHEL-CTDB/samba.spec.tmpl delete mode 100755 packaging/RHEL-CTDB/setup/filter-requires-samba.sh delete mode 100644 packaging/RHEL-CTDB/setup/samba.log delete mode 100644 packaging/RHEL-CTDB/setup/samba.pamd delete mode 100644 packaging/RHEL-CTDB/setup/samba.sysconfig delete mode 100644 packaging/RHEL-CTDB/setup/smb.conf delete mode 100644 packaging/RHEL-CTDB/setup/smb.init delete mode 100644 packaging/RHEL-CTDB/setup/smbusers delete mode 100644 packaging/RHEL-CTDB/setup/swat.desktop delete mode 100644 packaging/RHEL-CTDB/setup/winbind.init delete mode 100755 packaging/RHEL/makerpms.git.sh delete mode 100644 packaging/RHEL/makerpms.sh.tmpl delete mode 100644 packaging/RHEL/samba.spec.tmpl delete mode 100755 packaging/RHEL/setup/filter-requires-samba.sh delete mode 100644 packaging/RHEL/setup/samba.log delete mod
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4102697 s3/vfs: move ACE4_ADD_FILE/ACE4_DELETE_CHILD mapping from NFSv4 framework to vfs_zfsacl via bdc7fc6 vfs_zfsacl: ensure zfs_get_nt_acl_common() has access to stat info via a665728 vfs_zfsacl: pass smb_fname to zfs_get_nt_acl_common via 4591a91 vfs/nfs4_acls: move special handling of SMB_ACE4_SYNCHRONIZE to vfs_zfsacl from 13971ba smbd: add missing newline to debug message in daemon_status() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4102697503691f3b2eadfcb98834bb66c669f3ab Author: Ralph Boehme <s...@samba.org> Date: Wed Sep 6 16:56:47 2017 +0200 s3/vfs: move ACE4_ADD_FILE/ACE4_DELETE_CHILD mapping from NFSv4 framework to vfs_zfsacl This was added in e6a5f11865a55e9644292ae92e4a4b5ec0662ccd to adopt the NFSv4 framework to follow ZFS permission rules. But this is the wrong place, other filesystems like GPFS do not allow deletion when the user has SEC_DIR_ADD_FILE. This patch therefor moves the change from the NFS4 framework into the ZFS module. Bug: https://bugzilla.samba.org/show_bug.cgi?id=6133 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Sep 9 04:59:51 CEST 2017 on sn-devel-144 commit bdc7fc62011cb1744f0246aea358b93e98caef38 Author: Ralph Boehme <s...@samba.org> Date: Wed Sep 6 16:53:23 2017 +0200 vfs_zfsacl: ensure zfs_get_nt_acl_common() has access to stat info We'll need this in the next commit. Bug: https://bugzilla.samba.org/show_bug.cgi?id=6133 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a66572851b6163e56a80463316cc0a6879ffd3e5 Author: Ralph Boehme <s...@samba.org> Date: Wed Sep 6 16:44:12 2017 +0200 vfs_zfsacl: pass smb_fname to zfs_get_nt_acl_common This is in preperation of moving SMB_ACE4_ADD_FILE / SMB_ACE4_DELETE_CHILD mapping from the common NFSv4 framework into this module excusively. Bug: https://bugzilla.samba.org/show_bug.cgi?id=6133 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 4591a91c4aa9e631fb8696ed8f6e53343e773895 Author: Ralph Boehme <s...@samba.org> Date: Wed Sep 6 16:28:10 2017 +0200 vfs/nfs4_acls: move special handling of SMB_ACE4_SYNCHRONIZE to vfs_zfsacl Commit 99a74ff5e6a9f87ad7a650cb44e0f925f834b3a1 added special handling of SMB_ACE4_SYNCHRONIZE, always setting it in the access_mask when fabricating an ACL. While at the same time removing it from the access_mask when setting an ACL, but this is done direclty in vfs_zfsacl, not it the common code. Forcing SMB_ACE4_SYNCHRONIZE to be always set is only needed on ZFS, the other VFS modules using the common NFSv4 infrastructure should not be made victims of the special ZFS behaviour. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7909 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/modules/nfs4_acls.c | 11 - source3/modules/vfs_zfsacl.c | 54 +--- 2 files changed, 41 insertions(+), 24 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 7488b1c..b755344 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -352,10 +352,6 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, DEBUG(10, ("mapped %d to %s\n", ace->who.id, sid_string_dbg())); - if (is_directory && (ace->aceMask & SMB_ACE4_ADD_FILE)) { - ace->aceMask |= SMB_ACE4_DELETE_CHILD; - } - if (!is_directory && params->map_full_control) { /* * Do we have all access except DELETE_CHILD @@ -386,13 +382,6 @@ static bool smbacl4_nfs42win(TALLOC_CTX *mem_ctx, ace->aceFlags, win_ace_flags)); mask = ace->aceMask; - /* Windows clients expect SYNC on acls to - correctly allow rename. See bug #7909. */ - /* But not on DENY ace entries. See - bug #8442. */ - if(ace->aceType == SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) { - mask = ace->aceMask | SMB_ACE4_SYNCHRONIZE; - } /* Mapping of owner@ and group@ to creator o
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 13971ba smbd: add missing newline to debug message in daemon_status() via 47b4fca s3-lib: Fix error mapping for EROFS from c938f61 python: Allow debug classes to be specified on the command line for python tools https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 13971ba02e00f2e74fd132e7421421eb1aa2d8b8 Author: Justin Maggard via samba-technical <samba-techni...@lists.samba.org> Date: Thu Sep 7 11:05:45 2017 -0700 smbd: add missing newline to debug message in daemon_status() Signed-off-by: Justin Maggard <jmagg...@netgear.com> Reviewed-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Sep 8 06:26:52 CEST 2017 on sn-devel-144 commit 47b4fcab1636e51ab9477f9e89153500c774c74f Author: Sachin Prabhu via samba-technical <samba-techni...@lists.samba.org> Date: Thu Sep 7 12:49:49 2017 +0100 s3-lib: Fix error mapping for EROFS EROFS is incorrectly mapped to NT_STATUS_ACCESS_DENIED. This should instead be mapped to NT_STATUS_MEDIA_WRITE_PROTECTED. This change has already been done for the client in unix_nt_errmap in libcli/util/errmap_unix.c commit 9d055846f225 ("r3278: - rewrote the client side rpc...)") SMB1 specs for SMB_COM_DELETE also specifies this mapping for EROFS https://msdn.microsoft.com/en-us/library/ee441772.aspx RH bz: 1171705 This problem was reported by Red Hat glusterfs QE who encountered different errors when performing the same operation on a fuse mount and on a cifs mount of the same underlying gluster filesystem. Signed-off-by: Sachin Prabhu <spra...@redhat.com> Reviewed-by: Gunther Deschner <gdesc...@redhat.com> Reported-by: Surabhi Bhalothia <sbhal...@redhat.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: lib/util/become_daemon.c | 2 +- source3/lib/errmap_unix.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/become_daemon.c b/lib/util/become_daemon.c index 22c1778..232eda6 100644 --- a/lib/util/become_daemon.c +++ b/lib/util/become_daemon.c @@ -146,5 +146,5 @@ void daemon_status(const char *daemon, const char *msg) #if defined(HAVE_LIBSYSTEMD_DAEMON) || defined(HAVE_LIBSYSTEMD) sd_notifyf(0, "\nSTATUS=%s: %s", daemon, msg); #endif - DBG_ERR("STATUS=daemon '%s' : %s", daemon, msg); + DBG_ERR("STATUS=daemon '%s' : %s\n", daemon, msg); } diff --git a/source3/lib/errmap_unix.c b/source3/lib/errmap_unix.c index f572b99..9eb30f7 100644 --- a/source3/lib/errmap_unix.c +++ b/source3/lib/errmap_unix.c @@ -71,7 +71,7 @@ static const struct { { EXDEV,NT_STATUS_NOT_SAME_DEVICE }, #endif #ifdef EROFS - { EROFS,NT_STATUS_ACCESS_DENIED }, + { EROFS,NT_STATUS_MEDIA_WRITE_PROTECTED }, #endif #ifdef ENAMETOOLONG { ENAMETOOLONG, NT_STATUS_OBJECT_NAME_INVALID }, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1e4c32e cli_credentials: Fix a typo via c754f48 WHATSNEW: Add Using x86_64 Accelerated AES Crypto Instructions section. via 5f87a05 lib: crypto: Add the ability to select Intel AESNI instruction set at configure time. via 53ac0f7 lib: crypto: Plumb in the Intel AES instructions. via 3324b55 lib: crypt: Prepare the existing code to switch to Intel AES hardware instructions. via 11a5676 third_party: Add build capability to aesni-intel. via 421fa34 third_party: Add the Intel Add support for AES-NI acceleration. from 8c365c5 python: Enable execution of samba.tests.security with Python 3. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1e4c32e3ff7e8dbf6aef12c737c5330273854510 Author: Volker Lendecke <v...@samba.org> Date: Wed Sep 6 14:05:09 2017 +0200 cli_credentials: Fix a typo Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Sep 7 05:56:14 CEST 2017 on sn-devel-144 commit c754f48575a5034242594762d62261a48025cebc Author: Jeremy Allison <j...@samba.org> Date: Wed Sep 6 12:13:32 2017 -0700 WHATSNEW: Add Using x86_64 Accelerated AES Crypto Instructions section. Describes --accel-aes configure time option. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 5f87a05aa314776135eec1057dd644c0b25a9d14 Author: Jeremy Allison <j...@samba.org> Date: Wed Sep 6 11:59:44 2017 -0700 lib: crypto: Add the ability to select Intel AESNI instruction set at configure time. Add --accel-aes=[none|intelaesni] to select. Default is none. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 53ac0f7c59a9192e4fa88bf3d257ad80379ded23 Author: Jeremy Allison <j...@samba.org> Date: Wed Sep 6 11:40:02 2017 -0700 lib: crypto: Plumb in the Intel AES instructions. Causes: AES_set_encrypt_key() AES_set_decrypt_key() AES_encrypt() AES_decrypt() to probe for the Intel AES instructions at runtime (only once) and then call the hardware implementations if so, otherwise fall back to the software implementations. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008 Based on original work by Justin Maggard <jmagg...@netgear.com> Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 3324b55bde96d4098df2f1138be5fd243206ceba Author: Jeremy Allison <j...@samba.org> Date: Thu Aug 31 11:41:32 2017 -0700 lib: crypt: Prepare the existing code to switch to Intel AES hardware instructions. Rename the old struct aes_key as an intermediate struct aes_key_rj and wrap it in a union so we can chose an alternate aes_key struct when using Intel AES hardware. Rename the original software implementations of: AES_set_encrypt_key() AES_set_decrypt_key() AES_encrypt() AES_decrypt() by adding an _rj on the end, and call them via a wrapper function. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008 Based on original work by Justin Maggard <jmagg...@netgear.com> Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 11a56768950e1caae302507e15e58eb1c316c30a Author: Jeremy Allison <j...@samba.org> Date: Wed Sep 6 09:58:06 2017 -0700 third_party: Add build capability to aesni-intel. Minor modifications to code to allow building as a Samba shared library. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008 Based on original work by Justin Maggard <jmagg...@netgear.com> Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 421fa346de575ebbed3496dc203011b80537bd8a Author: Jeremy Allison <j...@samba.org> Date: Wed Sep 6 09:44:42 2017 -0700 third_party: Add the Intel Add support for AES-NI acceleration. This commit takes the Linux kernel AES-NI code, and puts it into a third_party private library. The Linux kernel code is under GPLv2+ so is compatible with Samba. This can result in massive speed improvements (up to 200% on some platforms), by using Intel AES-NI instructions. These are the pristine check-ins of Linux kernel files for Intel AESNI crypto. git show
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2d0e138 python:samba: Add code to remove obsolete files in the private dir via 8f2dee2 python:samba: Use 'binddns dir' in samba-tool and samba_upgradedns via 3fa7c43 s4:bind_dlz: Use the 'binddns dir' if possible via 4c9608f param: Add 'binddns dir' parameter via 3b1aa2c python:samba: Remove code to change group via 47c0397 dynconfig: Change permission of the private dir to 0700 from f8b491f cli_credentials: Fix a return value https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2d0e13837d8c6fab3fb296aafcabdf2a2973b96d Author: Andreas Schneider <a...@samba.org> Date: Wed Aug 23 15:36:23 2017 +0200 python:samba: Add code to remove obsolete files in the private dir BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlet <abart...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Sep 6 03:54:19 CEST 2017 on sn-devel-144 commit 8f2dee256e281c438105689b073f09685f161b16 Author: Andreas Schneider <a...@samba.org> Date: Thu Aug 10 15:37:54 2017 +0200 python:samba: Use 'binddns dir' in samba-tool and samba_upgradedns This provisions the bind_dlz files in the 'binddns dir'. If you want to migrate to the new files strcuture you can run samba_upgradedns! BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlet <abart...@samba.org> commit 3fa7c43ef73b6582e8985bf6d82465ffded9e5db Author: Andreas Schneider <a...@samba.org> Date: Tue Aug 22 17:10:01 2017 +0200 s4:bind_dlz: Use the 'binddns dir' if possible The code makes sure we are backwards compatible. It will first check if we still have files in the private directory, if yes it will use those. If the the file is not in the private directory it will try the binddns dir. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlet <abart...@samba.org> commit 4c9608fb27b0f1bef846b72291ecb515045d3507 Author: Andreas Schneider <a...@samba.org> Date: Thu Aug 10 15:04:08 2017 +0200 param: Add 'binddns dir' parameter This allows to us to have restricted access to the directory by the group 'named' which bind is a member of. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlet <abart...@samba.org> commit 3b1aa2ca5f9ae151cd64579ed05c8fb766b1ec5d Author: Andreas Schneider <a...@samba.org> Date: Fri Aug 11 12:45:14 2017 +0200 python:samba: Remove code to change group This is the wrong place, it will just prepare the ldif. The file is not created here. The code is corrently changing the group in: python/samba/provision/__init__.py Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlet <abart...@samba.org> commit 47c039792a8a00c0f2798ced162c393d4712f946 Author: Andreas Schneider <a...@samba.org> Date: Thu Aug 10 11:43:11 2017 +0200 dynconfig: Change permission of the private dir to 0700 BUG: https://bugzilla.samba.org/show_bug.cgi?id=12957 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlet <abart...@samba.org> --- Summary of changes: buildtools/wafsamba/samba_patterns.py | 1 + docs-xml/smbdotconf/generate-file-list.sh | 1 + docs-xml/smbdotconf/security/binddnsdir.xml| 18 ++ dynconfig/dynconfig.c | 1 + dynconfig/dynconfig.h | 1 + dynconfig/wscript | 9 ++- lib/param/loadparm.c | 1 + lib/param/param.h | 1 + python/samba/provision/__init__.py | 72 +++-- python/samba/provision/sambadns.py | 29 - python/samba/tests/provision.py| 2 + selftest/selftest.pl | 7 +++ selftest/target/Samba3.pm | 4 ++ selftest/target/Samba4.pm | 4 ++ source3/param/loadparm.c | 2 + source4/dns_server/dlz_bind9.c | 44 - source4/dsdb/dns/dns_update.c | 46 +- source4/scripting/bin/samba_upgradedns | 73 +++--- source4/scripting/bin/samba_upgradeprovision | 16 ++---
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f8b491f cli_credentials: Fix a return value via 5b53254 lib: Fix 1417431 Unchecked return value from library via 970f78e Remove misleading entry from vfs_streams_xattr man page from d1c96dc messaging: Avoid a socket leak after fork https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f8b491fac42b95cecad419e1a54fd5e7ee6cb9e3 Author: Volker Lendecke <v...@samba.org> Date: Tue Sep 5 16:43:18 2017 +0200 cli_credentials: Fix a return value Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Sep 5 23:06:42 CEST 2017 on sn-devel-144 commit 5b53254ffcc9b5bd4e754969e8c74b50c44cd90c Author: Volker Lendecke <v...@samba.org> Date: Tue Sep 5 13:17:54 2017 +0200 lib: Fix 1417431 Unchecked return value from library Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 970f78ea2e0934014cfb317f83cd218d62d229ce Author: Anoop C S <anoo...@redhat.com> Date: Thu Aug 31 17:30:46 2017 +0530 Remove misleading entry from vfs_streams_xattr man page The line which is being removed says that streams_xattr vfs module cannot be used when kernel oplocks is enabled. But the underlying bug(#7537) and another dependant bug(#12791) has been resolved sometime back. Signed-off-by: Anoop C S <anoo...@redhat.com> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: auth/credentials/credentials.c| 2 +- docs-xml/manpages/vfs_streams_xattr.8.xml | 4 lib/pthreadpool/tests.c | 12 ++-- 3 files changed, 11 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c index 2342d72..152df96 100644 --- a/auth/credentials/credentials.c +++ b/auth/credentials/credentials.c @@ -534,7 +534,7 @@ _PUBLIC_ struct samr_Password *cli_credentials_get_nt_hash(struct cli_credential password, password_len); if (converted != sizeof(nt_hash->hash)) { TALLOC_FREE(nt_hash); - return false; + return NULL; } } else { E_md4hash(password, nt_hash->hash); diff --git a/docs-xml/manpages/vfs_streams_xattr.8.xml b/docs-xml/manpages/vfs_streams_xattr.8.xml index e2b9130..0f9dab4 100644 --- a/docs-xml/manpages/vfs_streams_xattr.8.xml +++ b/docs-xml/manpages/vfs_streams_xattr.8.xml @@ -46,10 +46,6 @@ the size of xattrs. So this module might work for applications like IE that stores small zone information in streams but will fail for applications that store serious amounts of data in ADSs. - - CAUTION: Make sure to set "kernel oplocks = no" in smb.conf if - if you use this module because this combination is currently broken. - See Bug 7537 for details. diff --git a/lib/pthreadpool/tests.c b/lib/pthreadpool/tests.c index 9991182..1aab80c 100644 --- a/lib/pthreadpool/tests.c +++ b/lib/pthreadpool/tests.c @@ -232,7 +232,11 @@ static int test_busyfork(void) return -1; } - poll(NULL, 0, 200); + ret = poll(NULL, 0, 200); + if (ret == -1) { + perror("poll failed"); + return -1; + } child = fork(); if (child < 0) { @@ -278,7 +282,11 @@ static int test_busyfork(void) return -1; } - poll(NULL, 0, 200); + ret = poll(NULL, 0, 200); + if (ret == -1) { + perror("poll failed"); + return -1; + } waitret = waitpid(child, , WNOHANG); if (waitret != child) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f9d4158 tests/fake_snap: sanitize paths via 7b58c8f s3/mdssvc: missing assignment in sl_pack_float from dd3e06f HEIMDAL: don't bother seeing q if not sent https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f9d4158f0b002b482df0a919d4cb337cce81f9f8 Author: David Disseldorp via samba-technical <samba-techni...@lists.samba.org> Date: Sat Aug 26 23:40:37 2017 +0200 tests/fake_snap: sanitize paths Ensure fake_snap.pl can be run in taint mode (-T), by sanitizing paths and the PATH env. This fixes the following samba3.rpc.fsrvp selftest failures: Insecure dependency in mkdir while running setgid at (eval 2) line 4. snap create failed: NT_STATUS_UNSUCCESSFUL snap create failed for shadow copy of /home/ddiss/isms/samba/st/nt4_dc/share Bug: https://bugzilla.samba.org/show_bug.cgi?id=12988 Signed-off-by: David Disseldorp <dd...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Aug 29 04:54:51 CEST 2017 on sn-devel-144 commit 7b58c8f54499f01778bcbfc2ad21521ceed2dd57 Author: Ralph Boehme <s...@samba.org> Date: Sun Aug 27 19:22:38 2017 +0200 s3/mdssvc: missing assignment in sl_pack_float Spotted by -Werror=maybe-uninitialized: ../source3/rpc_server/mdssvc/marshalling.c: In function ‘sl_pack_float’: ../source3/rpc_server/mdssvc/marshalling.c:171:11: error: ‘ieee_fp_union.w’ may be used uninitialized in this function [-Werror=maybe-uninitialized] offset = sl_push_uint64_val(buf, offset, bufsize, ieee_fp_union.w); Bug: https://bugzilla.samba.org/show_bug.cgi?id=12991 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/rpc_server/mdssvc/marshalling.c | 2 ++ source3/script/tests/fake_snap.pl | 19 --- 2 files changed, 18 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/mdssvc/marshalling.c b/source3/rpc_server/mdssvc/marshalling.c index 0a02f41..976702c 100644 --- a/source3/rpc_server/mdssvc/marshalling.c +++ b/source3/rpc_server/mdssvc/marshalling.c @@ -164,6 +164,8 @@ static ssize_t sl_pack_float(double d, char *buf, ssize_t offset, size_t bufsize uint64_t w; } ieee_fp_union; + ieee_fp_union.d = d; + offset = sl_push_uint64_val(buf, offset, bufsize, sl_pack_tag(SQ_TYPE_FLOAT, 2, 1)); if (offset == -1) { return -1; diff --git a/source3/script/tests/fake_snap.pl b/source3/script/tests/fake_snap.pl index d1233f3..18bbcb7 100755 --- a/source3/script/tests/fake_snap.pl +++ b/source3/script/tests/fake_snap.pl @@ -5,14 +5,25 @@ use strict; use File::Path qw(rmtree); use POSIX (); +sub _untaint_path +{ + my ($path) = @_; + + if ($path =~ /^(.*)$/) { + return $1; + } + die "bad path"; +} + sub _create_snapshot { - my ($base_path) = @_; + my ($base_path) = _untaint_path(shift); my $time_str = POSIX::strftime("%Y.%m.%d-%H.%M.%S" , localtime()); my $snap_path = $base_path . "/.snapshots/\@GMT-" . $time_str; my $ret; - POSIX::mkdir($base_path . "/.snapshots", 0777); + $ENV{'PATH'} = '/bin:/usr/bin'; # untaint PATH + POSIX::mkdir($base_path . "/.snapshots", 0755); # add trailing slash to src path to ensure that only contents is copied $ret = system("rsync", "-a", "--exclude=.snapshots/", "${base_path}/", @@ -28,7 +39,8 @@ sub _create_snapshot sub _delete_snapshot { - my ($base_path, $snap_path) = @_; + my $base_path = _untaint_path(shift); + my $snap_path = _untaint_path(shift); # we're doing a recursive delete, so do some sanity checks if ((index($snap_path, $base_path) != 0) || (index($snap_path, ".snapshots") == -1)) { @@ -36,6 +48,7 @@ sub _delete_snapshot return -1; } + $ENV{'PATH'} = '/bin:/usr/bin'; # untaint PATH rmtree($snap_path, {error => \my $err}); if (@$err) { for my $diag (@$err) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 51f40a0 s4/torture: add a test for rename change notification with inotify enabled via 71a68d2 selftest: run smb2.notify-inotify testsuite against fileserver via fb8e034 selftest: enable kernel change notifications in the fileserver environment from 11ae26e s3:vfs: Do not overrun array ad->ad_eid https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 51f40a0e1d10069f55a5884ff1579e8f15f10a1e Author: Ralph Boehme <s...@samba.org> Date: Thu Jul 13 16:05:49 2017 +0200 s4/torture: add a test for rename change notification with inotify enabled This is already fixed in master by 5eccc2fd0072409f166c63e6876266f926411423~10..5eccc2fd0072409f166c63e6876266f926411423. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Aug 26 05:05:08 CEST 2017 on sn-devel-144 commit 71a68d22a15d12c4038026dd065c54721ddc6723 Author: Ralph Boehme <s...@samba.org> Date: Thu Jul 13 16:04:50 2017 +0200 selftest: run smb2.notify-inotify testsuite against fileserver Next commit adds the suite and a test. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit fb8e0343ebebac322d545b54c33b3c1e7bcda393 Author: Ralph Boehme <s...@samba.org> Date: Thu Jul 13 16:01:53 2017 +0200 selftest: enable kernel change notifications in the fileserver environment This environment is currently not used for any test in the smb2 testsuite, so this change doesn't affect any existing test. A subsequent commit will add a test for change notifications with kernel change notify enabled. It verifies a bug (this one) that only crops up in such a setup and causes rename events to get lost. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: selftest/target/Samba3.pm | 2 + source3/selftest/tests.py | 4 ++ source4/torture/smb2/notify.c | 158 ++ source4/torture/smb2/smb2.c | 1 + 4 files changed, 165 insertions(+) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 54da52b..45c00ba 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -884,6 +884,8 @@ sub setup_fileserver($$) push(@dirs,$usershare_sharedir); my $fileserver_options = " + kernel change notify = yes + usershare path = $usershare_dir usershare max shares = 10 usershare allow guests = yes diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 7e1f213..7bb0e51 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -56,6 +56,7 @@ finally: have_libarchive = ("HAVE_LIBARCHIVE" in config_hash) have_linux_kernel_oplocks = ("HAVE_KERNEL_OPLOCKS_LINUX" in config_hash) +have_inotify = ("HAVE_INOTIFY" in config_hash) plantestsuite("samba3.blackbox.success", "nt4_dc:local", [os.path.join(samba3srcdir, "script/tests/test_success.sh")]) plantestsuite("samba3.blackbox.failure", "nt4_dc:local", [os.path.join(samba3srcdir, "script/tests/test_failure.sh")]) @@ -505,6 +506,9 @@ for t in tests: elif t == "smb2.kernel-oplocks": if have_linux_kernel_oplocks: plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER/kernel_oplocks -U$USERNAME%$PASSWORD') +elif t == "smb2.notify-inotify": +if have_inotify: +plansmbtorture4testsuite(t, "fileserver", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') elif t == "vfs.acl_xattr": plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') elif t == "smb2.compound_find": diff --git a/source4/torture/smb2/notify.c b/source4/torture/smb2/notify.c index 9fc856c..6ef24fe 100644 --- a/source4/torture/smb2/notify.c +++ b/source4/torture/smb2/notify.c @@ -2354,6 +2354,151 @@ static bool torture_smb2_notify_rmdir4(struct torture_context *torture, return torture_smb2_notify_rmdir(torture, tree1, tree2, true); } +static void notify_timeout(struct tevent_context *ev, + struct tevent_timer *te, + struct timeval current_time, + v
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 27fae4c schannel.idl: Fix a typo via 00f3296 ctdb: Fix a typo from c804f26 tdb: version 1.3.15 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 27fae4cea30c98979462ffdb4582b054686f73d9 Author: Volker Lendecke <v...@samba.org> Date: Thu Aug 24 17:03:30 2017 +0200 schannel.idl: Fix a typo Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Aug 25 04:10:25 CEST 2017 on sn-devel-144 commit 00f32962e8c2948c7a8bfef183126603fb96b1eb Author: Volker Lendecke <v...@samba.org> Date: Wed Aug 23 18:11:32 2017 +0200 ctdb: Fix a typo Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: ctdb/server/ctdb_daemon.c | 2 +- librpc/idl/schannel.idl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/server/ctdb_daemon.c b/ctdb/server/ctdb_daemon.c index 28492ac..80b334b 100644 --- a/ctdb/server/ctdb_daemon.c +++ b/ctdb/server/ctdb_daemon.c @@ -1756,7 +1756,7 @@ struct ctdb_client *ctdb_find_client_by_pid(struct ctdb_context *ctdb, pid_t pid Samba does this when it needs/wants to check if a subrecord in one of the databases is still valied, or if it is stale and can be removed. If the node is in unhealthy or stopped state we just kill of the samba - process holding htis sub-record and return to the calling samba that + process holding this sub-record and return to the calling samba that the process does not exist. This allows us to forcefully recall subrecords registered by samba processes on banned and stopped nodes. diff --git a/librpc/idl/schannel.idl b/librpc/idl/schannel.idl index fa688f6..3bc8a92 100644 --- a/librpc/idl/schannel.idl +++ b/librpc/idl/schannel.idl @@ -27,7 +27,7 @@ interface schannel dom_sid *sid; } netlogon_creds_CredentialState; - /* This is used in the schannel_cache.tdb */ + /* This is used in the schannel_store.tdb */ typedef [public] struct { [string,charset(UTF16)] uint16 *computer_name; netr_Credential server_challenge; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a475e1c tdb: Use posix_fallocate via a05debc tdb: Add an intermediate variable via c721188 tdb: Truncate the file after expand failure via 3e7efbf tdb: Protect against EINTR via ab132ba configure: Centralize check for posix_fallocate via c66b214 tdb: Fix a typo via a6f391b vfs_default: Fix passing of errno from async calls via 48815f8 acl_common: Avoid "#include vfs_acl_common.c" via ce8a22d acl_common: Pass store_acl_blob_fsp through store_v3_blob via 81a46c0 acl_common: Pass get_acl_blob_fn as a pointer to get_nt_acl_internal from 531ef64 s3:tests: Add test for changing the local user password with smbpasswd https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a475e1c4b0009987a818faa953d1be3ee9b68894 Author: Volker Lendecke <v...@samba.org> Date: Wed Aug 23 13:02:57 2017 +0200 tdb: Use posix_fallocate This should be significantly faster than pwriting. openbsd doesn't have posix_fallocate, so we do need the fallback. Also, it might have weird failure modes, so we keep the old code in place except for posix_fallocate returning success or ENOSPC. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Aug 24 05:38:49 CEST 2017 on sn-devel-144 commit a05debc113847ca3fd46ea63ec05a3fa357aa8e5 Author: Volker Lendecke <v...@samba.org> Date: Wed Aug 23 12:59:19 2017 +0200 tdb: Add an intermediate variable More README.Coding, but I need "ret" in the next commit as well :-) Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit c7211882a79a99ed70a1aceeafa232cd521c915d Author: Volker Lendecke <v...@samba.org> Date: Wed Aug 23 12:48:03 2017 +0200 tdb: Truncate the file after expand failure Without this it's very easy to create virtually huge files: ftruncate expands a file, the pwrites fail with ENOSPC, thus the write fails. The next writer runs into the same situation, and ftruncate-expands the file even further. tdb_check will then spend ages reading the 4GB of zeros byte by byte. Here we hold the freelist lock or are inside a transaction, so it is safe to cut the file again. Nobody can have used the space that we have tried to allocate, so we can't have any stray pointers corrupting the database. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 3e7efbfb36a54e99bda55a0695b645f6a09e99a3 Author: Volker Lendecke <v...@samba.org> Date: Wed Aug 23 12:00:00 2017 +0200 tdb: Protect against EINTR Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit ab132ba7e503f489c04945c1b079c3b3523f Author: Volker Lendecke <v...@samba.org> Date: Tue Aug 22 17:09:01 2017 +0200 configure: Centralize check for posix_fallocate This checks for posix_fallocate unless we are sitting on an ancient glibc. With this we don't need HAVE_BROKEN_POSIX_FALLOCATE anymore, HAVE_POSIX_FALLOCATE will only be defined if we have a valid [g]libc. ./configure tested on Debian, FreeBSD (which does have posix_fallocate) and OpenBSD (which does not have posix_fallocate). Also tested with changing the not have an old-enough glibc around. All did the right thing. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit c66b21453726060a7d9ae4b34c94e84a692a3941 Author: Volker Lendecke <v...@samba.org> Date: Tue Aug 22 14:51:18 2017 +0200 tdb: Fix a typo Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit a6f391b8dd1fbfd1a370667dec1374284984c341 Author: Christof Schmitt <c...@samba.org> Date: Wed Aug 23 14:37:28 2017 -0700 vfs_default: Fix passing of errno from async calls Current code assigns errno from async pthreadpool calls to the vfs_default internal vfswrap_*_state. The callers of the vfs_*_recv functions expect the value from errno in vfs_aio_state.error. Correctly assign errno to vfs_aio_state.error and remove the unused internal err variable. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12983 Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 48815f8c3ed54edc418018b991c222e317302602 Author: Volker Lendecke <v...@samba.org> Date: Fri Aug 18 14:41:57 2017
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 95e30b0 s3:utils: Do not report an invalid range for AD DC role via a43affd tdb: fix tbdtool list freelist output via d2c7869 tdb: document hashtable bucket offset calculation madness via f2b7bc2 tbd: BUCKET(-1) returns wrong offset because tdb->hash_size is an unsigned int via a5a19fa tdb: rename struct tdb_traverse_lock hash member to list from 0ffe030 python: Make generated modules samba.ntstatus and samba.werror Python 3 compatible. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 95e30b081f273f2d156792577179c5220c0a10cc Author: Andreas Schneider <a...@samba.org> Date: Fri Aug 18 10:35:55 2017 +0200 s3:utils: Do not report an invalid range for AD DC role BUG: https://bugzilla.samba.org/show_bug.cgi?id=12629 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Aug 23 03:23:55 CEST 2017 on sn-devel-144 commit a43affd4c509246f968d7003e1b674f92d75d930 Author: Ralph Boehme <s...@samba.org> Date: Sun Jul 9 18:39:27 2017 +0200 tdb: fix tbdtool list freelist output Due to the non-fixable bug in the BUCKET macro tdbtool list printed some other hash chainlist, not the freelist. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12888 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit d2c78695c60a1902fd10197f762b84ee83372b6e Author: Ralph Boehme <s...@samba.org> Date: Sun Jul 2 11:41:43 2017 +0200 tdb: document hashtable bucket offset calculation madness Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit f2b7bc23df842c3f6cd6a477a500590076a3839e Author: Ralph Boehme <s...@samba.org> Date: Sat Jul 1 22:21:26 2017 +0200 tbd: BUCKET(-1) returns wrong offset because tdb->hash_size is an unsigned int The following C program demonstrates the issue: #include #include #include #include #include #include #include #include #include int main(int argc, char **argv) { int hash = -1; int tsize_signed = 10; unsigned int tsize_unsigned = 10; int bucket; #define BUCKET(hash, tsize) ((hash) % (tsize)) bucket = BUCKET(hash, tsize_unsigned); printf("hash [%d] tsize [%d] bucket [%d]\n", hash, tsize_unsigned, bucket); bucket = BUCKET(hash, tsize_signed); printf("hash [%d] tsize [%d] bucket [%d]\n", hash, tsize_signed, bucket); return 0; } Output: $ ./tmp hash [-1] tsize [10] bucket [5] hash [-1] tsize [10] bucket [-1] The first version is what the current BUCKET() macro does. As a result we lock the hashtable chain in bucket 5, NOT the freelist. -1 is sign converted to an unsigned int 4294967295 and 4294967295 % 10 = 5. As all callers will lock the same wrong list consistently locking is still consistent. Stumpled across this when looking at the output of `tdbtool DB list` which always printed some other hashchain and not the freelist. The freelist bucket offset computation doesn't use the BUCKET macro in freelist.c (directly or indirectly) when working on the freelist, it just directly uses the FREELIST_TOP define, so this problem only affects tdbtool list. Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a5a19fa5ef7b324d4945375122ef664059937862 Author: Ralph Boehme <s...@samba.org> Date: Sun Jul 2 07:46:17 2017 +0200 tdb: rename struct tdb_traverse_lock hash member to list The variable stores the hashtable bucket, not the hash. No change in behaviour. Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: lib/tdb/common/dump.c| 6 +- lib/tdb/common/lock.c| 28 +++- lib/tdb/common/tdb_private.h | 18 +- lib/tdb/common/traverse.c| 40 source3/utils/testparm.c | 16 +--- 5 files changed, 78 insertions(+), 30 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/common/dump.c b/lib/tdb/common/dump.c index 5f6a78b..73286b8 100644 --- a/lib/tdb/common/dump.c +++ b/lib/tdb/common/dump.c @@ -62,7 +62,11 @@ static int tdb_dump_cha
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fe9067b s3:printing: Add NULL check for state_path() via 2901ed0 s3:libsmb: let do_connect() debug the negotiation result similar to "session request ok" via ecca957 s3:libsmb: don't call cli_NetServerEnum() on SMB2/3 connections in SMBC_opendir_ctx() via 379e5c1 s3:smbclient: don't try any workgroup listing with "client min protocol = SMB2" via 3111463 s3:smbclient: improve the error messages for smbclient -L via 0f9d102 s3:libsmb: let get_ipc_connect() use CLI_FULL_CONNECTION_FORCE_SMB1 from 79cfa2e xattr.id: Fix a typo https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fe9067bcc7d605ef0df5721ea290f920f6cf241e Author: Andreas Schneider <a...@samba.org> Date: Mon Jul 31 10:09:52 2017 +0200 s3:printing: Add NULL check for state_path() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Aug 19 05:33:41 CEST 2017 on sn-devel-144 commit 2901ed0deb1324cacdc804fe5a09468a91661f9d Author: Stefan Metzmacher <me...@samba.org> Date: Wed Aug 16 12:42:48 2017 +0200 s3:libsmb: let do_connect() debug the negotiation result similar to "session request ok" Also modify non-specified max_protocol to be PROTOCOL_LATEST (currently PROTOCOL_SMB3_11). BUG: https://bugzilla.samba.org/show_bug.cgi?id=12881 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ecca95736d3994011de2d3fd882b58ab9b450a83 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Aug 16 12:38:30 2017 +0200 s3:libsmb: don't call cli_NetServerEnum() on SMB2/3 connections in SMBC_opendir_ctx() This is all we can do with when using we allow SMB2/3 and the server supports it, 'smb://' can't work unless we implement LLMNR and maybe WSD. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12876 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 379e5c1c2fa75c30b08bea7079cf1e9c46db0b26 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Aug 16 08:56:39 2017 +0200 s3:smbclient: don't try any workgroup listing with "client min protocol = SMB2" BUG: https://bugzilla.samba.org/show_bug.cgi?id=12863 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 3111463e743dfda89002f1047d1030ab617e5277 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Aug 16 08:55:43 2017 +0200 s3:smbclient: improve the error messages for smbclient -L BUG: https://bugzilla.samba.org/show_bug.cgi?id=12863 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 0f9d10246071160dc736205af234ab0ca456d0dc Author: Stefan Metzmacher <me...@samba.org> Date: Sat Jul 8 00:57:59 2017 +0200 s3:libsmb: let get_ipc_connect() use CLI_FULL_CONNECTION_FORCE_SMB1 get_ipc_connect() is only used in code paths that require cli_NetServerEnum() to work, so it must already require SMB1 only. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12876 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/client/client.c| 16 ++-- source3/libsmb/cliconnect.c| 2 ++ source3/libsmb/clidfs.c| 9 +++-- source3/libsmb/libsmb_dir.c| 13 + source3/printing/nt_printing.c | 17 + 5 files changed, 49 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/client.c b/source3/client/client.c index 83d9b9d..5ef9ad5 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -5829,7 +5829,13 @@ static int do_host_query(const char *query_host) } } + if (lp_client_min_protocol() > PROTOCOL_NT1) { + d_printf("SMB1 disabled -- no workgroup available\n"); + goto out; + } + if (lp_disable_netbios()) { + d_printf("NetBIOS over TCP disabled -- no workgroup available\n"); goto out; } @@ -5844,21 +5850,19 @@ static int do_host_query(const char *query_host) */ cli_shutdown(cli); + d_printf("Reconnecting with SMB1 for workgroup listing.\n"); status = cli_cm_open(talloc_tos(), NULL,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9fb2562 libcli/smb: debug an error if smb1cli_req_writev_submit() is called for SMB2/3 via 428fc22 s3: libsmb: Add cli_smb2_chkpath() and use from cli_chkpath(). from c477124 util: Add documentation for PID file handling https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9fb2562324e4381f8d0d5eaf864790ad770293b9 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Aug 16 22:27:15 2017 +0200 libcli/smb: debug an error if smb1cli_req_writev_submit() is called for SMB2/3 BUG: https://bugzilla.samba.org/show_bug.cgi?id=12968 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Aug 18 04:45:03 CEST 2017 on sn-devel-144 commit 428fc22e8bb7b7a74ba9e29bf962ebfbfd50c47b Author: Jeremy Allison <j...@samba.org> Date: Wed Aug 16 15:48:01 2017 -0700 s3: libsmb: Add cli_smb2_chkpath() and use from cli_chkpath(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=12968 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> --- Summary of changes: libcli/smb/smbXcli_base.c | 3 +++ source3/libsmb/cli_smb2_fnum.c | 41 + source3/libsmb/cli_smb2_fnum.h | 2 ++ source3/libsmb/clifile.c | 8 +++- 4 files changed, 53 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index cc89789..d73949b 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -1661,6 +1661,9 @@ static NTSTATUS smb1cli_req_writev_submit(struct tevent_req *req, } if (state->conn->protocol > PROTOCOL_NT1) { + DBG_ERR("called for dialect[%s] server[%s]\n", + smb_protocol_types_string(state->conn->protocol), + smbXcli_conn_remote_name(state->conn)); return NT_STATUS_REVISION_MISMATCH; } diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c index 2d2667e..b8179b0 100644 --- a/source3/libsmb/cli_smb2_fnum.c +++ b/source3/libsmb/cli_smb2_fnum.c @@ -1101,6 +1101,47 @@ NTSTATUS cli_smb2_qpathinfo_basic(struct cli_state *cli, } /*** + Wrapper that allows SMB2 to check if a path is a directory. + Synchronous only. +***/ + +NTSTATUS cli_smb2_chkpath(struct cli_state *cli, + const char *name) +{ + NTSTATUS status; + uint16_t fnum = 0x; + + if (smbXcli_conn_has_async_calls(cli->conn)) { + /* +* Can't use sync call while an async call is in flight +*/ + return NT_STATUS_INVALID_PARAMETER; + } + + if (smbXcli_conn_protocol(cli->conn) < PROTOCOL_SMB2_02) { + return NT_STATUS_INVALID_PARAMETER; + } + + /* Ensure this is a directory. */ + status = cli_smb2_create_fnum(cli, + name, + 0, /* create_flags */ + FILE_READ_ATTRIBUTES, /* desired_access */ + FILE_ATTRIBUTE_DIRECTORY, /* file attributes */ + FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, /* share_access */ + FILE_OPEN, /* create_disposition */ + FILE_DIRECTORY_FILE,/* create_options */ + , + NULL); + + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + return cli_smb2_close_fnum(cli, fnum); +} + +/*** Helper function for pathname operations. ***/ diff --git a/source3/libsmb/cli_smb2_fnum.h b/source3/libsmb/cli_smb2_fnum.h index 402801b..a6c3627 100644 --- a/source3/libsmb/cli_smb2_fnum.h +++ b/source3/libsmb/cli_smb2_fnum.h @@ -79,6 +79,8 @@ NTSTATUS cli_smb2_qpathinfo_basic(struct cli_state *cli, NTSTATUS cli_smb2_qpathinfo_alt_name(struct cli_state *cli, const char *name, fstring alt_name); +NTSTATUS cli_smb2_chkpath(struct cli_state *cli, + const char *name); NTSTATUS cli_smb2_qfileinfo_basic(struct cli_state *cli, uint16_t fnum, uint16_t *mode, diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c in
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5473a27 lib: talloc: Use the system include. via bee22f1 lib: tevent: Use system , not internal header path (except in self-test). from 68316a4 s3: messaging: Add background job send failure message https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5473a277e3bdcc7ae6a03c24d4e7c84a8ad63b4b Author: Jeremy Allison <j...@samba.org> Date: Mon Aug 14 16:04:18 2017 -0700 lib: talloc: Use the system include. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Aug 17 00:53:48 CEST 2017 on sn-devel-144 commit bee22f187cfca26da13efb4cc980a705ec252a21 Author: Jeremy Allison <j...@samba.org> Date: Mon Aug 14 15:54:39 2017 -0700 lib: tevent: Use system , not internal header path (except in self-test). Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> --- Summary of changes: lib/async_req/async_connect_send_test.c | 2 +- lib/tevent/testsuite.c | 2 +- source4/lib/wmi/wbemdata.c | 2 +- source4/librpc/rpc/dcerpc_roh_channel_in.c | 4 ++-- source4/librpc/rpc/dcerpc_roh_channel_out.c | 4 ++-- source4/torture/smb2/rename.c | 2 +- source4/torture/smb2/sharemode.c| 2 +- testprogs/win32/spoolss/testspoolss.h | 2 +- 8 files changed, 10 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/async_req/async_connect_send_test.c b/lib/async_req/async_connect_send_test.c index 34ea6b7..d570c60 100644 --- a/lib/async_req/async_connect_send_test.c +++ b/lib/async_req/async_connect_send_test.c @@ -17,7 +17,7 @@ */ #include "replace.h" -#include "lib/tevent/tevent.h" +#include #include "lib/async_req/async_sock.h" #include #include diff --git a/lib/tevent/testsuite.c b/lib/tevent/testsuite.c index ee29e5b..e508452 100644 --- a/lib/tevent/testsuite.c +++ b/lib/tevent/testsuite.c @@ -25,7 +25,7 @@ */ #include "includes.h" -#include "lib/tevent/tevent.h" +#include "tevent.h" #include "system/filesys.h" #include "system/select.h" #include "system/network.h" diff --git a/source4/lib/wmi/wbemdata.c b/source4/lib/wmi/wbemdata.c index df98da4..d475067 100644 --- a/source4/lib/wmi/wbemdata.c +++ b/source4/lib/wmi/wbemdata.c @@ -19,6 +19,7 @@ */ #include "includes.h" +#include #include "librpc/gen_ndr/dcom.h" #include "librpc/gen_ndr/com_dcom.h" #include "librpc/ndr/libndr.h" @@ -30,7 +31,6 @@ #include "librpc/gen_ndr/ndr_dcom.h" #include "librpc/rpc/dcerpc.h" #include "librpc/gen_ndr/ndr_misc.h" -#include "lib/talloc/talloc.h" #include "libcli/composite/composite.h" #include "lib/wmi/wmi.h" #include "librpc/gen_ndr/ndr_wmi.h" diff --git a/source4/librpc/rpc/dcerpc_roh_channel_in.c b/source4/librpc/rpc/dcerpc_roh_channel_in.c index d6c37a3..d6707bf 100644 --- a/source4/librpc/rpc/dcerpc_roh_channel_in.c +++ b/source4/librpc/rpc/dcerpc_roh_channel_in.c @@ -21,8 +21,8 @@ */ #include "includes.h" -#include "lib/tevent/tevent.h" -#include "lib/talloc/talloc.h" +#include +#include #include "lib/tsocket/tsocket.h" #include "lib/tls/tls.h" #include "lib/util/tevent_ntstatus.h" diff --git a/source4/librpc/rpc/dcerpc_roh_channel_out.c b/source4/librpc/rpc/dcerpc_roh_channel_out.c index 4e1c934..23cbce3 100644 --- a/source4/librpc/rpc/dcerpc_roh_channel_out.c +++ b/source4/librpc/rpc/dcerpc_roh_channel_out.c @@ -21,8 +21,8 @@ */ #include "includes.h" -#include "lib/tevent/tevent.h" -#include "lib/talloc/talloc.h" +#include +#include #include "lib/tsocket/tsocket.h" #include "lib/tls/tls.h" #include "lib/util/tevent_ntstatus.h" diff --git a/source4/torture/smb2/rename.c b/source4/torture/smb2/rename.c index 4c41c8b..5055cf2 100644 --- a/source4/torture/smb2/rename.c +++ b/source4/torture/smb2/rename.c @@ -22,7 +22,7 @@ #include "includes.h" #include "libcli/smb2/smb2.h" #include "libcli/smb2/smb2_calls.h" -#include "lib/tevent/tevent.h" +#include #include "lib/util/tevent_ntstatus.h" #include "torture/torture.h" diff --git a/source4/torture/smb2/sharemode.c b/source4/torture/smb2/sharemode.c index f59927c..d1ad22e 100644 --- a/source4/torture/smb2/sharemode.c +++ b/source4/torture/smb2/sharemode.c @@ -25,7 +25,7 @@ #inclu
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 652bf0c libhttp: Remove an unneeded include via ff0eed6 dbwrap: Simplify dbwrap_unmarshall_fn via ef2de24 dbwrap: Simplify dbwrap_trans_delete via 2ddf8e0 dbwrap: Simplify dbwrap_trans_store via b01b7c9 dbwrap: Simplify dbwrap_store_uint32_bystring via ae28e4d dbwrap: Simplify dbwrap_store_int32_bystring via a11450d dbwrap: Convert dbwrap_delete to dbwrap_do_locked via 5095733 dbwrap: Convert dbwrap_store to dbwrap_do_locked from 0dbcd6a py-librpc: Strictly check the type of the incoming sid pointer https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 652bf0ca7efcb13d7dab4a9f251a38af80c160a5 Author: Volker Lendecke <v...@samba.org> Date: Wed Jul 26 15:18:16 2017 +0200 libhttp: Remove an unneeded include Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Aug 16 04:11:47 CEST 2017 on sn-devel-144 commit ff0eed62d3334cd720122d97e38df9cf8651acc7 Author: Volker Lendecke <v...@samba.org> Date: Wed Jul 26 15:14:51 2017 +0200 dbwrap: Simplify dbwrap_unmarshall_fn Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ef2de247c1d0887283cb8dfc25d9e48252a2c9e2 Author: Volker Lendecke <v...@samba.org> Date: Wed Jul 26 15:12:21 2017 +0200 dbwrap: Simplify dbwrap_trans_delete Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 2ddf8e0abc235f396d4b70f9cb22f55d21dffdc5 Author: Volker Lendecke <v...@samba.org> Date: Wed Jul 26 15:10:55 2017 +0200 dbwrap: Simplify dbwrap_trans_store Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b01b7c9ef9ef45205c6eb49a5959d8718559fd79 Author: Volker Lendecke <v...@samba.org> Date: Wed Jul 26 14:56:53 2017 +0200 dbwrap: Simplify dbwrap_store_uint32_bystring Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ae28e4db441baff83e374086aa9c5a0c06435f92 Author: Volker Lendecke <v...@samba.org> Date: Wed Jul 26 14:56:53 2017 +0200 dbwrap: Simplify dbwrap_store_int32_bystring Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a11450d825b756ca8880c6307e38a6ce072fff54 Author: Volker Lendecke <v...@samba.org> Date: Wed Nov 9 16:37:49 2016 +0100 dbwrap: Convert dbwrap_delete to dbwrap_do_locked Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 5095733f923158701fb5a566cd16c2112d51e1c4 Author: Volker Lendecke <v...@samba.org> Date: Wed Nov 9 16:34:28 2016 +0100 dbwrap: Convert dbwrap_store to dbwrap_do_locked Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: lib/dbwrap/dbwrap.c | 51 lib/dbwrap/dbwrap_util.c | 76 ++-- source4/lib/http/http.c | 1 - 3 files changed, 49 insertions(+), 79 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/dbwrap/dbwrap.c b/lib/dbwrap/dbwrap.c index 22437f6..e1d792f 100644 --- a/lib/dbwrap/dbwrap.c +++ b/lib/dbwrap/dbwrap.c @@ -301,38 +301,53 @@ bool dbwrap_exists(struct db_context *db, TDB_DATA key) return (result == 1); } +struct dbwrap_store_state { + TDB_DATA data; + int flags; + NTSTATUS status; +}; + +static void dbwrap_store_fn(struct db_record *rec, void *private_data) +{ + struct dbwrap_store_state *state = private_data; + state->status = dbwrap_record_store(rec, state->data, state->flags); +} + NTSTATUS dbwrap_store(struct db_context *db, TDB_DATA key, TDB_DATA data, int flags) { - struct db_record *rec; + struct dbwrap_store_state state = { .data = data, .flags = flags }; NTSTATUS status; - TALLOC_CTX *frame = talloc_stackframe(); - rec = dbwrap_fetch_locked(db, frame, key); - if (rec == NULL) { - TALLOC_FREE(frame); - return NT_STATUS_NO_MEMORY; + status = dbwrap_do_locked(db, key, dbwrap_store_fn, ); + if (!NT_STATUS_IS_OK(status)) { + return status; } - status = dbwrap_record_store(rec, data, flags); - TALLOC_FREE(frame); - return status; + return state.status; +} + +struct dbwrap_delete_state { +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f816de5 s4: com: Replace erroneous inclusion of internal talloc.h header with external. from df41818 ctdb-daemon: Drop the implementation of CHECK_SRVIDS control https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f816de5636bb17ab09dd4b9c3e5b0249dc9b186f Author: Jeremy Allison <j...@samba.org> Date: Mon Aug 14 13:02:30 2017 -0700 s4: com: Replace erroneous inclusion of internal talloc.h header with external. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12932 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Aug 15 08:06:40 CEST 2017 on sn-devel-144 --- Summary of changes: source4/lib/com/com.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source4/lib/com/com.h b/source4/lib/com/com.h index e6be311..56cd210 100644 --- a/source4/lib/com/com.h +++ b/source4/lib/com/com.h @@ -20,8 +20,8 @@ #ifndef __SAMBA_COM_H__ #define __SAMBA_COM_H__ +#include #include "librpc/gen_ndr/misc.h" -#include "lib/talloc/talloc.h" struct com_context; struct tevent_context; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a2625c4 docs/smbget: Fix typo in options within man page from e74081c lib: auth: Store the netlogon_creds_cli_global_db pointer on the NULL context. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a2625c444554fc347b8339dbb9fc2243127ffb21 Author: Anoop C S <anoo...@redhat.com> Date: Wed Jul 26 17:54:52 2017 +0530 docs/smbget: Fix typo in options within man page `smbget` utility accepts '--user' as a valid argument. But still the man page specifies it as '--username'. So fixing the man page to reflect the current behaviour. Signed-off-by: Anoop C S <anoo...@redhat.com> Reviewed-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Jul 27 06:35:10 CEST 2017 on sn-devel-144 --- Summary of changes: docs-xml/manpages/smbget.1.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/smbget.1.xml b/docs-xml/manpages/smbget.1.xml index f254b10..c12b03d 100644 --- a/docs-xml/manpages/smbget.1.xml +++ b/docs-xml/manpages/smbget.1.xml @@ -22,7 +22,7 @@ -a, --guest -r, --resume -R, --recursive - -U, --username=STRING + -U, --user=STRING -w, --workgroup=STRING -n, --nonprompt -d, --debuglevel=INT @@ -76,7 +76,7 @@ --U, --username=username[%password] +-U, --user=username[%password] Username (and password) to use -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e74081c lib: auth: Store the netlogon_creds_cli_global_db pointer on the NULL context. via dbd3293 s3: clients: Use netlogon_creds_cli_close_global_db() in all normal exit paths. via 4cc104d lib: auth: Add a shutdown function for netlogon_creds_cli_global_db. via 74b5897 s3: rpcclient: Use rpcclient_msg_ctx as the long-lived talloc context for rpcclient_netlogon_creds. via b1450af s3: rpcclient: Use event context as the talloc parent of the rpcclient_msg_ctx. via 1d6b98c s3: rpcclient: Split out initialization and free of event context. via 1fb46b7 s3: rpc_client: Allocate struct db_context * off the local frame, as all other variables in this function. via 5c8a98c lib: cli: fname is a local variable already freed in the function scope, doesn't need to be on talloc_autofree_context() via c27a643 s4: schema: Allocate global_schema off the NULL context, not the talloc_autofree_context(). via 99e4bea lib: ldb: Python. Take care of freeing the passed in module description if ldb_register_module() fails. via 41b1f8a lib: ldb: Use NULL to allocate modules not talloc_autofree_context(). via fe2ac3e s4: COM: Remove talloc_autofree_context() from (unused) COM code. via 1c1fce7 lib: rpc: The registered interfaces are a lists of singletons that are never removed. via 34ca1b3 s4: modules. Fix missing TALLOC_CTX in module init function. from 4b56f80 Set log level for "Not authorative for" from 2 to 5 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e74081ce5d0f81024f7384816c589e5bc28baf80 Author: Jeremy Allison <j...@samba.org> Date: Mon Jul 24 16:14:00 2017 -0700 lib: auth: Store the netlogon_creds_cli_global_db pointer on the NULL context. Now we shutdown correctly it doesn't need the talloc_autofree_context(). Last use of talloc_autofree_context() ourside the talloc test code ! Please don't add it ever again :-). BUG: https://bugzilla.samba.org/show_bug.cgi?id=12932 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Jul 27 01:34:12 CEST 2017 on sn-devel-144 commit dbd32932463935cd47c55a9e1afdaccd7f6daf4d Author: Jeremy Allison <j...@samba.org> Date: Mon Jul 24 16:12:45 2017 -0700 s3: clients: Use netlogon_creds_cli_close_global_db() in all normal exit paths. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12932 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 4cc104d015bdfeb631c7c8f5252fc31727a128ca Author: Jeremy Allison <j...@samba.org> Date: Mon Jul 24 14:49:47 2017 -0700 lib: auth: Add a shutdown function for netlogon_creds_cli_global_db. Will allow us to move off the talloc_autofree_context(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=12932 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 74b589799e794cc8872a7d3845ced9f5087a8366 Author: Jeremy Allison <j...@samba.org> Date: Mon Jul 24 13:14:08 2017 -0700 s3: rpcclient: Use rpcclient_msg_ctx as the long-lived talloc context for rpcclient_netlogon_creds. Guaranteed to stay around until the command exits. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12932 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit b1450af1c3c7ddc0573510706d605eedecaff61c Author: Jeremy Allison <j...@samba.org> Date: Mon Jul 24 13:12:20 2017 -0700 s3: rpcclient: Use event context as the talloc parent of the rpcclient_msg_ctx. Give control over shutdown. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12932 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 1d6b98cdab4f0a400673cf967225214e858ab1ee Author: Jeremy Allison <j...@samba.org> Date: Mon Jul 24 13:10:30 2017 -0700 s3: rpcclient: Split out initialization and free of event context. Allows us to control shutdown. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12932 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 1fb46b76dbcf28d8c71ff1096c402953a90bcf5f Author: Jeremy Allison <j...@samba.org> Date: Mon Jul 24 12:58:29 2017 -0700 s3: rpc_client: Allocate struct db_context * off the local frame, as all other variables in this function. On success, netlogon_creds_cli_set_glo
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ffee37c torture: Add sharemode tests for SMB2 from 8865ded s3-printing: precreate DriverStore directories. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ffee37c243d016804b2394ea3b6a3aedd79a1f6b Author: Christof Schmitt <c...@samba.org> Date: Wed May 31 14:43:41 2017 -0700 torture: Add sharemode tests for SMB2 There are two pieces: Test access with different sharemodes through SMB and verify access, and also provide tests that can be used with file systems enforcing share modes outside of Samba. Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Jul 26 09:30:31 CEST 2017 on sn-devel-144 --- Summary of changes: selftest/knownfail | 1 + selftest/skip | 4 + source4/torture/smb2/sharemode.c | 609 + source4/torture/smb2/smb2.c| 5 + source4/torture/smb2/wscript_build | 1 + 5 files changed, 620 insertions(+) create mode 100644 source4/torture/smb2/sharemode.c Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index f41b99d..1b5a98c 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -140,6 +140,7 @@ ^samba4.smb2.getinfo.qfs_buffercheck # S4 does not do the INFO_LENGTH_MISMATCH/BUFFER_OVERFLOW thingy ^samba4.smb2.getinfo.qfile_buffercheck # S4 does not do the INFO_LENGTH_MISMATCH/BUFFER_OVERFLOW thingy ^samba4.smb2.getinfo.qsec_buffercheck # S4 does not do the BUFFER_TOO_SMALL thingy +^samba4.smb2.sharemode ^samba4.ntvfs.cifs.krb5.base.createx_access.createx_access\(.*\)$ ^samba4.rpc.lsa.forest.trust #Not fully provided by Samba4 ^samba4.blackbox.upgradeprovision.alpha13.ldapcmp_sd\(none\) # Due to something rewriting the NT ACL on DNS objects diff --git a/selftest/skip b/selftest/skip index fd9932a..c2c4553 100644 --- a/selftest/skip +++ b/selftest/skip @@ -64,6 +64,8 @@ ^samba3.*raw.qfsinfo ^samba3.*raw.sfileinfo.base ^samba3.smb2.hold-oplock# Not a test, but a way to block other clients for a test +^samba3.smb2.hold-sharemode # Not a test, but a way to block other clients for a test +^samba3.smb2.check-sharemode# Not a test, but a way to test sharemodes outside of Samba ^samba3.smb2.durable-open-disconnect# Not a test, but a way to create a disconnected durable ^samba3.smb2.scan # No tests ^samba3.smb2.oplock.levelii501 # No test yet @@ -75,6 +77,8 @@ ^samba4.raw.eas ^samba4.raw.hold-oplock# Not a test, but a way to block other clients for a test ^samba4.smb2.hold-oplock # Not a test, but a way to block other clients for a test +^samba4.smb2.hold-sharemode# Not a test, but a way to block other clients for a test +^samba4.smb2.check-sharemode# Not a test, but a way to test sharemodes outside of Samba ^samba4.raw.ping.pong # Needs second server to test ^samba4.rpc.samr.accessmask ^samba4.rpc.samr.passwords.*ncacn_np\(ad_dc_ntvfs\) # currently fails, possibly config issue diff --git a/source4/torture/smb2/sharemode.c b/source4/torture/smb2/sharemode.c new file mode 100644 index 000..f59927c --- /dev/null +++ b/source4/torture/smb2/sharemode.c @@ -0,0 +1,609 @@ +/* + Unix SMB/CIFS implementation. + + test suite for SMB2 sharemodes + + Copyright (C) Christof Schmitt 2017 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "libcli/smb2/smb2.h" +#include "libcli/smb2/smb2_calls.h" +#include "libcli/security/security.h" +#include "torture/torture.h" +#include "torture/smb2/proto.h" +#include "lib/tevent/tevent.h" + +#define BASEDIRHOLD "sharemode_hold_test" + +struct hold_sharemode_info { + const char *sharemode; + const char *filename; + struct smb2_handle handle; +} hold_sharemode_table[] = { + { "",BASEDIRHOLD "\\N&quo
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5005a3a libsmb: Enable "cli_notify" for SMB2+ via 1801134 libsmb: Add cli_smb2_notify via ad33964 libsmb: Add smb2cli_notify() from e684658 messaging: Remove "struct messaging_backend" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5005a3a6961d40fe349f76db67c980be7dc9f3ea Author: Volker Lendecke <v...@samba.org> Date: Tue Jul 25 12:30:47 2017 +0200 libsmb: Enable "cli_notify" for SMB2+ Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Jul 26 01:33:25 CEST 2017 on sn-devel-144 commit 18011343d80a28fb46894d712b22c84dce067342 Author: Volker Lendecke <v...@samba.org> Date: Tue Jul 25 12:12:02 2017 +0200 libsmb: Add cli_smb2_notify We have to do the parsing manually. Looking at librpc/gen_ndr/ndr_notify.c we have the following code snippet: size_FileName1_0 = strlen_m(r->FileName1); NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, >FileName1, size_FileName1_0, sizeof(uint16_t), CH_UTF16)); which means that we take strlen_m(r->FileName1) before we pull it off the wire. Not sure how to fix this, but that is clearly broken pidl output. Once that is fixed, we can convert this to ndr_pull_struct. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ad33964f8c85b67a2d2b451bece208d8bfb8cad6 Author: Volker Lendecke <v...@samba.org> Date: Tue Jul 25 12:11:37 2017 +0200 libsmb: Add smb2cli_notify() Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: ...{smb2cli_query_directory.c => smb2cli_notify.c} | 140 - libcli/smb/smbXcli_base.h | 26 libcli/smb/wscript | 1 + source3/libsmb/cli_smb2_fnum.c | 92 ++ source3/libsmb/cli_smb2_fnum.h | 5 + source3/libsmb/clifile.c | 10 +- 6 files changed, 187 insertions(+), 87 deletions(-) copy libcli/smb/{smb2cli_query_directory.c => smb2cli_notify.c} (51%) Changeset truncated at 500 lines: diff --git a/libcli/smb/smb2cli_query_directory.c b/libcli/smb/smb2cli_notify.c similarity index 51% copy from libcli/smb/smb2cli_query_directory.c copy to libcli/smb/smb2cli_notify.c index e6321ff..0a23cf9 100644 --- a/libcli/smb/smb2cli_query_directory.c +++ b/libcli/smb/smb2cli_notify.c @@ -1,7 +1,7 @@ /* Unix SMB/CIFS implementation. smb2 lib - Copyright (C) Volker Lendecke 2011 + Copyright (C) Volker Lendecke 2017 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -22,94 +22,69 @@ #include "lib/util/tevent_ntstatus.h" #include "smb_common.h" #include "smbXcli_base.h" +#include "librpc/gen_ndr/ndr_notify.h" -struct smb2cli_query_directory_state { +struct smb2cli_notify_state { uint8_t fixed[32]; - uint8_t dyn_pad[1]; + struct iovec *recv_iov; uint8_t *data; uint32_t data_length; }; -static void smb2cli_query_directory_done(struct tevent_req *subreq); - -struct tevent_req *smb2cli_query_directory_send(TALLOC_CTX *mem_ctx, - struct tevent_context *ev, - struct smbXcli_conn *conn, - uint32_t timeout_msec, - struct smbXcli_session *session, - struct smbXcli_tcon *tcon, - uint8_t level, - uint8_t flags, - uint32_t file_index, - uint64_t fid_persistent, - uint64_t fid_volatile, - const char *mask, - uint32_t outbuf_len) +static void smb2cli_notify_done(struct tevent_req *subreq); + +struct tevent_req *smb2cli_notify_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct smbXcli_conn *conn, + uint32_t timeo
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 890137c s3: libsmb: Fix use-after-free when accessing pointer *p. from 6c45db6 s4-drepl: Use tevent_schedule_immediate() in DsReplicaSync handler https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 890137cffedcaf88a9ff808c01335ee14fcfd8da Author: Thomas Jarosch <thomas.jaro...@intra2net.com> Date: Sat Jul 22 09:36:18 2017 -0700 s3: libsmb: Fix use-after-free when accessing pointer *p. talloc_asprintf_append() might call realloc() and therefore move the memory address of "path". BUG: https://bugzilla.samba.org/show_bug.cgi?id=12927 Signed-off-by: Thomas Jarosch <thomas.jaro...@intra2net.com> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Jul 22 22:45:05 CEST 2017 on sn-devel-144 --- Summary of changes: source3/libsmb/libsmb_dir.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/libsmb_dir.c b/source3/libsmb/libsmb_dir.c index 4a4e084..8038584 100644 --- a/source3/libsmb/libsmb_dir.c +++ b/source3/libsmb/libsmb_dir.c @@ -379,9 +379,9 @@ SMBC_opendir_ctx(SMBCCTX *context, char *options = NULL; char *workgroup = NULL; char *path = NULL; + size_t path_len = 0; uint16_t mode; uint16_t port = 0; -char *p = NULL; SMBCSRV *srv = NULL; SMBCFILE *dir = NULL; struct sockaddr_storage rem_ss; @@ -802,7 +802,7 @@ SMBC_opendir_ctx(SMBCCTX *context, /* Now, list the files ... */ -p = path + strlen(path); +path_len = strlen(path); path = talloc_asprintf_append(path, "\\*"); if (!path) { if (dir) { @@ -844,7 +844,7 @@ SMBC_opendir_ctx(SMBCCTX *context, * got would have been EINVAL rather * than ENOTDIR. */ -*p = '\0'; /* restore original path */ +path[path_len] = '\0'; /* restore original path */ if (SMBC_getatr(context, srv, path, , NULL, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 13f9192 s4:http/gensec: add missing tevent_req_done() to gensec_http_ntlm_update_done() via 5c1e2f5 winbindd: avoid refreshing sequence number when domain is offline via c819c7d winbindd: queryuser - only get group name if needed via e3a151e winbindd: cache name-to-sid from PAC based on lookup domain from 1dcacff vfs_ceph: fix cephwrap_chdir() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 13f91927e0f642e58c70d7b0b2f68df861ac661c Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 20 11:56:21 2017 +0200 s4:http/gensec: add missing tevent_req_done() to gensec_http_ntlm_update_done() This was missing in commit d718e92d5e145dccd492c46febc249e462ce50c6. Sadly we can't have automated tests for this as we only implement the client side for this protocol. I've tested with using: bin/smbtorture \ -W BLA --realm=BLA.BASE \ -s /dev/null -Uadministrator%A1b2C3d4 \ ncacn_http:w2k8r2-219[593,RpcProxy=w2k8r2-219.bla.base,HttpUseTls=false,HttpAuthOption=basic] \ rpc.epmapper.epmapper.Lookup_simple \ and: bin/smbtorture \ -W BLA --realm=BLA.BASE \ -s /dev/null -Uadministrator%A1b2C3d4 \ ncacn_http:w2k8r2-219[593,RpcProxy=w2k8r2-219.bla.base,HttpUseTls=false,HttpAuthOption=ntlm] \ rpc.epmapper.epmapper.Lookup_simple \ BUG: https://bugzilla.samba.org/show_bug.cgi?id=12919 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Jul 21 23:29:39 CEST 2017 on sn-devel-144 commit 5c1e2f564ba75212be9fc48f8a6788a017060420 Author: Uri Simchoni <u...@samba.org> Date: Wed Jun 7 20:34:33 2017 +0300 winbindd: avoid refreshing sequence number when domain is offline When there's no connectivity to the domain, avoid attempt to refresh sequence number. Before the change, this was avoided only if winbind offline logon was enabled. However, being able to operate based on cached data is desired even when offline logons are disabled (offline logons are about caching credentials for PAM authentication, a user may not want this and still want service from the SMB server during short AD disconnects). Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit c819c7d58f05692628eb9673dfdca5dc1d212d43 Author: Uri Simchoni <u...@samba.org> Date: Wed Jun 7 20:33:57 2017 +0300 winbindd: queryuser - only get group name if needed When calculating the user entry for a user, the primary group id *name* might be needed if it is part of a home dir / shell template (%g or %G). Only resolve primary group SID to primary group name if it is needed, thereby saving a round-trip to the DC (and better handling situations where it is disconnected). Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e3a151e2472d97891c97cc898f27f3ccf712bf35 Author: Uri Simchoni <u...@samba.org> Date: Wed Jun 7 20:33:24 2017 +0300 winbindd: cache name-to-sid from PAC based on lookup domain The name-to-sid lookup for trusted domains is not necessarily done against the domain - in AD member case it is done against the primary domain. Therefore the caching should also be done against the lookup domain. Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/winbindd/wb_queryuser.c | 26 -- source3/winbindd/winbindd_pam.c | 2 +- source3/winbindd/winbindd_util.c | 3 --- source4/lib/http/gensec/ntlm.c | 2 +- 4 files changed, 26 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/wb_queryuser.c b/source3/winbindd/wb_queryuser.c index 69b4c8d..1c91949 100644 --- a/source3/winbindd/wb_queryuser.c +++ b/source3/winbindd/wb_queryuser.c @@ -202,6 +202,8 @@ static void wb_queryuser_done(struct tevent_req *subreq) req, struct wb_queryuser_state); struct wbint_userinfo *info = state->info; NTSTATUS status, result; + bool need_group_name = false; + const char *tmpl = NULL; status = dcerpc_wbint_GetNssInfo_recv(subreq, info, ); TALLOC_FREE(subreq); @@ -236,7 +238,16 @@ static void wb_queryuser_done(struct tevent_req *subreq) return; } - if (state->info->primary_group_name == NULL) { + tmpl = lp_template_homedir(); + if
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7313e7c s4-torture: point out why we cannot validate MSZIP compressed files via c60ad39 librpc/ndr: add MSZIP compression for cabinet files via 43a1952 librpc/ndr: simplify cabinet file size calculation via 7c20a87 librpc/ndr: Use correct value for max compression size via a281612 librpc/ndr: Use MAX_WBITS zlib define and change memLevel in MSZIP code via 9ec74a3 librpc/ndr: remove unused ndr_cab_get_compression() function via 466d5e8 librpc: use DATA_BLOB in CFDATA structure via 1edf126 librpc/ndr: add helper functions to setup and free compression states. via 096efc9 librpc/ndr: add new MSZIP compression type for cabinet files via aa33aa6 librpc/ndr: add new ndr_compression_state via a44bce6 libndr/compression: pass down compressed length in ndr_pull_compression_start via 3b5442e librpc/ndr: remove trailing whitespace from compression file. via 9a2180c librpc:ndr_cab: Cast data pointer correctly via e54adf5 ndr_compression: use MAX_WBITS constant via 0181fcc smbd: Fix a connection run-down race condition from 1b7b7a9 examples: add winbindd.stp and a shell script to generate it https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7313e7c10df438fdf980ff9da80637df9f8dcb89 Author: Günther Deschner <g...@samba.org> Date: Tue May 23 15:50:55 2017 +0200 s4-torture: point out why we cannot validate MSZIP compressed files Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Jul 20 01:38:02 CEST 2017 on sn-devel-144 commit c60ad394fa0da0d8dfbd9f3336b422f26bed8378 Author: Aurelien Aptel <aap...@suse.com> Date: Tue May 23 12:09:28 2017 +0200 librpc/ndr: add MSZIP compression for cabinet files Signed-off-by: Aurelien Aptel <aap...@suse.com> Reviewed-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 43a1952b17c71b336af79411d9e26b5d91900998 Author: Aurelien Aptel <aap...@suse.com> Date: Tue May 23 15:41:24 2017 +0200 librpc/ndr: simplify cabinet file size calculation Signed-off-by: Aurelien Aptel <aap...@suse.com> Reviewed-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 7c20a87097f506215423ea7494956fd1d993e36d Author: Andreas Schneider <a...@samba.org> Date: Wed Jun 21 17:01:43 2017 +0200 librpc/ndr: Use correct value for max compression size Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a2816122f9a94b2edc0e464ed44353409357f182 Author: Günther Deschner <g...@samba.org> Date: Tue May 23 15:48:42 2017 +0200 librpc/ndr: Use MAX_WBITS zlib define and change memLevel in MSZIP code Guenther Signed-off-by: Günther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 9ec74a319fc6cbaf5a0159ef9323cd18e79c010f Author: Aurelien Aptel <aap...@suse.com> Date: Tue May 23 15:37:13 2017 +0200 librpc/ndr: remove unused ndr_cab_get_compression() function Signed-off-by: Aurelien Aptel <aap...@suse.com> Reviewed-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 466d5e814727046dd630d5503b43874ec46a365e Author: Aurelien Aptel <aap...@suse.com> Date: Tue May 23 15:31:44 2017 +0200 librpc: use DATA_BLOB in CFDATA structure Signed-off-by: Aurelien Aptel <aap...@suse.com> Reviewed-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 1edf126693b8bafe5f94a6ab4d34e0d21a05cb3d Author: Aurelien Aptel <aap...@suse.com> Date: Tue May 23 12:02:33 2017 +0200 librpc/ndr: add helper functions to setup and free compression states. Signed-off-by: Aurelien Aptel <aap...@suse.com> Reviewed-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 096efc93df490117b1de3bd2647bad52a7175a7f Author: Günther Deschner <g...@samba.org> Date: Tue May 23 12:02:10 2017 +0200 librpc/ndr: add new MSZIP compression type for cabinet files Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit aa33aa6e64b3306ffb777ed690a60c5576e8514b Author: Aurelien Aptel <aap...@suse.com> Date: Tue May 23 11:59:59 2017 +0200 librpc/ndr: add new ndr_compression_state
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via bd7eab1 s3:tests: Fix directory creation and deletion of test_nosymlinks() via b594e0c s3:tests: Fix directory creation and deletion of test_local_symlinks() from bc951ae docs: Fix a typo in cifsdd.8 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit bd7eab1639bb5eb70ff04b8f4b89373ca47daf08 Author: Andreas Schneider <a...@samba.org> Date: Tue Jul 18 12:29:16 2017 +0200 s3:tests: Fix directory creation and deletion of test_nosymlinks() This should fix flakey autobuild. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12914 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Jul 19 11:59:52 CEST 2017 on sn-devel-144 commit b594e0cdd2b68d262377cfe438253244b89d089c Author: Andreas Schneider <a...@samba.org> Date: Tue Jul 18 12:03:32 2017 +0200 s3:tests: Fix directory creation and deletion of test_local_symlinks() This should fix flakey autobuild. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12914 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/script/tests/test_smbclient_s3.sh | 174 ++ 1 file changed, 155 insertions(+), 19 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/script/tests/test_smbclient_s3.sh b/source3/script/tests/test_smbclient_s3.sh index f647fd7..203f2c2 100755 --- a/source3/script/tests/test_smbclient_s3.sh +++ b/source3/script/tests/test_smbclient_s3.sh @@ -1042,21 +1042,61 @@ EOF test_nosymlinks() { # Setup test dirs. -test_dir="$LOCAL_PATH/nosymlinks/test" +local_test_dir="$LOCAL_PATH/nosymlinks/test" +local_slink_name="$local_test_dir/source" +local_slink_target="$local_test_dir/nosymlink_target_file" -slink_name="$test_dir/source" -slink_target="$test_dir/target" -foobar_dir="$test_dir/foo/bar" -get_target="$test_dir/foo/bar/testfile" +share_test_dir="test" +share_foo_dir="$share_test_dir/foo" +share_foobar_dir="$share_test_dir/foo/bar" +share_target_file="$share_test_dir/foo/bar/testfile" -rm -rf $test_dir +rm -rf $local_test_dir -mkdir -p $test_dir -echo "$slink_target" > $slink_target -ln -s $slink_target $slink_name +local_nosymlink_target_file="nosymlink_target_file" +echo "$local_slink_target" > $local_nosymlink_target_file + +local_foobar_target_file="testfile" +echo "$share_target_file" > $local_foobar_target_file + +tmpfile=$PREFIX/smbclient_interactive_prompt_commands +cat > $tmpfile < $get_target +# Create the symlink locally +ln -s $local_slink_target $local_slink_name # Getting a file through a symlink name should fail. tmpfile=$PREFIX/smbclient_interactive_prompt_commands @@ -1136,6 +1176,33 @@ EOF echo "failed - NT_STATUS_ doing cd foo\\bar; get testfile on \\nosymlinks" return 1 fi + +# CLEANUP +rm -f $local_slink_name + +cat > $tmpfile < $tmpfile < $tmpfile < $tmpfile <
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5facd04 s3: smbclient: Add a test for the setmode command. via f1cc79a s3: libsmb: Reverse sense of 'clear all attributes', ignore attribute change in SMB2 to match SMB1. via 59f8951 Revert "s3:smbclient: Allow last dos attribute to be cleared" from 4cced4d s3:client: The smbspool krb5 wrapper needs negotiate for authentication https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5facd045efe88783ba078c14793d05439bcc5a4b Author: Jeremy Allison <j...@samba.org> Date: Fri Jul 14 16:09:50 2017 -0700 s3: smbclient: Add a test for the setmode command. Tested over SMB1 and SMB2. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12899 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Jul 18 14:05:18 CEST 2017 on sn-devel-144 commit f1cc79a46d56bda99c392d491d88479cd6427a32 Author: Jeremy Allison <j...@samba.org> Date: Mon Jul 17 10:37:15 2017 -0700 s3: libsmb: Reverse sense of 'clear all attributes', ignore attribute change in SMB2 to match SMB1. SMB1 uses attr == 0 to clear all attributes on a file (end up with FILE_ATTRIBUTE_NORMAL), and attr == FILE_ATTRIBUTE_NORMAL to mean ignore request attribute change. SMB2 uses exactly the reverse. Unfortunately as the cli_setatr() ABI is exposed inside libsmbclient, we must make the SMB2 cli_smb2_setatr() call export the same ABI as the SMB1 cli_setatr() which calls it. This means reversing the sense of the requested attr argument if it's zero or FILE_ATTRIBUTE_NORMAL. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12899 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit 59f89515051c1b68f2de6dc76cfcf126c71d1db0 Author: Jeremy Allison <j...@samba.org> Date: Mon Jul 17 10:38:36 2017 -0700 Revert "s3:smbclient: Allow last dos attribute to be cleared" Incorrect fix - this must be fixed inside cli_setatr(), not the callers. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12899 This reverts commit a4c3ee6767d768365a47bfda32a26cb7994b3787. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> --- Summary of changes: source3/client/client.c | 24 ++- source3/libsmb/cli_smb2_fnum.c| 23 ++ source3/script/tests/test_smbclient_s3.sh | 51 +++ 3 files changed, 77 insertions(+), 21 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/client.c b/source3/client/client.c index aa8d949..d8c96e6 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -4961,21 +4961,11 @@ int set_remote_attr(const char *filename, uint16_t new_attr, int mode) } if (mode == ATTR_SET) { - if (new_attr == old_attr) { - d_printf("attributes unchanged, cli_setatr skipped\n"); - return 0; - } new_attr |= old_attr; } else { new_attr = old_attr & ~new_attr; } - /* -* if we are clearing attributes - can't pass 0 in -* since that means "skip this field. See MS-FSCC section 2.6 -*/ - if (new_attr == 0) { - new_attr = FILE_ATTRIBUTE_NORMAL; - } + status = cli_setatr(cli, filename, new_attr, 0); if (!NT_STATUS_IS_OK(status)) { d_printf("cli_setatr failed: %s\n", nt_errstr(status)); @@ -5000,8 +4990,6 @@ int cmd_setmode(void) int mode = ATTR_SET; int err = 0; bool ok; - bool set = false; - bool unset = false; TALLOC_CTX *ctx = talloc_new(NULL); if (ctx == NULL) { return 1; @@ -5029,11 +5017,9 @@ int cmd_setmode(void) while (*s) { switch (*s++) { case '+': - set = true; mode = ATTR_SET; break; case '-': - unset = true; mode = ATTR_UNSET; break; case 'r': @@ -5065,12 +5051,8 @@ int cmd_setmode(void) DEBUG(2, ("perm set %d %d\n", attr[ATTR_SET], attr[ATTR_UNSET])); /* ignore return value: server might not store DOS attribu
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4cced4d s3:client: The smbspool krb5 wrapper needs negotiate for authentication via 5fe76a5 s3: smbd: Fix a read after free if a chained SMB1 call goes async. via 7f4e7cf s3/notifyd: ensure notifyd doesn't return from smbd_notifyd_init from 85b10a6 s3: drop build_env https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4cced4da4ca97f0c6db227e6b2c7e03c2e5c1f28 Author: Andreas Schneider <a...@samba.org> Date: Fri Jul 7 14:08:49 2017 +0200 s3:client: The smbspool krb5 wrapper needs negotiate for authentication If you create a new printer it doesn't have AuthInfoRequired set and so cups calls the backend with: AUTH_INFO_REQUIRED=none In this case we need to return: ATTR: auth-info-required=negotiate and return an error that we require authentication. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12886 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Jul 15 06:43:47 CEST 2017 on sn-devel-144 commit 5fe76a5474823ed7602938a07c9c43226a7882a3 Author: Jeremy Allison <j...@samba.org> Date: Thu Jul 13 12:06:58 2017 -0700 s3: smbd: Fix a read after free if a chained SMB1 call goes async. Reported to the Samba Team by Yihan Lian <lianyi...@360.cn>, a security researcher of Qihoo 360 GearTeam. Thanks a lot! smb1_parse_chain() incorrectly used talloc_tos() for the memory context of the chained smb1 requests. This gets freed between requests so if a chained request goes async, the saved request array also is freed, which causes a crash on resume. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12836 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 7f4e7cfd1b0bd917395c631a1a8195fffd13bbad Author: Ralph Boehme <s...@samba.org> Date: Fri Jul 14 16:38:36 2017 +0200 s3/notifyd: ensure notifyd doesn't return from smbd_notifyd_init Bug: https://bugzilla.samba.org/show_bug.cgi?id=12910 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/client/smbspool_krb5_wrapper.c | 29 +++-- source3/smbd/process.c | 2 +- source3/smbd/server.c | 8 +++- 3 files changed, 27 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/smbspool_krb5_wrapper.c b/source3/client/smbspool_krb5_wrapper.c index bf97d82..a72006a 100644 --- a/source3/client/smbspool_krb5_wrapper.c +++ b/source3/client/smbspool_krb5_wrapper.c @@ -95,17 +95,26 @@ int main(int argc, char *argv[]) /* If not set, then just call smbspool. */ if (env == NULL) { - CUPS_SMB_ERROR("AUTH_INFO_REQUIRED is not set"); -goto smbspool; + CUPS_SMB_DEBUG("AUTH_INFO_REQUIRED is not set - " + "execute smbspool"); + goto smbspool; } else { -CUPS_SMB_DEBUG("AUTH_INFO_REQUIRED=%s", env); -cmp = strcmp(env, "negotiate"); -/* If AUTH_INFO_REQUIRED != "negotiate" then call smbspool. */ -if (cmp != 0) { - CUPS_SMB_ERROR( -"AUTH_INFO_REQUIRED is not set to negotiate"); - goto smbspool; -} + CUPS_SMB_DEBUG("AUTH_INFO_REQUIRED=%s", env); + + cmp = strcmp(env, "username,password"); + if (cmp == 0) { + CUPS_SMB_DEBUG("Authenticate using username/password - " + "execute smbspool"); + goto smbspool; + } + + /* if AUTH_INFO_REQUIRED=none */ + cmp = strcmp(env, "negotiate"); + if (cmp != 0) { + CUPS_SMB_ERROR("Authentication unsupported"); + fprintf(stderr, "ATTR: auth-info-required=negotiate\n"); + return CUPS_BACKEND_AUTH_REQUIRED; + } } uid = getuid(); diff --git a/source3/smbd/process.c b/source3/smbd/process.c index a19b8b7..3765739 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1785,7 +1785,7 @@ static void construct_reply_chain(struct smbXsrv_connection
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a4c3ee6 s3:smbclient: Allow last dos attribute to be cleared from df0db9d vfs_fruit: don't use MS NFS ACEs with Windows clients https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a4c3ee6767d768365a47bfda32a26cb7994b3787 Author: Steve French <smfre...@gmail.com> Date: Thu Jul 13 13:57:53 2017 -0500 s3:smbclient: Allow last dos attribute to be cleared With the upgrade to SMB3.1.1 from cifs for smbclient, setmode no longer works when removing attributes, if the resultant attribute is 0 it is skipped (unlike for the old cifs setpathinfo). When clearing the final attribute, pass in ATTRIBUTE_NORMAL instead of zero. This also removes a redundant cli_setatr call when clearing attributes (cli_setatr was being called twice). BUG: https://bugzilla.samba.org/show_bug.cgi?id=12899 Signed-off-by: Steve French <sfre...@samba.org> Reviewed-by: Anne Marie Merritt <annemarie.merr...@primarydata.com> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Jul 14 02:43:47 CEST 2017 on sn-devel-144 --- Summary of changes: source3/client/client.c | 24 +--- 1 file changed, 21 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/client.c b/source3/client/client.c index d8c96e6..aa8d949 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -4961,11 +4961,21 @@ int set_remote_attr(const char *filename, uint16_t new_attr, int mode) } if (mode == ATTR_SET) { + if (new_attr == old_attr) { + d_printf("attributes unchanged, cli_setatr skipped\n"); + return 0; + } new_attr |= old_attr; } else { new_attr = old_attr & ~new_attr; } - + /* +* if we are clearing attributes - can't pass 0 in +* since that means "skip this field. See MS-FSCC section 2.6 +*/ + if (new_attr == 0) { + new_attr = FILE_ATTRIBUTE_NORMAL; + } status = cli_setatr(cli, filename, new_attr, 0); if (!NT_STATUS_IS_OK(status)) { d_printf("cli_setatr failed: %s\n", nt_errstr(status)); @@ -4990,6 +5000,8 @@ int cmd_setmode(void) int mode = ATTR_SET; int err = 0; bool ok; + bool set = false; + bool unset = false; TALLOC_CTX *ctx = talloc_new(NULL); if (ctx == NULL) { return 1; @@ -5017,9 +5029,11 @@ int cmd_setmode(void) while (*s) { switch (*s++) { case '+': + set = true; mode = ATTR_SET; break; case '-': + unset = true; mode = ATTR_UNSET; break; case 'r': @@ -5051,8 +5065,12 @@ int cmd_setmode(void) DEBUG(2, ("perm set %d %d\n", attr[ATTR_SET], attr[ATTR_UNSET])); /* ignore return value: server might not store DOS attributes */ - set_remote_attr(fname, attr[ATTR_SET], ATTR_SET); - set_remote_attr(fname, attr[ATTR_UNSET], ATTR_UNSET); + if (set) { + set_remote_attr(fname, attr[ATTR_SET], ATTR_SET); + } + if (unset) { + set_remote_attr(fname, attr[ATTR_UNSET], ATTR_UNSET); + } out: talloc_free(ctx); return err; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6746627 s3/vfs: rename SMB_VFS_STRICT_LOCK to SMB_VFS_STRICT_LOCK_CHECK via c9172c5 s3/vfs: remove SMB_VFS_STRICT_UNLOCK via 77cbced s3:smbd: consistently use talloc_tos() memory for rpc_pipe_open_interface() from 305eb1b vfs_fruit: fix a typo https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 67466271c26ca10c6bce6a51f9dd97a22258f8a4 Author: Ralph Boehme <s...@samba.org> Date: Sun Jul 9 14:34:10 2017 +0200 s3/vfs: rename SMB_VFS_STRICT_LOCK to SMB_VFS_STRICT_LOCK_CHECK As per MS-SMB2 and MS-FSA and our SMB_VFS_STRICT_LOCK implementation, we're merely testing for locks, not setting any. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12887 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Jul 11 03:37:44 CEST 2017 on sn-devel-144 commit c9172c5a4505eb18cb4645e2436eabcc93ec67e1 Author: Ralph Boehme <s...@samba.org> Date: Sun Jul 9 14:21:21 2017 +0200 s3/vfs: remove SMB_VFS_STRICT_UNLOCK It's just a noop, so let's remove it. SMB_VFS_STRICT_LOCK doesn't set logs, it just checks for the presence of incompatible locks. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12887 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 77cbced5d2f8bf65c8d02f5edfaba8cbad519d08 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Jul 10 11:29:58 2017 +0200 s3:smbd: consistently use talloc_tos() memory for rpc_pipe_open_interface() The result is only used temporary and should not be leaked on a long term memory context as 'conn'. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12890 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: examples/VFS/skel_opaque.c| 16 ++- examples/VFS/skel_transparent.c | 18 +++- source3/include/vfs.h | 22 - source3/include/vfs_macros.h | 13 ++ source3/locking/locking.c | 6 +-- source3/locking/proto.h | 6 +-- source3/modules/vfs_btrfs.c | 9 +--- source3/modules/vfs_catia.c | 28 +++- source3/modules/vfs_default.c | 47 ++-- source3/modules/vfs_full_audit.c | 30 - source3/modules/vfs_glusterfs.c | 3 +- source3/modules/vfs_time_audit.c | 30 +++-- source3/smbd/aio.c| 28 ++-- source3/smbd/lanman.c | 20 - source3/smbd/reply.c | 93 ++- source3/smbd/smb2_ioctl_filesys.c | 5 +-- source3/smbd/smb2_read.c | 8 +--- source3/smbd/smb2_write.c | 4 +- source3/smbd/vfs.c| 18 +++- 19 files changed, 114 insertions(+), 290 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/VFS/skel_opaque.c b/examples/VFS/skel_opaque.c index fed9d2f..614dcff 100644 --- a/examples/VFS/skel_opaque.c +++ b/examples/VFS/skel_opaque.c @@ -687,21 +687,14 @@ static bool skel_brl_cancel_windows(struct vfs_handle_struct *handle, return false; } -static bool skel_strict_lock(struct vfs_handle_struct *handle, -struct files_struct *fsp, -struct lock_struct *plock) +static bool skel_strict_lock_check(struct vfs_handle_struct *handle, + struct files_struct *fsp, + struct lock_struct *plock) { errno = ENOSYS; return false; } -static void skel_strict_unlock(struct vfs_handle_struct *handle, - struct files_struct *fsp, - struct lock_struct *plock) -{ - ; -} - static NTSTATUS skel_translate_name(struct vfs_handle_struct *handle, const char *mapped_name, enum vfs_translate_direction direction, @@ -1022,8 +1015,7 @@ struct vfs_fn_pointers skel_opaque_fns = { .brl_lock_windows_fn = skel_brl_lock_windows, .brl_unlock_windows_fn = skel_brl_unlock_windows, .brl_cancel_windows_fn = skel_brl_cancel_windows, - .strict_lock_fn = skel_strict_lock, - .strict_unlock_fn = skel_strict_unlock, + .strict_lock_check_fn = skel_strict_lock_check, .translate_name_fn = skel_translate_name, .fsctl_fn = skel_fsctl, .readdir_attr_fn = skel_readdir_attr, diff --git a/examples/VFS/skel_transparent.c b/examples/VFS/skel_transparent.c index d9123e0..2f59a3d 100
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5eccc2f messaging: Remove messaging_handler_send via 197186a notifyd: Remove notifyd_handler_done via 9430fab notifyd: Use messaging_register for MSG_SMB_NOTIFY_DB via dc39bb4 notifyd: Use messaging_register for MSG_SMB_NOTIFY_GET_DB via db15feb notifyd: Use messaging_register for MSG_SMB_NOTIFY_TRIGGER via b6079af notifyd: Use messaging_register for MSG_SMB_NOTIFY_REC_CHANGE via 0c1e08b messaging: make messaging_rec_create public via b8dccd1 notifyd: Avoid an if-expression via d0a7bcc notifyd: Consolidate two #ifdef CLUSTER into one via 939576d notifyd: Only ask for messaging_ctdb_conn when clustering via b6d6f67 Add support for passing the max_referral_level into the cli call to get a DFS referral. This is being done so I can write tests of the DFS referral code on the server side. from 1de4390 unittests: Do not install the test_dummy rpc module https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5eccc2fd0072409f166c63e6876266f926411423 Author: Volker Lendecke <v...@samba.org> Date: Sat Jun 24 09:01:46 2017 +0200 messaging: Remove messaging_handler_send This did not really take off, notifyd was the only user Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Jul 7 05:11:48 CEST 2017 on sn-devel-144 commit 197186a1fcc2c190fac9a16893234c337e6ec01c Author: Volker Lendecke <v...@samba.org> Date: Sat Jun 24 08:57:18 2017 +0200 notifyd: Remove notifyd_handler_done Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 9430fab61cb746e590db307af37219f8f29b7fd8 Author: Volker Lendecke <v...@samba.org> Date: Sat Jun 24 08:56:35 2017 +0200 notifyd: Use messaging_register for MSG_SMB_NOTIFY_DB Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit dc39bb45624f8d6859dadc3c9a9a85793a5a7d0d Author: Volker Lendecke <v...@samba.org> Date: Sat Jun 24 08:48:45 2017 +0200 notifyd: Use messaging_register for MSG_SMB_NOTIFY_GET_DB Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit db15feb162326cb03fb06df24bcdafa5d5cb3087 Author: Volker Lendecke <v...@samba.org> Date: Sat Jun 24 08:45:17 2017 +0200 notifyd: Use messaging_register for MSG_SMB_NOTIFY_TRIGGER Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b6079af1c41481714ac981fdd19f89ee197b4200 Author: Volker Lendecke <v...@samba.org> Date: Sat Jun 24 08:38:53 2017 +0200 notifyd: Use messaging_register for MSG_SMB_NOTIFY_REC_CHANGE Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 0c1e08b5901e54c70cf72c74837a8ed8cc77f0b8 Author: Volker Lendecke <v...@samba.org> Date: Sat Jun 24 08:38:19 2017 +0200 messaging: make messaging_rec_create public Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b8dccd11ea3d43b9ee51811c1ce7d81b91a549ca Author: Volker Lendecke <v...@samba.org> Date: Wed Jul 5 09:37:14 2017 +0200 notifyd: Avoid an if-expression Best reviewed with "git show -b -U10" Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit d0a7bccae9856aba44a057c09499aa0de6b21862 Author: Volker Lendecke <v...@samba.org> Date: Wed Jul 5 09:34:51 2017 +0200 notifyd: Consolidate two #ifdef CLUSTER into one Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 939576d968d1e0159456baf6dd1e3c454b98995a Author: Volker Lendecke <v...@samba.org> Date: Fri Jun 16 15:20:22 2017 +0200 notifyd: Only ask for messaging_ctdb_conn when clustering Without clustering, messaging_ctdb_conn will fail anyway. Review with "git show -b". Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b6d6f67bad397f30b6b5779c4e8ba8bf12f49d4b Author: Richard Sharpe <richard.sha...@primarydata.com> Date: Mon Jun 26 09:43:31 2017 -0700 Add support for passing the max_referral_level into the cli call to get a DFS referral. This is being done so I can write tests of the DFS referral code on the server side. Signed-off-by: Richard Sharpe <richard.sha...@primarydata.com>
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 51c1a2a s3: VFS: Change SMB_VFS_CONNECTPATH to take const struct smb_filename * instead of const char *. via a665ed4 S3: smbd: Finish plumbing struct smb_filename * through the check_name() stack. via f2588ed s3: smbd: Add missing out of memory check. via c29438f s3: VFS: Change SMB_VFS_REALPATH to take and return struct smb_filename * instead of char *. via bd9285b s3: VFS: Change SMB_VFS_GETWD to return struct smb_filename * instead of char *. via 6acb0d6 s3: VFS: Change SMB_VFS_CHDIR to use const struct smb_filename * instead of const char *. from 73bee8b show-deleted: Rename attr_filter to exclude_filter for clarity https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 51c1a2a45861c725f756f60ca05e6d1fa4ca34c6 Author: Jeremy Allison <j...@samba.org> Date: Fri Jun 30 13:37:03 2017 -0700 s3: VFS: Change SMB_VFS_CONNECTPATH to take const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Jul 1 07:20:28 CEST 2017 on sn-devel-144 commit a665ed4eea92adba91195f8096c93a2dfd31dbe4 Author: Jeremy Allison <j...@samba.org> Date: Fri Jun 30 11:59:20 2017 -0700 S3: smbd: Finish plumbing struct smb_filename * through the check_name() stack. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit f2588ed689b813d10034c117b02a3399df63ad4f Author: Jeremy Allison <j...@samba.org> Date: Fri Jun 30 11:34:13 2017 -0700 s3: smbd: Add missing out of memory check. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit c29438f8238c3cf436e126c99f6f9f6bcca4efaf Author: Jeremy Allison <j...@samba.org> Date: Fri Jun 30 11:32:59 2017 -0700 s3: VFS: Change SMB_VFS_REALPATH to take and return struct smb_filename * instead of char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit bd9285b19741128bae501b721d9e63dd9a9bd833 Author: Jeremy Allison <j...@samba.org> Date: Thu Jun 29 14:32:47 2017 -0700 s3: VFS: Change SMB_VFS_GETWD to return struct smb_filename * instead of char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit 6acb0d6ca08d72f776d3ba9dc934261a481aa737 Author: Jeremy Allison <j...@samba.org> Date: Thu Jun 29 11:29:33 2017 -0700 s3: VFS: Change SMB_VFS_CHDIR to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> --- Summary of changes: examples/VFS/skel_opaque.c| 12 +- examples/VFS/skel_transparent.c | 20 +-- lib/util/memcache.c | 1 + source3/include/vfs.h | 36 +++-- source3/include/vfs_macros.h | 32 ++--- source3/modules/vfs_acl_common.c | 27 ++-- source3/modules/vfs_cap.c | 62 +++- source3/modules/vfs_catia.c | 50 +-- source3/modules/vfs_ceph.c| 37 +++-- source3/modules/vfs_default.c | 46 -- source3/modules/vfs_dirsort.c | 10 +- source3/modules/vfs_fake_dfq.c| 57 +--- source3/modules/vfs_full_audit.c | 36 ++--- source3/modules/vfs_glusterfs.c | 36 +++-- source3/modules/vfs_media_harmony.c | 60 source3/modules/vfs_netatalk.c| 25 ++-- source3/modules/vfs_preopen.c | 3 +- source3/modules/vfs_shadow_copy2.c| 105 -- source3/modules/vfs_snapper.c | 84 +++ source3/modules/vfs_time_audit.c | 37 +++-- source3/modules/vfs_unityed_media.c | 41 +++--- source3/pri
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 37db3d2 WHATSNEW: Fix typo... via 8ee4f82 auth/ntlmssp: enforce NTLMSSP_NEGOTIATE_NTLM2 for the NTLMv2 client case via acc1659 s3: smbd: fix regression with non-wide symlinks to directories over SMB3. via f1f388e s3: smbd: Add regression test for non-wide symlinks to directories fail over SMB3. from bcfa12c ctdb-protocol: Do not pass tdb open flags to DB attach controls https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 37db3d22e2cffae61398f5452fbe24b55a7da15b Author: Karolin Seeger <ksee...@samba.org> Date: Mon Jun 26 13:18:50 2017 +0200 WHATSNEW: Fix typo... and add some new/changed parameters. Signed-off-by: Karolin Seeger <ksee...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Jun 27 03:19:19 CEST 2017 on sn-devel-144 commit 8ee4f8236830eb3fa1b273fa6927792a800f86bd Author: Stefan Metzmacher <me...@samba.org> Date: Sat Jun 24 13:16:03 2017 +0200 auth/ntlmssp: enforce NTLMSSP_NEGOTIATE_NTLM2 for the NTLMv2 client case Some servers may not announce the NTLMSSP_NEGOTIATE_NTLM2 (a.k.a. NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) bit. But if we're acting as a client using NTLMv2 we need to enforce this flag, because it's not really a negotiationable in that case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12862 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit acc16592b451905dabc093f1d261e93cd3b59520 Author: Daniel Kobras <d.kob...@science-computing.de> Date: Fri Jun 23 15:39:21 2017 +0200 s3: smbd: fix regression with non-wide symlinks to directories over SMB3. The errno returned by open() is ambiguous when called with flags O_NOFOLLOW and O_DIRECTORY on a symlink. With ELOOP, we know for certain that we've tried to open a symlink. With ENOTDIR, we might have hit a symlink, and need to perform further checks to be sure. Adjust non_widelink_open() accordingly. This fixes a regression where symlinks to directories within the same share were no longer followed for some call paths on systems returning ENOTDIR in the above case. Also remove the knownfail added in previous commit. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12860 Signed-off-by: Daniel Kobras <d.kob...@science-computing.de> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit f1f388ef80a6516c2f44b7778420f8ffe28c6471 Author: Jeremy Allison <j...@samba.org> Date: Fri Jun 23 11:12:22 2017 -0700 s3: smbd: Add regression test for non-wide symlinks to directories fail over SMB3. Mark as knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12860 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> --- Summary of changes: WHATSNEW.txt | 52 +++-- auth/ntlmssp/ntlmssp_util.c | 21 selftest/target/Samba3.pm | 8 + source3/script/tests/test_smbclient_s3.sh | 55 +++ source3/smbd/open.c | 24 -- 5 files changed, 133 insertions(+), 27 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 8b646f9..cca7e0b 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -51,7 +51,7 @@ value 1024-1300 to 49152-65535. This port range is not only used by a Samba AD DC but also applies to all other server roles including NT4-style domain controllers. The new value has been defined by Microsoft in Windows Server 2008 and newer versions. To make it easier for Administrators to control -those port ranges we use the same default and make it configureable with the +those port ranges we use the same default and make it configurable with the option: 'rpc server dynamic port range'. The 'rpc server port' option sets the first available port from the new @@ -76,7 +76,6 @@ authentication, SMB and RPC authorization is covered, however password changes are not at this stage, and this support is not currently backed by a testsuite. - Query record for open file or directory --- @@ -85,29 +84,6 @@ queried through the 'net tdb locking' command. In clustered Samba this can be useful to determine the file or directory triggering corresponding "hot" record warnings in ctdb. - -Parameter changes -- - -The "strict sync" global p
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 38581bc lib: Use ctdb_protocol instead of ctdb_private via a433f1a lib: Give util_paths.c its own header via 5757d9b net: Dump data for net_g_lock dump from 06cdf8d build: fix build of vfs_posix_eadb module https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 38581bc116ebf9d622d99988ca785c2d353c75d6 Author: Volker Lendecke <v...@samba.org> Date: Fri Jun 9 08:48:21 2017 +0200 lib: Use ctdb_protocol instead of ctdb_private ctdb_private is much broader. Right now we implement the protocol ourselves. In the future, we might switch to the native ctdb client implementation defined in ctdb_client.h, but that's a different project :-) Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Jun 24 05:33:41 CEST 2017 on sn-devel-144 commit a433f1a75793b192612043147c9cb1ba1eb28b3f Author: Volker Lendecke <v...@samba.org> Date: Thu Jun 22 16:10:52 2017 +0200 lib: Give util_paths.c its own header Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 5757d9bf75a5f3ade82c00c98e01c5a8e38aaa28 Author: Volker Lendecke <v...@samba.org> Date: Thu Jun 8 12:51:19 2017 +0200 net: Dump data for net_g_lock dump 4d404f2 added user-data for a g_lock. Print it in net g_lock dump. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: lib/ldb-samba/ldb_wrap.c | 1 + lib/util/modules.c | 1 + lib/util/samba_util.h | 25 --- lib/util/util_paths.c | 1 + source3/lib/util_procid.h => lib/util/util_paths.h | 37 -- libgpo/gpext/gpext.c | 1 + source3/intl/lang_tdb.c| 1 + source3/lib/ctdbd_conn.c | 3 +- source3/lib/dbwrap/dbwrap_ctdb.c | 2 +- source3/utils/net_g_lock.c | 1 + source4/torture/drs/rpc/dssync.c | 1 + source4/torture/drs/rpc/msds_intid.c | 1 + source4/torture/rpc/dsgetinfo.c| 1 + 13 files changed, 38 insertions(+), 38 deletions(-) copy source3/lib/util_procid.h => lib/util/util_paths.h (54%) Changeset truncated at 500 lines: diff --git a/lib/ldb-samba/ldb_wrap.c b/lib/ldb-samba/ldb_wrap.c index 838306f..9959b04 100644 --- a/lib/ldb-samba/ldb_wrap.c +++ b/lib/ldb-samba/ldb_wrap.c @@ -35,6 +35,7 @@ #include "dsdb/samdb/samdb.h" #include "param/param.h" #include "../lib/util/dlinklist.h" +#include "lib/util/util_paths.h" #include #undef DBGC_CLASS diff --git a/lib/util/modules.c b/lib/util/modules.c index cf52594..5d49ed9 100644 --- a/lib/util/modules.c +++ b/lib/util/modules.c @@ -22,6 +22,7 @@ #include "includes.h" #include "dynconfig/dynconfig.h" #include "lib/util/samba_modules.h" +#include "lib/util/util_paths.h" #include "system/filesys.h" #include "system/dir.h" diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h index 7a74617..0bb04b3 100644 --- a/lib/util/samba_util.h +++ b/lib/util/samba_util.h @@ -696,31 +696,6 @@ int samba_runcmd_recv(struct tevent_req *req, int *perrno); void samba_start_debugger(void); #endif -/** - * @brief Returns an absolute path to a file in the Samba modules directory. - * - * @param name File to find, relative to MODULESDIR. - * - * @retval Pointer to a string containing the full path. - **/ -char *modules_path(TALLOC_CTX *mem_ctx, const char *name); - -/** - * @brief Returns an absolute path to a file in the Samba data directory. - * - * @param name File to find, relative to CODEPAGEDIR. - * - * @retval Pointer to a talloc'ed string containing the full path. - **/ -char *data_path(TALLOC_CTX *mem_ctx, const char *name); - -/** - * @brief Returns the platform specific shared library extension. - * - * @retval Pointer to a const char * containing the extension. - **/ -const char *shlib_ext(void); - /* * Samba code should use samba_tevent_context_init() instead of * tevent_context_init() in order to get the debug output. diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c index 0baa680..0473557 100644 --- a/lib/util/util_paths.c +++ b/lib/util/util_paths.c @@ -23,6 +23,7 @@ #include "includes.h" #include "dynconfig/dynconfig.h" +#include "lib/util/util_paths.h" /**
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 03042b8 Bug 15852. There are valid paths where conn->lsa_pipe_tcp->transport is NULL. Protect against this. from e9b4978 tevent: version 0.9.32 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 03042b85c8140842633b36f3124e504b97b852a1 Author: Richard Sharpe <richard.sha...@primarydata.com> Date: Tue Jun 20 12:40:39 2017 -0700 Bug 15852. There are valid paths where conn->lsa_pipe_tcp->transport is NULL. Protect against this. Based on a suggestion from Metze. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12852 Signed-off-by: Richard Sharpe <realrichardsha...@gmail.com> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Jun 22 23:16:46 CEST 2017 on sn-devel-144 --- Summary of changes: source3/winbindd/winbindd_cm.c | 8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 9b5054c..b24a5f2 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -2926,10 +2926,12 @@ static NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain *domain, conn = >conn; - if (conn->lsa_pipe_tcp && + /* +* rpccli_is_connected handles more error cases +*/ + if (rpccli_is_connected(conn->lsa_pipe_tcp) && conn->lsa_pipe_tcp->transport->transport == NCACN_IP_TCP && - conn->lsa_pipe_tcp->auth->auth_level >= DCERPC_AUTH_LEVEL_INTEGRITY && - rpccli_is_connected(conn->lsa_pipe_tcp)) { + conn->lsa_pipe_tcp->auth->auth_level >= DCERPC_AUTH_LEVEL_INTEGRITY) { goto done; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 232abcc s3: smbd: When deleting an fsp pointer ensure we don't keep any references to it around. from a2436b6 messaging: Deliver messages only once https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 232abcc93277b8c6235b1656bfcdcbac5688ed48 Author: Jeremy Allison <j...@samba.org> Date: Tue Jun 20 11:20:38 2017 -0700 s3: smbd: When deleting an fsp pointer ensure we don't keep any references to it around. Based on a suggestion from <l...@zadarastorage.com> https://bugzilla.samba.org/show_bug.cgi?id=12818 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Jun 22 00:12:49 CEST 2017 on sn-devel-144 --- Summary of changes: source3/smbd/files.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/files.c b/source3/smbd/files.c index 6d0f05b..303ab7b 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -552,9 +552,7 @@ void file_free(struct smb_request *req, files_struct *fsp) * Clear all possible chained fsp * pointers in the SMB2 request queue. */ - if (req != NULL && req->smb2req) { - remove_smb2_chained_fsp(fsp); - } + remove_smb2_chained_fsp(fsp); /* Drop all remaining extensions. */ vfs_remove_all_fsp_extensions(fsp); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a2436b6 messaging: Deliver messages only once via 46a1ae5 dbwrap: Remove unused dbwrap_file via fe1d17a dbwrap: Remove unused dbwrap_cache via ac656f3 lib: Fix typos via e0aec28 ctdb: Fix typos via a7504f5 tevent: Simplify create_immediate via ce9e92c lib: Give messages_ctdbd.c its own header via c8f05f9 messaging: Use size_t for array sizes from f393edd selftest: Give tmux a bit of time to establish https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a2436b67e5dd47d955a3bea2b83e0693b627ab96 Author: Volker Lendecke <v...@samba.org> Date: Sat Jun 17 08:48:16 2017 +0200 messaging: Deliver messages only once This survived an autobuild, so no subsystem strictly needs this anymore. In particular the notify subsystem has been rewritten. Why this patch? It removes some complexity from core code, and it reduces the potential memory overconsumption: Right now I'm working on a g_lock_ping_pong test. This test does a lot of messaging_filtered_read_send calls in a tight loop on a nested event context. With the current code we let the messaging_filtered_read code consume the message that arrives, but it also posts it for consumption by the main event context attached to the messaging context with its "classic" callback. This test never comes back to the main event context, so it accumulates more and more self-posted messages. That's just unnecessary, given that due to the successful autobuild nothing but the read1 test makes use of the "multicasting" of messages. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Jun 21 07:30:39 CEST 2017 on sn-devel-144 commit 46a1ae5d71dd5266d87a3563ca8e800912138327 Author: Volker Lendecke <v...@samba.org> Date: Fri May 26 18:48:32 2017 +0200 dbwrap: Remove unused dbwrap_file This has stopped working ages ago. The idea is clear, but if someone wants to revive it, I think it needs a completely fresh start. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit fe1d17a48f53b10b3bea6b84685dbb3f282e086f Author: Volker Lendecke <v...@samba.org> Date: Fri May 26 18:47:23 2017 +0200 dbwrap: Remove unused dbwrap_cache Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ac656f3ddd70053260ddc2d191d1a386841d7270 Author: Volker Lendecke <v...@samba.org> Date: Thu Jun 8 12:20:15 2017 +0200 lib: Fix typos Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e0aec28d6fcf45dd983d00f8cfbb12d49f7d3eba Author: Volker Lendecke <v...@samba.org> Date: Thu Jun 8 11:44:36 2017 +0200 ctdb: Fix typos Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a7504f555eff101a10ded653ceac98d8294c1659 Author: Volker Lendecke <v...@samba.org> Date: Sat Jun 17 21:26:27 2017 +0200 tevent: Simplify create_immediate Not much change, just 9 lines less of code. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ce9e92c114ef296e34017c067ed064388864309c Author: Volker Lendecke <v...@samba.org> Date: Thu Jun 1 19:25:48 2017 +0200 lib: Give messages_ctdbd.c its own header Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit c8f05f97361998b32ec452b7dbadf5f80aa52a09 Author: Volker Lendecke <v...@samba.org> Date: Sat Jun 17 09:46:43 2017 +0200 messaging: Use size_t for array sizes We use talloc_realloc, that takes size_t. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: ctdb/client/client.h | 4 +- lib/dbwrap/dbwrap_cache.c | 227 --- lib/dbwrap/dbwrap_cache.h | 28 -- lib/dbwrap/dbwrap_file.c | 423 - lib/dbwrap/dbwrap_file.h | 33 -- lib/dbwrap/wscript_build | 2 +- lib/tevent/tevent.c| 11 +- source3/include/messages.h | 8 - source3/lib/ctdb_dummy.c | 1 + source3/lib/ctdbd_conn.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d7ccf0d messaging: Fix queueing on FreeBSD via b67262b ldb: Fix CID 1412926 Unchecked return value via 67040cf pidl: Fix array range checks in python output from e60aeb6 s3:tests: Add test for smbclient -UDOMAIN+username https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d7ccf0d977c39d49c29a4abb1d0b3e2f7a406016 Author: Volker Lendecke <v...@samba.org> Date: Wed Nov 23 16:51:25 2016 +0100 messaging: Fix queueing on FreeBSD FreeBSD does not do the nice blocking send that Linux does. Instead, it returns ENOBUFS if the dst socket is full. According to the manpage you have to do polling. Try with exponential backoff, at the end try once a second forever. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Jun 20 23:03:11 CEST 2017 on sn-devel-144 commit b67262b40a924d5fa6576aacd2409ace808c730d Author: Volker Lendecke <v...@samba.org> Date: Tue Jun 20 14:50:41 2017 +0200 ldb: Fix CID 1412926 Unchecked return value Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 67040cf61232dd1cdcc820237919ac1e073c31c2 Author: Volker Lendecke <v...@samba.org> Date: Tue Jun 20 15:31:18 2017 +0200 pidl: Fix array range checks in python output Without this, we generated code like if (ndr_table_dnsserver.num_calls < 0) { PyErr_SetString(PyExc_TypeError, "Internal Error, ndr_interface_call missing for py_DnssrvOperation_ndr_pack"); return NULL; } call = _table_dnsserver.calls[0]; This does not really make sense, and Coverity found comparing the unsigned num_calls against <0 a bit pointless. Should fix 138 Coverity findings and make the code a bit more correct. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: lib/ldb/tests/ldb_msg.c | 3 ++- pidl/lib/Parse/Pidl/Samba4/Python.pm | 9 ++--- source3/lib/messages_dgm.c | 37 +++- 3 files changed, 44 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/tests/ldb_msg.c b/lib/ldb/tests/ldb_msg.c index 5261a73..e665d55 100644 --- a/lib/ldb/tests/ldb_msg.c +++ b/lib/ldb/tests/ldb_msg.c @@ -84,7 +84,8 @@ static void test_ldb_msg_find_duplicate_val(void **state) struct ldb_val dummy; struct ldb_val *dupe = /* so we can tell it was modified to NULL, not left as NULL */ - ldb_msg_add_empty(msg, "el1", 0, ); + ret = ldb_msg_add_empty(msg, "el1", 0, ); + assert_int_equal(ret, LDB_SUCCESS); for (i = 0; i < 5; i++) { add_uint_value(test_ctx, msg, "el1", i); diff --git a/pidl/lib/Parse/Pidl/Samba4/Python.pm b/pidl/lib/Parse/Pidl/Samba4/Python.pm index 79beb2e..f418ac4 100644 --- a/pidl/lib/Parse/Pidl/Samba4/Python.pm +++ b/pidl/lib/Parse/Pidl/Samba4/Python.pm @@ -521,7 +521,8 @@ sub PythonFunctionStruct() $self->pidl("DATA_BLOB blob;"); $self->pidl("enum ndr_err_code err;"); $self->pidl(""); - $self->pidl("if (ndr_table_$iface\.num_calls < $fn->{OPNUM}) {"); + $self->pidl("if (ndr_table_$iface\.num_calls < " . ($fn->{OPNUM}+1) . + ") {"); $self->indent; $self->pidl("PyErr_SetString(PyExc_TypeError, \"Internal Error, ndr_interface_call missing for py_$name\_ndr_pack\");"); $self->pidl("return NULL;"); @@ -633,7 +634,8 @@ sub PythonFunctionStruct() $self->pidl("struct ndr_pull *pull = NULL;"); $self->pidl("enum ndr_err_code err;"); $self->pidl(""); - $self->pidl("if (ndr_table_$iface\.num_calls < $fn->{OPNUM}) {"); + $self->pidl("if (ndr_table_$iface\.num_calls < " . ($fn->{OPNUM}+1) . + ") {"); $self->indent; $self->pidl("PyErr_SetString(PyExc_TypeError, \"Internal Error, ndr_interface_call missing for py_$name\_ndr_unpack\");"); $self->pidl("return NULL;"); @@ -797,7 +799,8 @@ sub PythonFunctionStruct() $self->pidl("PyObject *ret;"); $self->pidl("char *retstr;"); $self->pidl(""); - $self->pidl("if (ndr_table_$i
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8e43af0 s3: VFS: Change SMB_VFS_SYMLINK to use const struct smb_filename * instead of const char *. via 6ae2d86 s3: VFS: Change SMB_VFS_READLINK to use const struct smb_filename * instead of const char *. via 4ad426a s3: VFS: Change SMB_VFS_STATVFS to use const struct smb_filename * instead of const char *. via fc92d45 s3: VFS: Change SMB_VFS_LINK to use const struct smb_filename * instead of const char *. via 0da7641 s3: VFS: Change SMB_VFS_GET_QUOTA to use const struct smb_filename * instead of const char *. via 0037815 s3: VFS: Change SMB_VFS_DISK_FREE to use const struct smb_filename * instead of const char *. via 730de8e s3: VFS: Change SMB_VFS_CHFLAGS to use const struct smb_filename * instead of const char *. via c3d4521 s3: VFS: Change SMB_VFS_MKNOD to use const struct smb_filename * instead of const char *. via fed54ca s3: VFS: Remove old traces of smb_vfs_call_llistxattr(). from 156fe6e s4:libcli/smb_composite: make the additional gensec_update steps async https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8e43af0f81e644411f5a719860383373b210cc8b Author: Jeremy Allison <j...@samba.org> Date: Thu Jun 8 16:25:58 2017 -0700 s3: VFS: Change SMB_VFS_SYMLINK to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sun Jun 18 07:03:18 CEST 2017 on sn-devel-144 commit 6ae2d86b9ccc0ebe73dc911a1d5f06bd53613acf Author: Jeremy Allison <j...@samba.org> Date: Wed Jun 7 15:03:37 2017 -0700 s3: VFS: Change SMB_VFS_READLINK to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit 4ad426a7c6c9fffa41df5bcafd9f420c257b6805 Author: Jeremy Allison <j...@samba.org> Date: Fri Jun 2 15:26:06 2017 -0700 s3: VFS: Change SMB_VFS_STATVFS to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit fc92d451cf3162807e2493c62fa7617863adf2ba Author: Jeremy Allison <j...@samba.org> Date: Fri Jun 2 14:21:54 2017 -0700 s3: VFS: Change SMB_VFS_LINK to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit 0da76414fdc6a0aacea6282a76b384a702615408 Author: Jeremy Allison <j...@samba.org> Date: Thu Jun 1 11:45:25 2017 -0700 s3: VFS: Change SMB_VFS_GET_QUOTA to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit 0037815453fa6141d3c0325c3ab197326324ab53 Author: Jeremy Allison <j...@samba.org> Date: Tue May 23 10:40:47 2017 -0700 s3: VFS: Change SMB_VFS_DISK_FREE to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit 730de8e091879a53493a0c96b542603cd52174a2 Author: Jeremy Allison <j...@samba.org> Date: Fri May 19 16:15:55 2017 -0700 s3: VFS: Change SMB_VFS_CHFLAGS to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit c3d45216dd7df2a084b7d1
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via bb5c394 s3:smb2_sesssetup: allow a compound request after a SessionSetup via f8974bc s3:smb2_tcon: allow a compound request after a TreeConnect via bd31d53 s3: libsmb: Correctly save and restore connection tcon in smbclient, smbcacls and smbtorture3. via 50f5025 s3: libsmb: Correctly do lifecycle management on cli->smb1.tcon and cli->smb2.tcon. via c9178ed s3: libsmb: Fix cli_state_has_tcon() to cope with SMB2 connections. via 93fa0c8 s3: libsmb: Widen cli_state_get_tid() / cli_state_set_tid() to 32-bits. via 5c0efc9 s3: smbtorture: Show correct use of cli_state_save_tcon() / cli_state_restore_tcon(). via 39026f1 s3: libsmb: Add cli_state_save_tcon() / cli_state_restore_tcon(). via e726b60 libcli: smb: Add smb2cli_tcon_set_id(). via 655e106 libcli: smb: Add smbXcli_tcon_copy(). from 60cae0a dsdb: Add comment explaining requirements on DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit bb5c394fde03dc8230d5089a66fea1a2541952f5 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jun 15 23:01:18 2017 +0200 s3:smb2_sesssetup: allow a compound request after a SessionSetup This is not a full fix yet as we don't allow compound requests after going async. With SMB 3.11 requiring signed TreeConnect requests it's pointless to try to compound requests after a SessionSetup. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12845 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Jun 17 10:55:25 CEST 2017 on sn-devel-144 commit f8974bcdbf8abe3803340dcd20206ff4de9d5079 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jun 15 23:01:18 2017 +0200 s3:smb2_tcon: allow a compound request after a TreeConnect BUG: https://bugzilla.samba.org/show_bug.cgi?id=12844 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit bd31d538a26bb21cbb53986a6105204da4392e2d Author: Jeremy Allison <j...@samba.org> Date: Tue Jun 13 16:56:48 2017 -0700 s3: libsmb: Correctly save and restore connection tcon in smbclient, smbcacls and smbtorture3. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit 50f50256aa8805921c42d0f9f2f8f89d06d9bd93 Author: Jeremy Allison <j...@samba.org> Date: Tue Jun 13 16:37:39 2017 -0700 s3: libsmb: Correctly do lifecycle management on cli->smb1.tcon and cli->smb2.tcon. Treat them identically. Create them on demand after for a tcon call, and delete them on a tdis call. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit c9178ed9cc69b9089292db28ac1a0b7a0519bc2c Author: Jeremy Allison <j...@samba.org> Date: Tue Jun 13 16:36:54 2017 -0700 s3: libsmb: Fix cli_state_has_tcon() to cope with SMB2 connections. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit 93fa0c8660e47cb2605d70dac1156576ab719d64 Author: Jeremy Allison <j...@samba.org> Date: Tue Jun 13 16:26:00 2017 -0700 s3: libsmb: Widen cli_state_get_tid() / cli_state_set_tid() to 32-bits. Copes with SMB2 connections. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit 5c0efc9a5ef8ddf96dc394110063bebd5f057415 Author: Jeremy Allison <j...@samba.org> Date: Tue Jun 13 16:25:25 2017 -0700 s3: smbtorture: Show correct use of cli_state_save_tcon() / cli_state_restore_tcon(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit 39026f1c5dbb83120b70b3d9131138a9c2344ba6 Author: Jeremy Allison <j...@samba.org> Date: Tue Jun 13 16:15:00 2017 -0700 s3: libsmb: Add cli_state_save_tcon() / cli_state_restore_tcon(). Save and restore tcon pointers in smb1 or smb2 structs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Richard Sharpe <realrichardsha...@gmail.com> commit
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via aa74d6e WHATSNEW: deprecated "profile acls" via c6bc00f docs-xml/smbdotconf: deprecated "profile acls" via 378ae34 strerror_r: provide XSI-compliant strerror_r from 40cc7a1 ctdb-recovery: Log messages at various debug levels https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit aa74d6edf597c92112553b74d9e3675dfa30ca48 Author: Stefan Metzmacher <me...@samba.org> Date: Tue Jun 13 11:59:30 2017 +0200 WHATSNEW: deprecated "profile acls" Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Jun 13 22:45:28 CEST 2017 on sn-devel-144 commit c6bc00f1da785933d3a99454f6ef131027860602 Author: Stefan Metzmacher <me...@samba.org> Date: Tue Jun 13 11:59:30 2017 +0200 docs-xml/smbdotconf: deprecated "profile acls" This doesn't work anymore with modern clients, and there're better ways to support profiles on a share. Typically something like this seems to work: [winprofiles] comment = Users profiles New path = /data/winprofiles/ browseable = No read only = No csc policy = disable store dos attributes = yes vfs objects = acl_xattr With chmod 1777 on /data/winprofiles/ In order to work around some locking problems, see https://bugzilla.samba.org/show_bug.cgi?id=12833 It's also useful to something like this in the global section in order to detect disconnects reliable: socket options = TCP_KEEPCNT=5 TCP_KEEPIDLE=30 TCP_KEEPINTVL=1 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 378ae342c4e2e6b5bafbe54067d35344746be41b Author: Gary Lockyer <g...@catalyst.net.nz> Date: Thu Jun 1 13:26:38 2017 +1200 strerror_r: provide XSI-compliant strerror_r Provide a XSI-compliant strerror_r on GNU based systems. The default GNU strerror_r is not XSI-compliant, this patch wraps the GNU-specific call in an XSI-compliant wrapper. This reverts 18ed32ce0821d11c0c06d82c07ba1c27b0c2b886 which tried to make Heimdal use roken, rather than libreplace for strerror_r. Signed-off-by: Gary Lockyer <g...@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: WHATSNEW.txt | 1 + docs-xml/smbdotconf/protocol/profileacls.xml | 16 + lib/replace/replace.c | 18 ++ lib/replace/replace.h | 2 +- lib/replace/wscript| 7 +++ source4/dsdb/samdb/ldb_modules/password_hash.c | 7 ++- source4/heimdal/lib/roken/strerror_r.c | 84 -- source4/heimdal_build/config.h | 3 + source4/heimdal_build/wscript_build| 1 - source4/heimdal_build/wscript_configure| 7 --- 10 files changed, 52 insertions(+), 94 deletions(-) delete mode 100644 source4/heimdal/lib/roken/strerror_r.c Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 8548e16..1a36e88 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -103,6 +103,7 @@ smb.conf changes auth event notification New parameter no auth methods Deprecated map untrusted to domain Deprecated + profile acls Deprecated strict sync Default changed yes Removal of lpcfg_register_defaults_hook() diff --git a/docs-xml/smbdotconf/protocol/profileacls.xml b/docs-xml/smbdotconf/protocol/profileacls.xml index ade906c..a660c52 100644 --- a/docs-xml/smbdotconf/protocol/profileacls.xml +++ b/docs-xml/smbdotconf/protocol/profileacls.xml @@ -1,9 +1,22 @@ http://www.samba.org/samba/DTD/samba-doc;> + As most system support support posix acls and extended attributes + today. The "acl_xattr" vfs module should be used instead of + using yes. + Using an vfs module that provides nfs4 acls may also work. + + + + With modern clients (as of 2017) it's not possible to + use yes anymore. + + + This boolean parameter was added to fix the problems that people have been having with storing user profiles on Samba shares from Windows 2000 or Windows XP clients. New versions of Windows 2000 or Windows XP service @@ -40,6 +53,9 @@ On other shares, it might cause incorrect file ownerships. + + This pa
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1828011 tevent: Fix a race condition in tevent context rundown via 00390ae tevent: Fix a memleak on FreeBSD via ca71576 tevent: Add tevent_re_initialise to threaded test via afe026d tevent: Re-init threading in tevent_re_initialise via 97d912d tevent: Factor out context initialization via b034750 tevent: Fix a typo from 08a21f3 messaging: fix net command failure due to unhandled return code https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1828011317b0a8142c3b66fff22661a962760574 Author: Volker Lendecke <v...@samba.org> Date: Wed May 24 16:22:34 2017 +0200 tevent: Fix a race condition in tevent context rundown We protect setting tctx->event_ctx=NULL with tctx->event_ctx_mutex. But in _tevent_threaded_schedule_immediate we have the classic TOCTOU race: After we checked "ev==NULL", looking at tevent_common_context_destructor the event context can go after _tevent_threaded_schedule_immediate checked. We need to serialize things a bit by keeping tctx->event_ctx_mutex locked while we reference "ev", in particular in the DLIST_ADD_END(ev->scheduled_immediates,im); I think the locking hierarchy is still maintained, tevent_atfork_prepare() first locks all the tctx locks, and then the scheduled_mutex. Also, I don't think this will impact parallelism too badly: event_ctx_mutex is only used to protect setting tctx->ev. Found by staring at code while fixing the FreeBSD memleak due to not destroying scheduled_mutex. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Jun 9 00:45:26 CEST 2017 on sn-devel-144 commit 00390ae27b6bd207add571d7975c37951e15a3e5 Author: Volker Lendecke <v...@samba.org> Date: Wed May 24 16:21:40 2017 +0200 tevent: Fix a memleak on FreeBSD FreeBSD has malloc'ed memory attached to mutexes. We need to clean this up. valgrind really helped here Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ca715762418284a1a2acc81d40e9e429e407ce14 Author: Volker Lendecke <v...@samba.org> Date: Mon Jun 5 07:29:11 2017 +0200 tevent: Add tevent_re_initialise to threaded test Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit afe026d3030c0c05a31de872dd0d120511ba6652 Author: Volker Lendecke <v...@samba.org> Date: Mon Jun 5 07:16:17 2017 +0200 tevent: Re-init threading in tevent_re_initialise Without this threading is not usable after that call Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 97d912d99afb115e17f683a55aef447dc92ced49 Author: Volker Lendecke <v...@samba.org> Date: Mon Jun 5 06:58:37 2017 +0200 tevent: Factor out context initialization Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b03475048a49db78422d1bfc11f2c69d56fbf87f Author: Volker Lendecke <v...@samba.org> Date: Mon Jun 5 07:23:27 2017 +0200 tevent: Fix a typo Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: lib/tevent/testsuite.c | 8 ++ lib/tevent/tevent.c | 66 - lib/tevent/tevent.h | 2 +- lib/tevent/tevent_threads.c | 14 ++ 4 files changed, 59 insertions(+), 31 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tevent/testsuite.c b/lib/tevent/testsuite.c index 4783ab4..ee29e5b 100644 --- a/lib/tevent/testsuite.c +++ b/lib/tevent/testsuite.c @@ -1207,6 +1207,14 @@ static bool test_multi_tevent_threaded_2(struct torture_context *test, ev = tevent_context_init(test); torture_assert(test, ev != NULL, "tevent_context_init failed"); + /* +* tevent_re_initialise used to have a bug where it did not +* re-initialise the thread support after taking it +* down. Excercise that code path. +*/ + ret = tevent_re_initialise(ev); + torture_assert(test, ret == 0, "tevent_re_initialise failed"); + tctx = tevent_threaded_context_create(ev, ev); torture_assert(test, tctx != NULL, "tevent_threaded_context_create failed"); diff --git a/lib/tevent/tevent.c b/lib/tevent/tevent.c index 65b101f..f3b18a1
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 103f3a3 Log the actual error returned when creating a pipe for client logging in CTDB fails. Helps with debugging issues. via d3c4c1e s3:tests: Add a test which checks that the smbclient session setup works via b6f87af s3:libsmb: Fix printing the session setup information via a4efe64 libcli:smb: Fix pulling strings from the wire via e6b3d74 libcli:util: Update werror table from 29045da selftest/rodc: Do not run in single mode, this causes deadlocks https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 103f3a3cbe71375664297ea1a4cd29ef486090cb Author: Richard Sharpe <richard.sha...@primarydata.com> Date: Tue Jun 6 13:34:51 2017 -0700 Log the actual error returned when creating a pipe for client logging in CTDB fails. Helps with debugging issues. Signed-off-by: Richard Sharpe <realrichardsha...@gmail.com> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Jun 7 09:22:29 CEST 2017 on sn-devel-144 commit d3c4c1e263f187d38a4b25ef63d9e1d8833822b5 Author: Andreas Schneider <a...@samba.org> Date: Tue Jun 6 17:54:18 2017 +0200 s3:tests: Add a test which checks that the smbclient session setup works BUG: https://bugzilla.samba.org/show_bug.cgi?id=12824 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b6f87af427a1fa2bd397668d9f14cb0cf8ec5015 Author: Andreas Schneider <a...@samba.org> Date: Tue Jun 6 17:29:16 2017 +0200 s3:libsmb: Fix printing the session setup information This fixes a regression and prints the session setup on connect again: Domain=[SAMBA-TEST] OS=[Windows 6.1] Server=[Samba 4.7.0pre1-DEVELOPERBUILD] smb: \> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12824 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a4efe647c51700cee93b7574e5955e264aa96893 Author: Andreas Schneider <a...@samba.org> Date: Tue Jun 6 17:27:44 2017 +0200 libcli:smb: Fix pulling strings from the wire BUG: https://bugzilla.samba.org/show_bug.cgi?id=12824 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e6b3d7410e621e5c515460cd2788dd4ff8dd4474 Author: Andreas Schneider <a...@samba.org> Date: Tue Jun 6 16:07:10 2017 +0200 libcli:util: Update werror table This adds ERROR_PRINTER_DRIVER_DOWNLOAD_NEEDED for MS-PAR. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: ctdb/server/ctdb_logging.c| 3 ++- libcli/smb/util.c | 2 +- libcli/util/werror.h | 3 --- libcli/util/werror_err_table.txt | 8 +++- source3/libsmb/cliconnect.c | 3 ++- source3/libsmb/clidfs.c | 32 ++--- source3/libsmb/clientgen.c| 13 source3/script/tests/test_smbclient_s3.sh | 34 +++ source3/torture/masktest.c| 4 +++- 9 files changed, 74 insertions(+), 28 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/server/ctdb_logging.c b/ctdb/server/ctdb_logging.c index 4c37063..e7ca9b2 100644 --- a/ctdb/server/ctdb_logging.c +++ b/ctdb/server/ctdb_logging.c @@ -169,7 +169,8 @@ struct ctdb_log_state *ctdb_vfork_with_logging(TALLOC_CTX *mem_ctx, log->logfn_private = logfn_private; if (pipe(p) != 0) { - DEBUG(DEBUG_ERR, (__location__ " Failed to setup pipe for child logging\n")); + DEBUG(DEBUG_ERR, (__location__ " Failed to setup pipe for child logging:" + " %s\n", strerror(errno))); goto free_log; } diff --git a/libcli/smb/util.c b/libcli/smb/util.c index ef8c9fa..80d3428 100644 --- a/libcli/smb/util.c +++ b/libcli/smb/util.c @@ -372,6 +372,6 @@ NTSTATUS smb_bytes_pull_str(TALLOC_CTX *mem_ctx, char **_str, bool ucs2, const uint8_t *buf, size_t buf_len, size_t *_buf_consumed) { - return internal_bytes_pull_str(mem_ctx, _str, ucs2, true, + return internal_bytes_pull_str(mem_ctx, _str, ucs2, false, buf, buf_len, _buf_consumed); } diff --git a/libcli/util/werror.h b/libcli/util/werror.h index c25a4ab..d3d3327 100644 --- a/libcli/util/werror.h +++ b/libcli/util/werror.h @@ -140,9 +140,6 @@ typedef uint3
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via df3844f s3/utils: Add warning to testparm for "client ipc signing" param values via 61f827b unittest: Add testsuite for smb_probe_module() via eaf8e3a lib:util: Make loading of modules more secure via 91ef234 lib:util: Make probing of modules more secure via da9de19 lib:util: Rename smb_load_modules() via 700914b lib:util: Add new function to load modules from absolute path via 90b69ba unittest: Add testsuite for is_known_pipename() via 0aadb50 wafsamba: Pass down the install argument for samba modules via 74b3dd4 lib: Fix illegal use of 0-length arrays from 7b50ddd wscript: Fix some typos https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit df3844f4df14ea2143ba1856710c00b5ab856c44 Author: Noel Power <noel.po...@suse.com> Date: Fri Jun 2 15:50:48 2017 +0100 s3/utils: Add warning to testparm for "client ipc signing" param values We should warn about security sensitive settings where we can, client ipc signing has 2 values that can allow connections to proceed without SMB signing. This may be unavoidable (e.g. connecting to legacy systems) but nevertheless it is worthwhile to warn. Signed-off-by: Noel Power <noel.po...@suse.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Jun 6 22:40:12 CEST 2017 on sn-devel-144 commit 61f827bcdde494d3b4a094d6816ff7556f0ff608 Author: Andreas Schneider <a...@samba.org> Date: Fri May 12 14:13:42 2017 +0200 unittest: Add testsuite for smb_probe_module() BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit eaf8e3a9bed2bcd0932c9642bb7a5a26abe4 Author: Andreas Schneider <a...@samba.org> Date: Mon May 15 11:08:19 2017 +0200 lib:util: Make loading of modules more secure BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 91ef234a0ad0edfdefeb38cf0ad1de3b3e548f1e Author: Andreas Schneider <a...@samba.org> Date: Mon May 15 11:05:59 2017 +0200 lib:util: Make probing of modules more secure BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit da9de19cf9a0b543eec9003f10624fa2ba5becd3 Author: Andreas Schneider <a...@samba.org> Date: Mon May 15 10:49:07 2017 +0200 lib:util: Rename smb_load_modules() BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 700914b45d9cfb8d14cc81fa4fdde0b59bbba798 Author: Andreas Schneider <a...@samba.org> Date: Mon May 15 09:06:51 2017 +0200 lib:util: Add new function to load modules from absolute path BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 90b69ba95d5ea53f5aadf3e3c271e8c4d50d21b5 Author: Andreas Schneider <a...@samba.org> Date: Thu May 11 11:29:25 2017 +0200 unittest: Add testsuite for is_known_pipename() BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 0aadb5068f7565c0c05837c577003c5f9d6667a3 Author: Andreas Schneider <a...@samba.org> Date: Thu May 11 11:29:50 2017 +0200 wafsamba: Pass down the install argument for samba modules Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 74b3dd4630ff57fb3b7a6ffa49d1fba678169fbb Author: Volker Lendecke <v...@samba.org> Date: Mon May 29 21:13:16 2017 +0200 lib: Fix illegal use of 0-length arrays Found and confirmed to work by albert chin (ch...@thewrittenword.com) Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: buildtools/wafsamba/wafsamba.py | 6 +- lib/util/modules.c | 179 lib/util/msghdr.c | 10 +- lib/util/samba_modules.h| 3 +- selftest/tests.py
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7b50ddd wscript: Fix some typos from 5b60600 selftest: use an additional directory of knownfail/flapping files https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7b50dddb32282c3136c68ae81d44581f3e8ff10b Author: Anoop C S <anoo...@redhat.com> Date: Mon Jun 5 22:10:44 2017 +0530 wscript: Fix some typos Signed-off-by: Anoop C S <anoo...@redhat.com> Reviewed-by: Martin Schwenke <mar...@meltin.net> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Jun 6 05:26:37 CEST 2017 on sn-devel-144 --- Summary of changes: wscript | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/wscript b/wscript index 2a886e6..47d020b 100644 --- a/wscript +++ b/wscript @@ -62,11 +62,11 @@ def set_options(opt): action='store_true', dest='without_ad_dc', default=False) opt.add_option('--with-ntvfs-fileserver', - help='enable the depricated NTVFS file server from the original Samba4 branch (default if --enable-selftest specicifed). Conflicts with --with-system-mitkrb5 and --without-ad-dc', + help='enable the deprecated NTVFS file server from the original Samba4 branch (default if --enable-selftest specified). Conflicts with --with-system-mitkrb5 and --without-ad-dc', action='store_true', dest='with_ntvfs_fileserver') opt.add_option('--without-ntvfs-fileserver', - help='disable the depricated NTVFS file server from the original Samba4 branch', + help='disable the deprecated NTVFS file server from the original Samba4 branch', action='store_false', dest='with_ntvfs_fileserver') opt.add_option('--with-pie', -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b620140 vfs_gpfs: Fix compile error in gpfsacl_sys_acl_set_fd from 1f4b07e s4:torture: Fix comparison between pointer and zero character constant https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b6201407a346a376e215f4303e55bbdf8febd5df Author: Christof Schmitt <c...@samba.org> Date: Fri Jun 2 16:16:16 2017 -0700 vfs_gpfs: Fix compile error in gpfsacl_sys_acl_set_fd ../source3/modules/vfs_gpfs.c: In function ‘gpfsacl_sys_acl_set_fd’: ../source3/modules/vfs_gpfs.c:1280:6: error: passing argument 2 of ‘gpfsacl_sys_acl_set_file’ from incompatible pointer type [-Werror] SMB_ACL_TYPE_ACCESS, theacl); ^ ../source3/modules/vfs_gpfs.c:1235:12: note: expected ‘const struct smb_filename *’ but argument is of type ‘char *’ static int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle, Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Jun 3 05:52:32 CEST 2017 on sn-devel-144 --- Summary of changes: source3/modules/vfs_gpfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 4dc9f76..aeb0836 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1276,7 +1276,7 @@ static int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle, return SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, theacl); } - return gpfsacl_sys_acl_set_file(handle, fsp->fsp_name->base_name, + return gpfsacl_sys_acl_set_file(handle, fsp->fsp_name, SMB_ACL_TYPE_ACCESS, theacl); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1f4b07e s4:torture: Fix comparison between pointer and zero character constant via 1670d00 waf: Do not trhow a format-truncation error for test/snprintf.c via 94e21c1 replace: Use the same size as d_name member of struct dirent via 9e9bff1 password_hash: conditional compilation for crypt_r from 5ccfd38 dnsserver: Stop dns_name_equal doing OOB read https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1f4b07e5942235bddcfa999b3575f719752d81c4 Author: Andreas Schneider <a...@samba.org> Date: Thu Jun 1 14:28:08 2017 +0200 s4:torture: Fix comparison between pointer and zero character constant Fixes building with GCC 7.1 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Jun 1 23:42:58 CEST 2017 on sn-devel-144 commit 1670d00be88108a483f04c9763012504499b99e4 Author: Andreas Schneider <a...@samba.org> Date: Thu Jun 1 14:24:42 2017 +0200 waf: Do not trhow a format-truncation error for test/snprintf.c This fixes building with GCC 7.1 Error: ../lib/replace/test/testsuite.c:355:6: error: ‘%d’ directive output truncated writing 1 byte into a region of size 0 [-Werror=format-truncation=] Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 94e21c139f9b0c1d28ee85fdcb9b7490cc64e27b Author: Andreas Schneider <a...@samba.org> Date: Thu Jun 1 14:16:56 2017 +0200 replace: Use the same size as d_name member of struct dirent This fixes an error with GCC 7.1 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 9e9bff1f278ae7c2927cc3fa648f8ec8eb98b8c4 Author: Gary Lockyer <g...@catalyst.net.nz> Date: Wed May 31 10:35:25 2017 +1200 password_hash: conditional compilation for crypt_r Add check for crypt_r, and if absent fall back to crypt Signed-off-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Volker Lendecke <v...@samba.org> --- Summary of changes: lib/replace/test/os2_delete.c | 2 +- lib/replace/wscript| 3 ++- source4/dsdb/samdb/ldb_modules/password_hash.c | 12 +++- source4/torture/masktest.c | 2 +- 4 files changed, 15 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/replace/test/os2_delete.c b/lib/replace/test/os2_delete.c index 0816f61..4b99ccf 100644 --- a/lib/replace/test/os2_delete.c +++ b/lib/replace/test/os2_delete.c @@ -63,7 +63,7 @@ static int os2_delete(DIR *d) off_t offsets[READDIR_SIZE]; int i, j; struct dirent *de; - char names[READDIR_SIZE][30]; + char names[READDIR_SIZE][256]; /* scan, remembering offsets */ for (i=0, de=readdir(d); diff --git a/lib/replace/wscript b/lib/replace/wscript index f681d02..eeb1b3e 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -466,6 +466,7 @@ removeea setea conf.DEFINE('HAVE_ROBUST_MUTEXES', 1) conf.CHECK_FUNCS_IN('crypt', 'crypt', checklibc=True) +conf.CHECK_FUNCS_IN('crypt_r', 'crypt', checklibc=True) conf.CHECK_VARIABLE('rl_event_hook', define='HAVE_DECL_RL_EVENT_HOOK', always=True, headers='readline.h readline/readline.h readline/history.h') @@ -707,7 +708,7 @@ def build(bld): source='''test/testsuite.c test/strptime.c test/os2_delete.c test/getifaddrs.c''', deps='replace', -cflags="-Wno-format-zero-length") +cflags="-Wno-format-zero-length -Wno-format-truncation") if bld.env.standalone_replace: bld.SAMBA_BINARY('replace_testsuite', diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index 6a1ae3b..8e8dc2c 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -1487,11 +1487,13 @@ static int setup_primary_userPassword_hash( const char *salt = NULL;/* Randomly generated salt */ const char *cmd = NULL; /* command passed to crypt */ const char *hash = NULL;/* password hash generated by crypt */ - struct crypt_data crypt_data; /* working storage used by crypt */ int algorithm = 0; /* crypt hash algorithm number */ int rounds = 0; /* The number of hash rounds */ DATA_BLOB *hash
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 854ea4e s3: VFS: Change SMB_VFS_GETXATTR to use const struct smb_filename * instead of const char *. via 48956fa s3: VFS: Change SMB_VFS_SETXATTR to use const struct smb_filename * instead of const char *. via 12b801d s3: VFS: Change SMB_VFS_REMOVEXATTR to use const struct smb_filename * instead of const char *. via 892476b s3: VFS: Change SMB_VFS_LISTXATTR to use const struct smb_filename * instead of const char *. via aada948 s3: VFS: Change SMB_VFS_SYS_ACL_SET_FILE to use const struct smb_filename * instead of const char *. via f5dd864 s3: VFS: Change SMB_VFS_SYS_ACL_BLOB_GET_FILE to use const struct smb_filename * instead of const char *. via cea8e57 s3: VFS: Change SMB_VFS_SYS_ACL_GET_FILE to use const struct smb_filename * instead of const char *. via 85c8780 s3: VFS: Change SMB_VFS_SYS_ACL_DELETE_DEF_FILE to use const struct smb_filename * instead of const char *. via 63d2003 s3: lib: Add new utility function cp_smb_filename_nostream(). from 7259661 dsdb: Use ldb_handle_use_global_event_context for rootdse modifies https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 854ea4eba8d552ab38543647da840fd66039dd94 Author: Jeremy Allison <j...@samba.org> Date: Thu May 25 16:42:04 2017 -0700 s3: VFS: Change SMB_VFS_GETXATTR to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Jun 1 02:58:53 CEST 2017 on sn-devel-144 commit 48956fa4d3b37105ad3e8e742c21b5583d79db11 Author: Jeremy Allison <j...@samba.org> Date: Thu May 25 12:41:31 2017 -0700 s3: VFS: Change SMB_VFS_SETXATTR to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 12b801d9d7856f1bb50619962f7e9cb94e75087f Author: Jeremy Allison <j...@samba.org> Date: Wed May 24 11:35:50 2017 -0700 s3: VFS: Change SMB_VFS_REMOVEXATTR to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 892476b555f57bcbe40883c533e208c81be168c9 Author: Jeremy Allison <j...@samba.org> Date: Tue May 23 13:12:29 2017 -0700 s3: VFS: Change SMB_VFS_LISTXATTR to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit aada94885dce29334e34c9aae32c22e7acfc1174 Author: Jeremy Allison <j...@samba.org> Date: Wed May 24 10:47:46 2017 -0700 s3: VFS: Change SMB_VFS_SYS_ACL_SET_FILE to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit f5dd864606d5e587b85695ea11520df31b353fb8 Author: Jeremy Allison <j...@samba.org> Date: Tue May 23 17:35:59 2017 -0700 s3: VFS: Change SMB_VFS_SYS_ACL_BLOB_GET_FILE to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit cea8e57eac2ed7b90a5c5d207bf392ff0546398e Author: Jeremy Allison <j...@samba.org> Date: Tue May 23 17:11:18 2017 -0700 s3: VFS: Change SMB_VFS_SYS_ACL_GET_FILE to use const struct smb_filename * instead of const char *. We need to migrate all pathname based VFS calls to use a struct to finish modernising the VFS with extra timestamp and flags parameters. Requires a few extra cleanups in calling code. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Boehme <
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e530e43 s3:smbd: Set up local and remote address for fake connection via cbf6712 s3:smbd: Pass down remote and local address to get_referred_path() from ccd4f81 lib: Remove use of MSG_NOSIGNAL https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e530e43d67436881fd039877f956f0ad9b562af9 Author: Andreas Schneider <a...@samba.org> Date: Tue Mar 21 15:45:34 2017 +0100 s3:smbd: Set up local and remote address for fake connection BUG: https://bugzilla.samba.org/show_bug.cgi?id=12687 Pair-Programmed-With: Ralph Boehme <s...@samba.org> Signed-off-by: Andreas Schneider <a...@samba.org> Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed May 31 06:33:00 CEST 2017 on sn-devel-144 commit cbf67123e037207662ec0d4e53c55990e21b157e Author: Andreas Schneider <a...@samba.org> Date: Tue Mar 21 15:32:37 2017 +0100 s3:smbd: Pass down remote and local address to get_referred_path() BUG: https://bugzilla.samba.org/show_bug.cgi?id=12687 Pair-Programmed-With: Ralph Boehme <s...@samba.org> Signed-off-by: Andreas Schneider <a...@samba.org> Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/modules/vfs_default.c | 2 ++ source3/rpc_server/dfs/srv_dfs_nt.c | 6 ++ source3/smbd/msdfs.c| 36 +++- source3/smbd/proto.h| 12 +++- 4 files changed, 46 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index fa89f7f..e1b2712 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -217,6 +217,8 @@ static NTSTATUS vfswrap_get_dfs_referrals(struct vfs_handle_struct *handle, /* The following call can change cwd. */ status = get_referred_path(r, pathnamep, + handle->conn->sconn->remote_address, + handle->conn->sconn->local_address, !handle->conn->sconn->using_smb2, junction, , _referral); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/rpc_server/dfs/srv_dfs_nt.c b/source3/rpc_server/dfs/srv_dfs_nt.c index ab2af53..0a4d6d3 100644 --- a/source3/rpc_server/dfs/srv_dfs_nt.c +++ b/source3/rpc_server/dfs/srv_dfs_nt.c @@ -76,6 +76,8 @@ WERROR _dfs_Add(struct pipes_struct *p, struct dfs_Add *r) /* The following call can change the cwd. */ status = get_referred_path(ctx, r->in.path, + p->remote_address, + p->local_address, true, /*allow_broken_path */ jn, , _ref); if(!NT_STATUS_IS_OK(status)) { @@ -146,6 +148,8 @@ WERROR _dfs_Remove(struct pipes_struct *p, struct dfs_Remove *r) } status = get_referred_path(ctx, r->in.dfs_entry_path, + p->remote_address, + p->local_address, true, /*allow_broken_path */ jn, , _ref); if(!NT_STATUS_IS_OK(status)) { @@ -374,6 +378,8 @@ WERROR _dfs_GetInfo(struct pipes_struct *p, struct dfs_GetInfo *r) /* The following call can change the cwd. */ status = get_referred_path(ctx, r->in.dfs_entry_path, + p->remote_address, + p->local_address, true, /*allow_broken_path */ jn, , _ref); if(!NT_STATUS_IS_OK(status) || diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c index c22cd1e..acb45fd 100644 --- a/source3/smbd/msdfs.c +++ b/source3/smbd/msdfs.c @@ -31,6 +31,7 @@ #include "lib/param/loadparm.h" #include "libcli/security/security.h" #include "librpc/gen_ndr/ndr_dfsblobs.h" +#include "lib/tsocket/tsocket.h" /** Parse a DFS pathname of the form \hostname\service\reqpath @@ -953,11 +954,13 @@ static NTSTATUS self_ref(TALLOC_CTX *ctx, **/ NTSTATUS get_referred_path(TALLOC_CTX *ctx, - const char *dfs_path, - bo
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4c234a9 s3: smbd: Correctly identify a snapshot path using UCF_GMT_PATHNAME. via aa72d09 s3: smbd: Add UCF_GMT_PATHNAME, which represents FLAGS2_REPARSE_PATH. via 1c9183b s3: smbd: Fix up the ucf_flags correctly in smb_file_rename_information(). via f2f936a s3: smbd: We can now remove the 'bool dfs_path' parameter from filename_convert(). via 0fbf5b6 s3: smbd: Add UCF_DFS_PATHNAME which tracks the flags2 FLAGS2_DFS_PATHNAMES bit. via 29ec474 s3: smbd: In ntrename OR in ucf_flags, don't overwrite. via 4910feb s3: smbd: Always use ucf_flags_from_smb_request() in place of checking by hand (in most cases). via f5866c6 s3: smbd: Split out ucf_flags_from_smb_request() from filename_create_ucf_flags(). via 8a2aa27 s3: smbd: Make it clear we only overwrite *ppath_contains_wcard if resolve_dfspath_wcard() detected a wildcard. via 0e1c068 s3: smbd: Remove ugly use of discard_const that previously was hidden in resolve_dfspath_wcard(). via 2647eed s3: smbd: Remove bool dfs_pathnames paramter from resolve_dfspath_wcard(). from 2732411 s4:libcli/ldap: just use gensec_update() in ldap_bind_sasl() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4c234a90a9f5eed578857368c35b7b518b98a8f7 Author: Jeremy Allison <j...@samba.org> Date: Thu May 18 13:28:23 2017 -0700 s3: smbd: Correctly identify a snapshot path using UCF_GMT_PATHNAME. All our client code already does this correctly for @GMT names. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Uri Simchoni <u...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Mon May 22 22:49:17 CEST 2017 on sn-devel-144 commit aa72d09b3130ef61f1be5713b8f2c016ac5bc551 Author: Jeremy Allison <j...@samba.org> Date: Thu May 18 13:24:26 2017 -0700 s3: smbd: Add UCF_GMT_PATHNAME, which represents FLAGS2_REPARSE_PATH. This must be set by a client to use shadow copy (@GMT) paths. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Uri Simchoni <u...@samba.org> commit 1c9183bb381fa60e2118f5f874435c3a0f93e22d Author: Jeremy Allison <j...@samba.org> Date: Thu May 18 13:22:36 2017 -0700 s3: smbd: Fix up the ucf_flags correctly in smb_file_rename_information(). Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Uri Simchoni <u...@samba.org> commit f2f936a961e184b6760400de9b0b72820c690b6e Author: Jeremy Allison <j...@samba.org> Date: Thu May 18 12:29:50 2017 -0700 s3: smbd: We can now remove the 'bool dfs_path' parameter from filename_convert(). Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Uri Simchoni <u...@samba.org> commit 0fbf5b644d67df2bd47691f4240dbcaffaecc407 Author: Jeremy Allison <j...@samba.org> Date: Thu May 18 12:18:58 2017 -0700 s3: smbd: Add UCF_DFS_PATHNAME which tracks the flags2 FLAGS2_DFS_PATHNAMES bit. Set inside ucf_flags_from_smb_request(). This will allow us to remove the req->flags2 & FLAGS2_DFS_PATHNAMES parameter from filename_convert(). Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Uri Simchoni <u...@samba.org> commit 29ec4744542230c93c209acfe2a5d6144707b332 Author: Jeremy Allison <j...@samba.org> Date: Thu May 18 12:08:57 2017 -0700 s3: smbd: In ntrename OR in ucf_flags, don't overwrite. This isn't worth a bug backport as right now the only flag that could be overwritten is the UCF_POSIX_PATHNAMES flag, and for a POSIX connection the client will use posix rename, not an ntrename. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Uri Simchoni <u...@samba.org> commit 4910febdac9cf282597349e85610e582001a3c54 Author: Jeremy Allison <j...@samba.org> Date: Thu May 18 12:08:00 2017 -0700 s3: smbd: Always use ucf_flags_from_smb_request() in place of checking by hand (in most cases). Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Uri Simchoni <u...@samba.org> commit f5866c66a44703000edf99ecae4429e877332ccd Author: Jeremy Allison <j...@samba.org> Date: Thu May 18 11:56:39 2017 -0700 s3: smbd: Split out ucf_flags_from_smb_request() from filename_create_ucf_flags(). We will use this elsewhere in later commits. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Uri Simchoni <u...@samba.org> commit 8a2aa27f745ec1d611f3ece307cea15d0002df9e Author: Jeremy Allison <j...@samba.org> Date: Thu May 18 11:41:10 2017 -0700 s3: smbd: Make it clear we only overwrite *ppath_contains_wcard if resolve_dfspath_wcard() detected a wildc
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b691f6d s3: smbd: Fix open_files.idl to correctly ignore share_mode_lease *lease in share_mode_entry. via 6f8f999 selftest: enable alternate streams for fs_specific share via 9d30d47 s4/torture: vfs_fruit: test copy-chunk on streams via b8a5152 s4/torture: vfs_fruit: add src and dst path args to test_setup_copy_chunk via 6211eb1 s4/torture: smb2.ioctl: add copy-chunk test with stream to smb2.ioctl via f9a61d7 s4/torture: smb2.ioctl: add src and dst path args to test_setup_copy_chunk via 60747c1 lib/torture: add two more ndr assert macros via 67b9d3c vfs_fruit: add pread_send/recv and pwrite_send/recv via 22ea0c0 vfs_streams_xattr: add pread_send/recv and pwrite_send/recv via ebc0497 lib: Update pam_wrapper to 1.0.4 via 2dbaade libads: abstract out SASL wrapping code from 6fbff71 SMB_INFO_ALLOCATION: return with UINT32_MAX rather than cutting at 4 bytes https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b691f6d32f79ef8427f567612243dd51ea8d5584 Author: Jeremy Allison <j...@samba.org> Date: Tue May 16 16:12:19 2017 -0700 s3: smbd: Fix open_files.idl to correctly ignore share_mode_lease *lease in share_mode_entry. This is currently marked 'skip', which means it isn't stored in the db, but printed out in ndr dump. However, this pointer can be invalid if the lease_idx is set to 0x (invalid). This is fixed up inside parse_share_modes(), but not until after ndr_pull_share_mode_data() is called. If lease_idx == 0x then ndr_print_share_mode_lease() prints an invalid value and crashes. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12793 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu May 18 03:01:40 CEST 2017 on sn-devel-144 commit 6f8f99917f896e7d631b80fedd09863acc85b1c5 Author: David Disseldorp <dd...@samba.org> Date: Wed May 17 12:54:15 2017 +0200 selftest: enable alternate streams for fs_specific share This ensures that the new "smb2.ioctl.copy-chunk streams" test passes when run under selftest atop Btrfs. Signed-off-by: David Disseldorp <dd...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 9d30d47b1ec33c815d204198952bf597cd602b49 Author: Ralph Boehme <s...@samba.org> Date: Fri May 12 17:10:07 2017 +0200 s4/torture: vfs_fruit: test copy-chunk on streams Bug: https://bugzilla.samba.org/show_bug.cgi?id=12787 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: David Disseldorp <dd...@samba.org> commit b8a5152885e00b92406126dac5aecaa85908e4aa Author: Ralph Boehme <s...@samba.org> Date: Fri May 12 14:56:53 2017 +0200 s4/torture: vfs_fruit: add src and dst path args to test_setup_copy_chunk Just let the caller pass in the paths, no change in behaviour. A new test in a subsequent commit will use it to pass paths to streams. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12787 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: David Disseldorp <dd...@samba.org> commit 6211eb14629bc53b5659d0f15d82d845b12280af Author: Ralph Boehme <s...@samba.org> Date: Tue May 16 13:14:16 2017 +0200 s4/torture: smb2.ioctl: add copy-chunk test with stream to smb2.ioctl Bug: https://bugzilla.samba.org/show_bug.cgi?id=12787 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: David Disseldorp <dd...@samba.org> commit f9a61d790f166883c7f42494c3a060ba5b13d5e6 Author: Ralph Boehme <s...@samba.org> Date: Tue May 16 13:13:08 2017 +0200 s4/torture: smb2.ioctl: add src and dst path args to test_setup_copy_chunk Just let the caller pass in the paths, no change in behaviour. A new test in a subsequent commit will use it to pass paths to streams. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12787 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: David Disseldorp <dd...@samba.org> commit 60747c1be4d42c29fb81ab413b0bdabdaa22012a Author: Ralph Boehme <s...@samba.org> Date: Fri May 12 17:09:08 2017 +0200 lib/torture: add two more ndr assert macros Bug: https://bugzilla.samba.org/show_bug.cgi?id=12787 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: David Disseldorp <dd...@samba.org> commit 67b9d3c0860fbb955969570a97495e555bd24779 Author: Ralph Boehme <s...@samba.org> Date: Fri May 12 14:40:03 2017 +0200 vfs_fruit: add pread_send/recv and pwrite_s
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6fbff71 SMB_INFO_ALLOCATION: return with UINT32_MAX rather than cutting at 4 bytes via d02d4b5 winbindd: Give winbindd_ads.c its own header via aa3896f libsmb: proto.h does not need ads.h from 4d1d6e2 smbd/smb2_ioctl: check for NULL dst_fsp before use https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6fbff7184e116c9afcbcd62a479b692154767b60 Author: Peter Somogyi <psomo...@hu.ibm.com> Date: Mon May 15 10:21:01 2017 +0200 SMB_INFO_ALLOCATION: return with UINT32_MAX rather than cutting at 4 bytes An AIX cifs client queries SMB_INFO_ALLOCATION that has only 4 bytes to report dfree and dsize. Return the max instead of random unexpeced numbers. Signed-off-by: Peter Somogyi <psomo...@hu.ibm.com> Reviewed-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed May 17 05:49:46 CEST 2017 on sn-devel-144 commit d02d4b5bc1a2f370b590f728df323cf08bd6d9f6 Author: Volker Lendecke <v...@samba.org> Date: Thu May 11 21:38:50 2017 +0200 winbindd: Give winbindd_ads.c its own header Not necessary to compile all of winbind when playing with ads.h Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit aa3896f571ee4bfb8a9da1ad0c1d5f8e3703a2c9 Author: Volker Lendecke <v...@samba.org> Date: Thu May 11 21:30:30 2017 +0200 libsmb: proto.h does not need ads.h Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/libsmb/proto.h | 1 - source3/smbd/trans2.c | 6 ++ source3/winbindd/idmap_ad_nss.c| 2 +- source3/winbindd/idmap_rfc2307.c | 2 +- source3/winbindd/winbindd_ads.c| 1 + .../unix_match.h => source3/winbindd/winbindd_ads.h| 18 +- source3/winbindd/winbindd_proto.h | 5 - 7 files changed, 22 insertions(+), 13 deletions(-) copy lib/util/unix_match.h => source3/winbindd/winbindd_ads.h (70%) Changeset truncated at 500 lines: diff --git a/source3/libsmb/proto.h b/source3/libsmb/proto.h index c5e28ef..137c355 100644 --- a/source3/libsmb/proto.h +++ b/source3/libsmb/proto.h @@ -26,7 +26,6 @@ #ifndef _LIBSMB_PROTO_H_ #define _LIBSMB_PROTO_H_ -#include "ads.h" #include "auth_info.h" struct smb_trans_enc_state; diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index e8346ba..01df2ee 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -3510,6 +3510,12 @@ NTSTATUS smbd_do_qfsinfo(struct smbXsrv_connection *xconn, cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)st.st_ex_dev, (unsigned int)bsize, (unsigned int)sectors_per_unit, (unsigned int)bytes_per_sector, (unsigned int)dsize, (unsigned int)dfree)); + /* +* For large drives, return max values and not modulo. +*/ + dsize = MIN(dsize, UINT32_MAX); + dfree = MIN(dfree, UINT32_MAX); + SIVAL(pdata,l1_idFileSystem,st.st_ex_dev); SIVAL(pdata,l1_cSectorUnit,sectors_per_unit); SIVAL(pdata,l1_cUnit,dsize); diff --git a/source3/winbindd/idmap_ad_nss.c b/source3/winbindd/idmap_ad_nss.c index 87c7814..d65e1e9 100644 --- a/source3/winbindd/idmap_ad_nss.c +++ b/source3/winbindd/idmap_ad_nss.c @@ -28,7 +28,7 @@ #include "includes.h" #include "winbindd.h" #include "../libds/common/flags.h" -#include "ads.h" +#include "winbindd_ads.h" #include "libads/ldap_schema.h" #include "nss_info.h" #include "idmap.h" diff --git a/source3/winbindd/idmap_rfc2307.c b/source3/winbindd/idmap_rfc2307.c index 8ffa55b..668a7a4 100644 --- a/source3/winbindd/idmap_rfc2307.c +++ b/source3/winbindd/idmap_rfc2307.c @@ -25,7 +25,7 @@ #include "includes.h" #include "winbindd.h" -#include "ads.h" +#include "winbindd_ads.h" #include "idmap.h" #include "smbldap.h" #include "nsswitch/winbind_client.h" diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index d2e1ac4..c330b92 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -23,6 +23,7 @@ #include "includes.h" #include "winbindd.h" +#inc
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 91852dd s4: torture: Remove use of local variables that are simply mirroring popt_get_cmdline_credentials(). via 4039e51 s4: popt: Change from talloc_autofree_context() to NULL context. via 9126744 s4: popt: Make cmdline_credentials static. via b2de5a8 s4: popt: Global replace of cmdline_credentials -> popt_get_cmdline_credentials(). via dd4a3ce s4: popt: Add set/get/free functions for cmdline_credentials. via 560c375 s4: Add TALLOC_CTX * to register_server_service(). via 3429829 s4: auth: Remove a talloc_autofree_context() use. via 34f616f s4: auth: Add TALLOC_CTX * to auth_register() via 1e5797d testprogs: Add 'net rpc user' test against AD DC from fc4dfd7 docs: Remove old docs. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 91852dd0816a745f501b765a556b5985521c8119 Author: Jeremy Allison <j...@samba.org> Date: Tue May 9 16:28:53 2017 -0700 s4: torture: Remove use of local variables that are simply mirroring popt_get_cmdline_credentials(). Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri May 12 00:37:29 CEST 2017 on sn-devel-144 commit 4039e51a6fdb476d9865df74dfccf7a020ead141 Author: Jeremy Allison <j...@samba.org> Date: Tue May 9 16:20:07 2017 -0700 s4: popt: Change from talloc_autofree_context() to NULL context. Call popt_free_cmdline_credentials() on successful exit from torture. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 91267449ec1acc461069a8a505e2234221531643 Author: Jeremy Allison <j...@samba.org> Date: Tue May 9 16:14:03 2017 -0700 s4: popt: Make cmdline_credentials static. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit b2de5a81bf2e5a79b101859c738fc057af7308ed Author: Jeremy Allison <j...@samba.org> Date: Tue May 9 16:10:03 2017 -0700 s4: popt: Global replace of cmdline_credentials -> popt_get_cmdline_credentials(). Add one use of popt_set_cmdline_credentials(). Fix 80 column limits when cmdline_credentials changes to popt_get_cmdline_credentials(). Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit dd4a3ce92792c4687f92d4b9e88f7bbee6cad593 Author: Jeremy Allison <j...@samba.org> Date: Tue May 9 14:34:35 2017 -0700 s4: popt: Add set/get/free functions for cmdline_credentials. Preparing to make this static instead of a global. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 560c37524b2b4188011e45c03b3712951476de59 Author: Jeremy Allison <j...@samba.org> Date: Tue May 9 13:46:45 2017 -0700 s4: Add TALLOC_CTX * to register_server_service(). Use the passed in context from callers. Remove one talloc_autofree_context(). Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 3429829a42c760e59fcf67463f72002f792cb087 Author: Jeremy Allison <j...@samba.org> Date: Tue May 9 13:28:49 2017 -0700 s4: auth: Remove a talloc_autofree_context() use. Use NULL here, not the autofree context for this static pointer. The destructor prevents freeing this memory anyway. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 34f616fc6f48a4182f7e5125a080de205925c7e4 Author: Jeremy Allison <j...@samba.org> Date: Tue May 9 12:39:14 2017 -0700 s4: auth: Add TALLOC_CTX * to auth_register() Use the talloc context passed into all modules. Remove one more talloc_autofree_context(). Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 1e5797d19ce9133427573289aa63337e48ea714f Author: Andreas Schneider <a...@samba.org> Date: Tue May 2 12:31:48 2017 +0200 testprogs: Add 'net rpc user' test against AD DC Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: file_server/file_server.c | 2 +- lib/ldb-samba/samba_extensions.c| 3 +- nsswitch/libwbclient/tests/wbclient.c | 60 +- source4/auth/auth.h | 2 +- source4/auth/ntlm/auth.c| 5 ++- source4/auth/nt
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4ed1bfb dbwrap_ctdb: Fix a typo via 51ddb56 s3-gpo: Fix CID #1405972 Resource leak via 85e3d17 s4:tls: Do not use deprecated GnuTLS types from cb17fcc s3-spoolss: add winreg_del_driver_package_internal() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4ed1bfb9f854ce5d50e670d17d188745ed26edd3 Author: Volker Lendecke <v...@samba.org> Date: Mon May 8 12:16:16 2017 +0200 dbwrap_ctdb: Fix a typo Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed May 10 03:25:40 CEST 2017 on sn-devel-144 commit 51ddb563ef7bd177cd7b08c41070e92dad3e3c82 Author: Günther Deschner <g...@samba.org> Date: Tue May 9 14:31:15 2017 +0200 s3-gpo: Fix CID #1405972 Resource leak Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 85e3d1774cd069dc02a34850afc3c3df022eee91 Author: Andreas Schneider <a...@samba.org> Date: Tue May 9 13:17:13 2017 +0200 s4:tls: Do not use deprecated GnuTLS types Those have been deprecated with GnuTLS 1.0.20 in 2004. I think it is safe to use them now ;) Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: source3/lib/dbwrap/dbwrap_ctdb.c | 2 +- source3/libgpo/gpext/registry.c | 1 + source4/lib/tls/tls.c| 14 +++--- source4/lib/tls/tls_tstream.c| 16 +--- 4 files changed, 18 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/dbwrap/dbwrap_ctdb.c b/source3/lib/dbwrap/dbwrap_ctdb.c index 10fe88d..7f61dec 100644 --- a/source3/lib/dbwrap/dbwrap_ctdb.c +++ b/source3/lib/dbwrap/dbwrap_ctdb.c @@ -1164,7 +1164,7 @@ again: ctdb_time += timeval_elapsed(_start_time); if (ret != 0) { - DEBUG(5, ("ctdb_migrate failed: %s\n", + DEBUG(5, ("ctdbd_migrate failed: %s\n", strerror(ret))); TALLOC_FREE(result); return NULL; diff --git a/source3/libgpo/gpext/registry.c b/source3/libgpo/gpext/registry.c index 4a0d0cf..ceb05f0 100644 --- a/source3/libgpo/gpext/registry.c +++ b/source3/libgpo/gpext/registry.c @@ -342,6 +342,7 @@ static NTSTATUS registry_process_group_policy(TALLOC_CTX *mem_ctx, err_cache_path_free: talloc_free(gpo_cache_path); + talloc_free(entries); return status; } diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c index ad8bbd4..ac4df22 100644 --- a/source4/lib/tls/tls.c +++ b/source4/lib/tls/tls.c @@ -39,8 +39,8 @@ typedef gnutls_datum gnutls_datum_t; /* hold persistent tls data */ struct tls_params { - gnutls_certificate_credentials x509_cred; - gnutls_dh_params dh_params; + gnutls_certificate_credentials_t x509_cred; + gnutls_dh_params_t dh_params; bool tls_enabled; const char *tls_priority; }; @@ -52,14 +52,14 @@ struct tls_context { struct tevent_fd *fde; bool tls_enabled; #if ENABLE_GNUTLS - gnutls_session session; + gnutls_session_t session; bool done_handshake; bool have_first_byte; uint8_t first_byte; bool tls_detect; const char *plain_chars; bool output_pending; - gnutls_certificate_credentials xcred; + gnutls_certificate_credentials_t xcred; bool interrupted; #endif }; @@ -111,7 +111,7 @@ static NTSTATUS tls_socket_init(struct socket_context *sock) /* callback for reading from a socket */ -static ssize_t tls_pull(gnutls_transport_ptr ptr, void *buf, size_t size) +static ssize_t tls_pull(gnutls_transport_ptr_t ptr, void *buf, size_t size) { struct tls_context *tls = talloc_get_type(ptr, struct tls_context); NTSTATUS status; @@ -150,7 +150,7 @@ static ssize_t tls_pull(gnutls_transport_ptr ptr, void *buf, size_t size) /* callback for writing to a socket */ -static ssize_t tls_push(gnutls_transport_ptr ptr, const void *buf, size_t size) +static ssize_t tls_push(gnutls_transport_ptr_t ptr, const void *buf, size_t size) { struct tls_context *tls = talloc_get_type(ptr, struct tls_context); NTSTATUS status; @@ -545,7 +545,7 @@ struct socket_context *tls_init_server(struct tls_params *params, params->x509_cred)); gnutls_certificate_server_set_request(tls->session, GNUTLS_CERT_REQUEST); gnutls_dh_set_prime_bits(tls->se
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 202e2ab s3-rpcclient: Fix enumdata spoolss display of REG_DWORD from a503437 s3/smbd: update exclusive oplock optimisation to the lease area https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 202e2ab5e14fdd70b78dbbd48685e44f22b0d51d Author: Günther Deschner <g...@samba.org> Date: Wed May 3 11:31:20 2017 +0200 s3-rpcclient: Fix enumdata spoolss display of REG_DWORD One should not assume a REG_DWORD is always 4 byte long. In an enumdata(ex) context, the first reply will return with content in a buffer that can fill the largest entry in the array of attributes. All subsequent queries then reuse this buffer even if the key/value pair in question then is just a 4 byte DWORD. The remaining buffer will be just empty and of no interest. Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sun May 7 03:28:21 CEST 2017 on sn-devel-144 --- Summary of changes: source3/rpcclient/cmd_spoolss.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c index 00dc2e0..34cbb7e 100644 --- a/source3/rpcclient/cmd_spoolss.c +++ b/source3/rpcclient/cmd_spoolss.c @@ -770,7 +770,7 @@ static void display_reg_value(const char *name, enum winreg_Type type, DATA_BLOB switch(type) { case REG_DWORD: - if (blob.length == sizeof(uint32_t)) { + if (blob.length >= sizeof(uint32_t)) { printf("%s: REG_DWORD: 0x%08x\n", name, IVAL(blob.data,0)); } else { printf("%s: REG_DWORD: \n", name); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 825d00d s4: torture: Remove the last talloc_autofree_context() from source4/torture/*.c via 911fdd8 s4: torture: Remove talloc_autofree_context() from gentest. via 45fbddd s4: torture: Remove talloc_autofree_context() from locktest. via fa88c5d s4: torture: Use a named TALLOC_CTX in masktest instead of talloc_autofree_context(). via 47d7463 s4: torture: Add a TALLOC_CTX * to torture_smb2_getinfo_init(). via 0a301e8 s4: torture: Add a TALLOC_CTX * to torture_test_delete(). via 3400451 s4: torture: Add a TALLOC_CTX * to torture_winbind_struct_init(). via aff8277 s4: torture: Add a TALLOC_CTX * to torture_vfs_fruit(), torture_vfs_fruit_netatalk(), torture_vfs_fruit_file_id() via 5084bab s4: torture: Add a TALLOC_CTX * to torture_acl_xattr(). via 67557dc s4: torture: Add a TALLOC_CTX * to torture_smb2_streams_init(). via 097ffa7 s4: torture: Add a TALLOC_CTX * to torture_smb2_session_init(). via 6c45ca7 s4: torture: Add a TALLOC_CTX * to torture_smb2_scan_init(). via a0552b1 s4: torture: Add a TALLOC_CTX * to torture_smb2_replay_init(). via af7ce00 s4: torture: Add a TALLOC_CTX * to torture_smb2_rename_init(). via c08d43c s4: torture: Add a TALLOC_CTX * to torture_smb2_read_init(). via 6c5f377 s4: torture: Add a TALLOC_CTX * to torture_smb2_oplocks_init(), torture_smb2_kernel_oplocks_init(). via b0613ed s4: torture: Add a TALLOC_CTX * to torture_smb2_notify_disabled_init(). via 123973e s4: torture: Add a TALLOC_CTX * to torture_smb2_notify_init(). via 2480351 s4: torture: Add a TALLOC_CTX * to torture_smb2_lock_init(). via 1132d57 s4: torture: Add a TALLOC_CTX * to torture_smb2_lease_init(). via 6264d21 s4: tortute: Add a TALLOC_CTX * to torture_smb2_ioctl_init(). via 3f5ad6f s4: torture: Add TALLOC_CTX * to torture_smb2_durable_v2_open_init(). via b8a616e s4: torture: Add TALLOC_CTX * to torture_smb2_durable_open_disconnect_init(), torture_smb2_durable_open_init() via 44a1dc3 s4: torture: Add a TALLOC_CTX * to torture_smb2_dir_init(). via 9aa023a s4: torture: Add a TALLOC_CTX * to torture_smb2_doc_init(). via b871d5f s4: torture: Add a TALLOC_CTX * to torture_smb2_crediting_init(). via a039a46 s4: torture: Add a TALLOC_CTX * to torture_smb2_create_init(). via 6e29f07 s4: torture: Add TALLOC_CTX * to torture_smb2_compound_find_init() and torture_smb2_compound_init(). via 33320f5 s4: torture: Add TALLOC_CTX * to torture_smb2_acls_init(). via 6a53ce5 s4: torture: Add TALLOC_CTX * to torture_winbind_init(). via c4e s4: torture: Pass TALLOC_CTX * to torture_delay_write(). via e7e56bc s4: torture: Change torture_register_suite() to add a TALLOC_CTX *. via 1d66673 s4: torture: Pass the new talloc context into torture_init(). via 6341d3d s4: torture: Add a TALLOC_CTX * to torture_parse_target(). via f18cc16 s4: torture: Create a top level talloc contxt. from e11ee75 samba-tool: Rename Samba4 to Samba AD https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 825d00df19f32845a66b080354824fada946d620 Author: Jeremy Allison <j...@samba.org> Date: Mon Apr 24 16:40:37 2017 -0700 s4: torture: Remove the last talloc_autofree_context() from source4/torture/*.c Allocate the saved packets off the NULL context instead, and use a new function free_received_packets() to clear out the received_packets list. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri May 5 19:47:50 CEST 2017 on sn-devel-144 commit 911fdd8ca0a0a1ba6748ff00a3327073a0611bda Author: Jeremy Allison <j...@samba.org> Date: Mon Apr 24 16:20:28 2017 -0700 s4: torture: Remove talloc_autofree_context() from gentest. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> commit 45fbddda9c6ce98679a2e8685bad19795c0a8b49 Author: Jeremy Allison <j...@samba.org> Date: Mon Apr 24 16:18:16 2017 -0700 s4: torture: Remove talloc_autofree_context() from locktest. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> commit fa88c5da46d5da23b1221c2cefa989901c63f141 Author: Jeremy Allison <j...@samba.org> Date: Mon Apr 24 16:11:22 2017 -0700 s4: torture: Use a named TALLOC_CTX in masktest instead of talloc_autofree_context(). Move all talloc_free()'s back to main from the function call. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.o
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d04efe5 vfs_fruit: Fix the 32-bit build via dd0d2ee pam_wrapper: Add PAM_STRERROR_CONST configure check from 4c17850 samba-tool: fix log message of 'samba-tool user syncpasswords' https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d04efe5b9bf8c4e655142ba828045a258951804c Author: Volker Lendecke <v...@samba.org> Date: Sat Apr 29 12:01:41 2017 +0200 vfs_fruit: Fix the 32-bit build On debian 32-bit, size_t is an 32 bit, but off_t is 64 bit. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri May 5 11:50:55 CEST 2017 on sn-devel-144 commit dd0d2ee1dd210784420d79fcc5063eb81465d5de Author: Volker Lendecke <v...@samba.org> Date: Mon May 1 17:56:50 2017 +0200 pam_wrapper: Add PAM_STRERROR_CONST configure check Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: lib/pam_wrapper/wscript | 7 +++ source3/modules/vfs_fruit.c | 20 +++- 2 files changed, 18 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/pam_wrapper/wscript b/lib/pam_wrapper/wscript index 87181c3..aacd1d7 100644 --- a/lib/pam_wrapper/wscript +++ b/lib/pam_wrapper/wscript @@ -80,6 +80,13 @@ def configure(conf): 'int pam_prompt(const pam_handle_t *_pamh, int _style, char **_resp, const char *_fmt, ...)', define='HAVE_PAM_PROMPT_CONST', headers='stdio.h sys/types.h security/pam_appl.h security/pam_modules.h') +conf.CHECK_C_PROTOTYPE( +'pam_strerror', +'const char *pam_strerror(const pam_handle_t *pamh, int errnum)', +define='HAVE_PAM_STRERROR_CONST', +headers='''stdio.h sys/types.h security/pam_appl.h + security/pam_modules.h''') + # Find the absolute path to libpam.so.0 libpam_path = find_library(['libpam.so.0', 'libpam.so'], conf.env.STANDARD_LIBPATH) conf.DEFINE('PAM_LIBRARY', ('"%s"' % libpam_path )) diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c index 11d2071..273540e 100644 --- a/source3/modules/vfs_fruit.c +++ b/source3/modules/vfs_fruit.c @@ -3738,8 +3738,8 @@ static ssize_t fruit_pread(vfs_handle_struct *handle, struct fio *fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp); ssize_t nread; - DBG_DEBUG("Path [%s] offset=%zd, size=%zd\n", - fsp_str_dbg(fsp), offset, n); + DBG_DEBUG("Path [%s] offset=%"PRIdMAX", size=%zd\n", + fsp_str_dbg(fsp), (intmax_t)offset, n); if (fio == NULL) { return SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset); @@ -3962,8 +3962,8 @@ static ssize_t fruit_pwrite(vfs_handle_struct *handle, struct fio *fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp); ssize_t nwritten; - DBG_DEBUG("Path [%s] offset=%zd, size=%zd\n", - fsp_str_dbg(fsp), offset, n); + DBG_DEBUG("Path [%s] offset=%"PRIdMAX", size=%zd\n", + fsp_str_dbg(fsp), (intmax_t)offset, n); if (fio == NULL) { return SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset); @@ -4407,8 +4407,8 @@ static int fruit_fstat(vfs_handle_struct *handle, files_struct *fsp, sbuf->st_ex_blocks = sbuf->st_ex_size / STAT_ST_BLOCKSIZE + 1; } - DBG_DEBUG("Path [%s] rc [%d] size [%zd]\n", - fsp_str_dbg(fsp), rc, sbuf->st_ex_size); + DBG_DEBUG("Path [%s] rc [%d] size [%"PRIdMAX"]\n", + fsp_str_dbg(fsp), rc, (intmax_t)sbuf->st_ex_size); return rc; } @@ -4441,8 +4441,9 @@ static NTSTATUS fruit_streaminfo_meta_stream( return NT_STATUS_OK; } - DBG_ERR("Removing invalid AFPINFO_STREAM size [%zd] from [%s]\n", - stream[i].size, smb_fname_str_dbg(smb_fname)); + DBG_ERR("Removing invalid AFPINFO_STREAM size [%"PRIdMAX"] " + "from [%s]\n", (intmax_t)stream[i].size, + smb_fname_str_dbg(smb_fname)); ok = del_fruit_stream(mem_ctx, pnum_streams, pstreams, AFPINFO_STREAM); if (!ok) { @@ -4909,7 +4910,8 @@ static int fruit_ftruncate(struct vfs_handle_struct *handle, struct fio *fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp); int ret; - DBG_DEBUG("Path [%s] offset [%zd]\n", fsp_str_dbg(fsp),
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1e7bec4 lib: Fix a comment via b23728a lib: Fix whitespace via 63f649f s4: torture: samr: Add test for dcesrc_lsa_valid_AccountRight change. from 61d6882 WHATSNEW: Add Samba AD with MIT Kerberos https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1e7bec40d103a003905dd6a161366753ff8a5c40 Author: Volker Lendecke <v...@samba.org> Date: Sun Apr 23 18:47:25 2017 +0200 lib: Fix a comment Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed May 3 20:00:25 CEST 2017 on sn-devel-144 commit b23728ac736238c5e20cdf5fd42140aa0d2c9761 Author: Volker Lendecke <v...@samba.org> Date: Sun Apr 23 18:47:05 2017 +0200 lib: Fix whitespace Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 63f649f86009b274903f822e8389e10b7c940d09 Author: Jeremy Allison <j...@samba.org> Date: Thu Apr 27 20:31:40 2017 -0700 s4: torture: samr: Add test for dcesrc_lsa_valid_AccountRight change. Against ad_dc we get NT_STATUS_OK, but against nt_dc we get NT_STATUS_NO_SUCH_PRIVILEGE, so check for both. We can't use TARGET_IS_SAMBA3() here as this is set for talking to smbd even when run under the ad_dc. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> --- Summary of changes: source3/lib/ldap_escape.c | 6 +++--- source3/selftest/tests.py | 3 +++ source4/torture/rpc/samr.c | 46 +- 3 files changed, 51 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/ldap_escape.c b/source3/lib/ldap_escape.c index a731cb9..fa75dab 100644 --- a/source3/lib/ldap_escape.c +++ b/source3/lib/ldap_escape.c @@ -24,12 +24,12 @@ /** * Escape a parameter to an LDAP filter string, so they cannot contain - * embeded ( ) * or \ chars which may cause it not to parse correctly. + * embeded ( ) * or \ chars which may cause it not to parse correctly. * * @param s The input string * - * @return A string allocated with malloc(), containing the escaped string, - * and to be free()ed by the caller. + * @return A string allocated with talloc(), containing the escaped string, + * and to be talloc_free()ed by the caller. **/ char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s) diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 1d02bd2..b4dc417 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -458,6 +458,9 @@ for t in tests: plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER/compound_find -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') +elif t == "rpc.samr.users.privileges": +plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=torture:nt4_dc=true') +plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') else: plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index dcdbb8a..92861f4 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -39,6 +39,7 @@ #include "auth/gensec/gensec.h" #include "auth/gensec/gensec_proto.h" #include "../libcli/auth/schannel.h" +#include "torture/util.h" #define TEST_ACCOUNT_NAME "samrtorturetest" #define TEST_ACCOUNT_NAME_PWD "samrpwdlastset" @@ -4778,6 +4779,41 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p, } { + struct lsa_RightSet rights; + struct lsa_StringLarge names[2]; + struct lsa_AddAccountRights r; + + torture_comment(tctx, "Testing LSA AddAccountRights 1\n"); + + init_lsa_StringLarge([0], "SeInteractiveLogonRight"); + init_lsa_StringLarge([1], NULL); + + rights.count = 1; + rights.names = names; + + r.in.handle = lsa_handle; + r.in.sid = user_sid; + r.in.rights = + + torture_assert_ntstatus_ok(tctx, dcerpc_lsa_AddAccountRights_r(lb, tctx,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 277eac1 lsa4_srv: Factor out dcesrc_lsa_valid_AccountRight() from aa43d0d source3 smdb: fix null pointer dereference https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 277eac1a8e7443bae125e03309e7eeea2799 Author: Volker Lendecke <v...@samba.org> Date: Thu Apr 27 13:37:42 2017 +0200 lsa4_srv: Factor out dcesrc_lsa_valid_AccountRight() The previous code in dcesrv_lsa_AddRemoveAccountRights had the following snippet: if (sec_privilege_id(rights->names[i].string) == SEC_PRIV_INVALID) { if (sec_right_bit(rights->names[i].string) == 0) { talloc_free(msg); return NT_STATUS_NO_SUCH_PRIVILEGE; } talloc_free(msg); return NT_STATUS_NO_SUCH_PRIVILEGE; } If I'm not mistaken, the inner if-statement is essentially dead code, as regardless of the outcome of the if-condition we execute the same code. The effect of this is that you can't "net rpc rights grant" a right, for example SeInteractiveLogonRight. A quick test against a W2k12 server shows that W2k12 allows this call. This patch changes the semantics of dcesrv_lsa_AddRemoveAccountRights to also allow "rights" to be granted and revoked. At the same time, it centralizes the check for validity of user input from dcesrv_lsa_EnumAccountsWithUserRight into dcesrc_lsa_valid_AccountRight too. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Apr 29 09:20:02 CEST 2017 on sn-devel-144 --- Summary of changes: source4/rpc_server/lsa/dcesrv_lsa.c | 31 +-- 1 file changed, 25 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index f013d99..3cccd57 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -99,6 +99,24 @@ struct lsa_trusted_domain_state { struct ldb_dn *trusted_domain_user_dn; }; +static bool dcesrc_lsa_valid_AccountRight(const char *right) +{ + enum sec_privilege priv_id; + uint32_t right_bit; + + priv_id = sec_privilege_id(right); + if (priv_id != SEC_PRIV_INVALID) { + return true; + } + + right_bit = sec_right_bit(right); + if (right_bit != 0) { + return true; + } + + return false; +} + /* this is based on the samba3 function make_lsa_object_sd() It uses the same logic, but with samba4 helper functions @@ -2949,12 +2967,10 @@ static NTSTATUS dcesrv_lsa_AddRemoveAccountRights(struct dcesrv_call_state *dce_ } for (i=0;icount;i++) { - if (sec_privilege_id(rights->names[i].string) == SEC_PRIV_INVALID) { - if (sec_right_bit(rights->names[i].string) == 0) { - talloc_free(msg); - return NT_STATUS_NO_SUCH_PRIVILEGE; - } + bool ok; + ok = dcesrc_lsa_valid_AccountRight(rights->names[i].string); + if (!ok) { talloc_free(msg); return NT_STATUS_NO_SUCH_PRIVILEGE; } @@ -3856,6 +3872,7 @@ static NTSTATUS dcesrv_lsa_EnumAccountsWithUserRight(struct dcesrv_call_state *d struct ldb_message **res; const char * const attrs[] = { "objectSid", NULL}; const char *privname; + bool ok; DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY); @@ -3866,7 +3883,9 @@ static NTSTATUS dcesrv_lsa_EnumAccountsWithUserRight(struct dcesrv_call_state *d } privname = r->in.name->string; - if (sec_privilege_id(privname) == SEC_PRIV_INVALID && sec_right_bit(privname) == 0) { + + ok = dcesrc_lsa_valid_AccountRight(privname); + if (!ok) { return NT_STATUS_NO_SUCH_PRIVILEGE; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via aa43d0d source3 smdb: fix null pointer dereference via 85e98d2 source3 smbd: tests for null pointer dereference via a939db7 s3: smbd: inotify_map_mask_to_filter incorrectly indexes an array. from 77d4e07 tdb: version 1.3.13 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit aa43d0d81baa497135a17e843b05336b4a504809 Author: Gary Lockyer <g...@catalyst.net.nz> Date: Thu Apr 27 12:39:34 2017 +1200 source3 smdb: fix null pointer dereference Fix the null pointer dereference in smbd, introduced in the auth logging changes. Signed-off-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Apr 28 07:18:54 CEST 2017 on sn-devel-144 commit 85e98d2a3190653af56b1adb7597a903b8dec83b Author: Gary Lockyer <g...@catalyst.net.nz> Date: Thu Apr 27 12:02:29 2017 +1200 source3 smbd: tests for null pointer dereference Test case to replicate null pointer dereference in smbd, introduced in the auth logging changes. Signed-off-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a939db725ea81944532ba3b035da0d145bc3b62a Author: Doug Nazar <naz...@nazar.ca> Date: Thu Apr 27 15:41:24 2017 -0700 s3: smbd: inotify_map_mask_to_filter incorrectly indexes an array. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12760 Signed-off-by: Doug Nazar <naz...@nazar.ca> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Christof Schmitt <c...@samba.org> --- Summary of changes: python/samba/tests/net_join_no_spnego.py | 59 source3/smbd/notify_inotify.c| 2 +- source3/smbd/sesssetup.c | 2 +- source4/selftest/tests.py| 3 ++ 4 files changed, 64 insertions(+), 2 deletions(-) create mode 100644 python/samba/tests/net_join_no_spnego.py Changeset truncated at 500 lines: diff --git a/python/samba/tests/net_join_no_spnego.py b/python/samba/tests/net_join_no_spnego.py new file mode 100644 index 000..4da9c2e --- /dev/null +++ b/python/samba/tests/net_join_no_spnego.py @@ -0,0 +1,59 @@ +# Unix SMB/CIFS implementation. +# +# Copyright (C) Catalyst.Net Ltd. 2017 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +""" +Detect null pointer exception in /source3/smbd/sessetup.c +""" + +import samba.tests +import os +from samba.net import Net, LIBNET_JOIN_AUTOMATIC +from samba.credentials import DONT_USE_KERBEROS +from samba import NTSTATUSError, ntstatus +import ctypes + +class NetJoinNoSpnegoTests(samba.tests.TestCase): + +def setUp(self): +super(NetJoinNoSpnegoTests, self).setUp() +self.remoteAddress = "/root/ncalrpc_as_system" +self.domain = os.environ["DOMAIN"] +self.server = os.environ["SERVER"] + +def tearDown(self): +super(NetJoinNoSpnegoTests, self).tearDown() + +def test_net_join_no_spnego(self): +lp = self.get_loadparm() +lp.set("client use spnego", "no") +netbios_name = "NetJoinNoSpnego" +machinepass = "abcdefghij" +creds = self.insta_creds(template=self.get_credentials(), + kerberos_state=DONT_USE_KERBEROS) + +net = Net(creds, lp, server=self.server) + +try: +(join_password, sid, domain_name) = net.join_member( +self.domain, netbios_name, LIBNET_JOIN_AUTOMATIC, +machinepass=machinepass) +except NTSTATUSError as e: +code = ctypes.c_uint32(e[0]).value +if code == ntstatus.NT_STATUS_CONNECTION_DISCONNECTED: +self.fail("Connection failure") +pass diff --git a/source3/smbd/notify_inotify.c b/source3/smbd/notify_inotify.c index 3848dd6..74855a9 100644
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 04b2a18 lib: Fix CID 1405493 Error handling issues (CHECKED_RETURN) via f5c3904 lib/util: fix a Coverity finding in tfork from a9fc25f s3-libgpo: Fix the build of the group policy CSEs https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 04b2a18a1166872d8bb74e1d3e04376ebbecf6b9 Author: Volker Lendecke <v...@samba.org> Date: Tue Apr 25 17:32:43 2017 +0200 lib: Fix CID 1405493 Error handling issues (CHECKED_RETURN) Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Apr 25 23:07:25 CEST 2017 on sn-devel-144 commit f5c3904f356c6f98e464a908ad2b76e44b9e2023 Author: Ralph Boehme <s...@samba.org> Date: Tue Apr 25 17:47:57 2017 +0200 lib/util: fix a Coverity finding in tfork If dup2() fails, fd is -1 and is later used in sys_write(). Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: lib/util/tfork.c | 23 ++- source3/lib/ctdbd_conn.c | 7 ++- 2 files changed, 24 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/tfork.c b/lib/util/tfork.c index 27b6cc0..37c00e6 100644 --- a/lib/util/tfork.c +++ b/lib/util/tfork.c @@ -131,11 +131,24 @@ static pid_t level2_fork_and_wait(int child_ready_fd) * We're going to stay around until child3 exits, so lets close all fds * other then the pipe fd we may have inherited from the caller. */ - fd = dup2(tfork_global->status_pipe[1], 0); - if (fd == -1) { - status = errno; - kill(tfork_global->level3_pid, SIGKILL); - wait = false; + while (true) { + fd = dup2(tfork_global->status_pipe[1], 0); + if (fd == -1) { + if (errno == EINTR) { + continue; + } + status = errno; + + kill(tfork_global->level3_pid, SIGKILL); + + written = sys_write(tfork_global->status_pipe[1], + , sizeof(status)); + if (written != sizeof(status)) { + abort(); + } + _exit(0); + } + break; } closefrom(1); diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c index c629d3c..053d1b5 100644 --- a/source3/lib/ctdbd_conn.c +++ b/source3/lib/ctdbd_conn.c @@ -440,7 +440,12 @@ static int ctdb_read_req(struct ctdbd_connection *conn, uint32_t reqid, **/ int ctdbd_setup_fde(struct ctdbd_connection *conn, struct tevent_context *ev) { - set_blocking(conn->fd, false); + int ret; + + ret = set_blocking(conn->fd, false); + if (ret == -1) { + return errno; + } conn->fde = tevent_add_fd(ev, conn, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a9fc25f s3-libgpo: Fix the build of the group policy CSEs from 5d288a9 tdbtool: Add "storehex" command https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a9fc25f378f75e44847e43d7709765eb22656deb Author: Günther Deschner <g...@samba.org> Date: Mon Apr 24 13:25:41 2017 +0200 s3-libgpo: Fix the build of the group policy CSEs Guenther Signed-off-by: Guenther Deschner <g...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Mon Apr 24 23:19:44 CEST 2017 on sn-devel-144 --- Summary of changes: source3/libgpo/gpext/registry.c | 2 +- source3/libgpo/gpext/scripts.c | 2 +- source3/libgpo/gpext/security.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libgpo/gpext/registry.c b/source3/libgpo/gpext/registry.c index a24485c..088701a 100644 --- a/source3/libgpo/gpext/registry.c +++ b/source3/libgpo/gpext/registry.c @@ -407,7 +407,7 @@ static struct gp_extension_methods registry_methods = { / / -NTSTATUS gpext_registry_init(void) +NTSTATUS gpext_registry_init(TALLOC_CTX *mem_ctx) { NTSTATUS status; diff --git a/source3/libgpo/gpext/scripts.c b/source3/libgpo/gpext/scripts.c index 7471fb8..3f2c514 100644 --- a/source3/libgpo/gpext/scripts.c +++ b/source3/libgpo/gpext/scripts.c @@ -462,7 +462,7 @@ static struct gp_extension_methods scripts_methods = { / / -NTSTATUS gpext_scripts_init(void) +NTSTATUS gpext_scripts_init(TALLOC_CTX *mem_ctx) { NTSTATUS status; diff --git a/source3/libgpo/gpext/security.c b/source3/libgpo/gpext/security.c index dda58d3..3650f4c 100644 --- a/source3/libgpo/gpext/security.c +++ b/source3/libgpo/gpext/security.c @@ -277,7 +277,7 @@ static struct gp_extension_methods security_methods = { / / -NTSTATUS gpext_security_init(void) +NTSTATUS gpext_security_init(TALLOC_CTX *mem_ctx) { NTSTATUS status; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5d288a9 tdbtool: Add "storehex" command via 4ceba0e secrets: Protect against a non-0-terminated ldap password via 3661272 vfs_fruit: lp_case_sensitive() does not return a bool from 52349a7 selftest: Do not enable inbound replication during replica_sync https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5d288a9b1705b75e7e8dcf93a93b7fd6715ad5ef Author: Volker Lendecke <v...@samba.org> Date: Fri Apr 21 14:10:33 2017 +0200 tdbtool: Add "storehex" command Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Apr 22 09:16:16 CEST 2017 on sn-devel-144 commit 4ceba0e18f7ba8f2b32ba24864095683f2168db0 Author: Volker Lendecke <v...@samba.org> Date: Fri Apr 21 13:05:12 2017 +0200 secrets: Protect against a non-0-terminated ldap password Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> commit 36612723b2b18675116b6197183bdfe5e1d9e06f Author: Ralph Boehme <s...@samba.org> Date: Wed Apr 19 13:12:55 2017 +0200 vfs_fruit: lp_case_sensitive() does not return a bool lp_case_sensitive() returns an int, not a bool, so with the default setting of "Auto" by default we set the AAPL flag SMB2_CRTCTX_AAPL_CASE_SENSITIVE. This caused the client to believe the volume is case sensitive where it wasn't, leading to an error when trying to rename files changing only the case of the name. Also fix the existing torture test that verifies AAPL context negotiation and actually expected the server to return "case sensitive", while the Samba default is really "case insensitive". Bug: https://bugzilla.samba.org/show_bug.cgi?id=12749 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: lib/tdb/man/tdbtool.8.xml | 10 ++ lib/tdb/tools/tdbtool.c | 87 + source3/modules/vfs_fruit.c | 20 +-- source3/passdb/secrets.c| 7 source4/torture/vfs/fruit.c | 4 +-- 5 files changed, 123 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/man/tdbtool.8.xml b/lib/tdb/man/tdbtool.8.xml index 9a9b95e..045cbde 100644 --- a/lib/tdb/man/tdbtool.8.xml +++ b/lib/tdb/man/tdbtool.8.xml @@ -160,6 +160,16 @@ + storehex + KEY + DATA + + Store (replace) a record in the + current database where key and data are in hex format. + + + + show KEY diff --git a/lib/tdb/tools/tdbtool.c b/lib/tdb/tools/tdbtool.c index beb3af1..e3535b9 100644 --- a/lib/tdb/tools/tdbtool.c +++ b/lib/tdb/tools/tdbtool.c @@ -48,6 +48,7 @@ enum commands { CMD_DUMP, CMD_INSERT, CMD_MOVE, + CMD_STOREHEX, CMD_STORE, CMD_SHOW, CMD_KEYS, @@ -83,6 +84,7 @@ COMMAND_TABLE cmd_table[] = { {"dump",CMD_DUMP}, {"insert", CMD_INSERT}, {"move",CMD_MOVE}, + {"storehex",CMD_STOREHEX}, {"store", CMD_STORE}, {"show",CMD_SHOW}, {"keys",CMD_KEYS}, @@ -229,6 +231,7 @@ static void help(void) " info : print summary info about the database\n" " insertkey data : insert a record\n" " move key file : move a record to a destination tdb\n" +" storehex key data : store a record (replace), key/value in hex format\n" " store key data : store a record (replace)\n" " show key: show a record by key\n" " deletekey: delete a record by key\n" @@ -346,6 +349,86 @@ static void store_tdb(char *keyname, size_t keylen, char* data, size_t datalen) } } +static bool hexchar(char c, uint8_t *v) +{ + if ((c >= '0') && (c <= '9')) { + *v = (c - '0'); + return true; + } + if ((c >= 'A') && (c <= 'F')) { + *v = (c - 'A' + 10); + return true; + } + if ((c >= 'a') && (c <= 'f')) { + *v = (c - 'a' + 10); + return true; + } + return false; +} + +static bool parse_hex(const char *src, size_t srcle
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 306783d lib: modules: Change XXX_init interface from XXX_init(void) to XXX_init(TALLOC_CTX *) from 9342b3e pyrpc: Fix segfault in ClientConnection https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 306783d6f5d577a0b8bd31d659d8c802f22f0333 Author: Jeremy Allison <j...@samba.org> Date: Thu Apr 20 12:24:43 2017 -0700 lib: modules: Change XXX_init interface from XXX_init(void) to XXX_init(TALLOC_CTX *) Not currently used - no logic changes inside. This will make it possible to pass down a long-lived talloc context from the loading function for modules to use instead of having them internally all use talloc_autofree_context() which is a hidden global. Updated all known module interface numbers, and added a WHATSNEW. Signed-off-by: Jeremy Allison <j...@samba.org> Signed-off-by: Ralph Böhme <s...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Apr 22 01:17:00 CEST 2017 on sn-devel-144 --- Summary of changes: WHATSNEW.txt | 19 +++ auth/gensec/external.c| 4 ++-- auth/gensec/gensec.h | 3 ++- auth/gensec/gensec_start.c| 6 +++--- auth/gensec/ncalrpc.c | 4 ++-- auth/gensec/schannel.c| 4 ++-- auth/gensec/spnego.c | 4 ++-- auth/ntlmssp/ntlmssp.c| 2 +- auth/ntlmssp/ntlmssp.h| 2 +- buildtools/wafsamba/samba_patterns.py | 3 +++ docs-xml/Samba3-Developers-Guide/modules.xml | 14 -- examples/VFS/shadow_copy_test.c | 2 +- examples/VFS/skel_opaque.c| 2 +- examples/VFS/skel_transparent.c | 2 +- examples/auth/auth_skel.c | 4 ++-- examples/pdb/test.c | 2 +- file_server/file_server.c | 4 ++-- lib/util/modules.c| 6 +++--- lib/util/samba_modules.h | 6 +++--- libcli/echo/tests/echo.c | 4 ++-- pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm | 4 ++-- source3/auth/auth.c | 2 +- source3/auth/auth_builtin.c | 2 +- source3/auth/auth_domain.c| 2 +- source3/auth/auth_sam.c | 2 +- source3/auth/auth_samba4.c| 4 ++-- source3/auth/auth_script.c| 4 ++-- source3/auth/auth_unix.c | 2 +- source3/auth/auth_winbind.c | 2 +- source3/auth/proto.h | 12 ++-- source3/include/auth.h| 3 ++- source3/include/idmap.h | 3 ++- source3/include/nss_info.h| 2 +- source3/include/passdb.h | 3 ++- source3/include/smb_perfcount.h | 3 ++- source3/include/vfs.h | 3 ++- source3/modules/perfcount_test.c | 2 +- source3/modules/vfs_acl_tdb.c | 2 +- source3/modules/vfs_acl_xattr.c | 2 +- source3/modules/vfs_afsacl.c | 4 ++-- source3/modules/vfs_aio_fork.c| 4 ++-- source3/modules/vfs_aio_linux.c | 2 +- source3/modules/vfs_aio_pthread.c | 4 ++-- source3/modules/vfs_aixacl.c | 4 ++-- source3/modules/vfs_aixacl2.c | 4 ++-- source3/modules/vfs_audit.c | 2 +- source3/modules/vfs_btrfs.c | 4 ++-- source3/modules/vfs_cacheprime.c | 4 ++-- source3/modules/vfs_cap.c | 4 ++-- source3/modules/vfs_catia.c | 2 +- source3/modules/vfs_ceph.c| 4 ++-- source3/modules/vfs_commit.c | 4 ++-- source3/modules/vfs_crossrename.c | 4 ++-- source3/modules/vfs_default.c | 4 ++-- source3/modules/vfs_default_quota.c | 4 ++-- source3/modules/vfs_dfs_samba4.c | 4 ++-- source3/modules/vfs_dirsort.c | 2 +- source3/modules/vfs_expand_msdfs.c| 4 ++-- source3/modules/vfs_extd_audit.c | 2 +- source3/modules/vfs_fake_acls.c | 4 ++-- source3/modules/vfs_fake_dfq.c| 2 +- source3/modules/vfs_fake_perms.c | 4 ++-- source3/modules/vfs_fileid.c | 4 ++-- source3/modules/vfs_fruit.c | 4 ++-- source3/modules/vfs_full_audit.c | 2 +- source3/modules/vfs_gluste
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d58481b s3-tests: assignement in shell shall have no spaces around equal sign via ff4fb69 _netr_ServerPasswordSet2: use info level 26 to set plain text machine password via f775068 selftest: also run smb2.compound_find against share with async delay set via 2601894 s4/torture: add a test for compound SMB2 FIND requests via 9c95eca s3/smbd: add "smbd:find async delay usec" to SMB2 FIND via d99bd1c s3/smbd: make write time fetching async via 682f1b7 s3/smbd: enable processing SMB2 requests async internally via d1f8d3e s3/smbd: ask_sharemode is not needed for info_level SMB_FIND_FILE_NAMES_INFO via f589919 s3/smbd: add file_id return arg to smbd_dirptr_lanman2_entry via 06891c1 s3/locking: add fetch_share_mode_send/recv via cc56fcd dbwrap_watch: add parse_record_send/recv wrappers via b3f8e9a dbwrap: add dbwrap_parse_record_send/recv via 2813b53 dbwrap_ctdb: implement parse_record_send()/recv() via 6a1734e dbwrap_ctdb: factor out a db_ctdb_try_parse_local_record() function via 0a0c50d ctdb_conn: add ctdbd_parse_send/recv via 4449844 dbwrap: add parse_record_send/recv to struct db_context via 27acbb2 dbwrap: add enum dbwrap_req_state via 1fcb66e lib/util: add and use iov_concat via 1e8e048 lib: param: Remove lpcfg_register_defaults_hook(). from 4fe2b24 smbldap: Move ldapsam_privates to pdb_ldap.h https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d58481bd133a8f59ae553eeff6335162f3c7071c Author: Alexander Bokovoy <a...@samba.org> Date: Tue Apr 18 18:28:29 2017 +0300 s3-tests: assignement in shell shall have no spaces around equal sign When assigning value to 'failed', no spaces should be around '=' sign. Signed-off-by: Alexander Bokovoy <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Apr 19 02:53:25 CEST 2017 on sn-devel-144 commit ff4fb6935a32e33ef01c97d4ee103bc11ac31da0 Author: Alexander Bokovoy <a...@samba.org> Date: Fri Mar 31 12:44:58 2017 +0300 _netr_ServerPasswordSet2: use info level 26 to set plain text machine password To support password change for machine or trusted domain accounts in Active Directory environment we need to pass down actual plain text password instead of NT hashes. This would allow a backend like ipasam to update Kerberos keys as well as NT hashes. By calling samr_SetUserInfo2 info level 26 we ensure PASSDB layer can actually get the plain text password. If PASSDB backend implements pdb_update_sam_account() callback, it then gets the plain text password from samr_SetUserInfo2. A plain text password is a data blob represented as up to 256 WCHARs. It is UTF-16 coded on wire and we have its length from the buffer. SetUserInfo2 SAMR call chain in decode_pw_buffer() does explicitly expect 512+4 bytes in the buffer. It then calls convert_string_talloc() to convert it to UNIX charset passing the correct value of the plaintext password length. However, convert_string_talloc() expects the length of input string *including* the terminating null and we pass just the string length. convert_string_talloc() then explicitly null-terminates the resulting string by adding two nulls. In most cases UNIX charset is UTF-8, so we get null-terminated UTF-8 string down to PASSDB layer. MS-SAMR does not limit what does the password should contain. It says it is 'userPassword' value. Either 'userPassword' or 'unicodePwd' cannot contain null characters according to MS-ADTS 3.1.1.3.1.5 because they must be proper UTF-8 and UTF-16 strings accordingly. We are talking to our own SAMR service here. Signed-off-by: Alexander Bokovoy <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit f775068c4091339cddb1fee278ac51423800c8cf Author: Ralph Boehme <s...@samba.org> Date: Thu Feb 23 22:20:39 2017 +0100 selftest: also run smb2.compound_find against share with async delay set Add a share with "smbd:find async delay usec" set to 1 and run the test smb2.compound_find added in the previous commit against this new share as well. Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 26018947f9b2b1e7d45b54738710fb1d7a6a5ec6 Author: Ralph Boehme <s...@samba.org> Date: Wed Jan 11 17:09:54 2017 +0100 s4/torture: add a test for compound SMB2 FIND requests Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Stefan Metzmacher <me...@s
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 05d83cc vfs_acl_xattr: avoid needlessly supplying a large buffer to getxattr() via 7b775ab vfs_acl_xattr: factor out fetching of an extended attribute via 4dfa2d6 vfs_xattr_tdb: handle case of zero size. via 5017dfe selftest: test fetching a large ACL from vfs_acl_xattr via 0e0f564 docs: Update idmap_rid manpage from ab597b9 s4: server: Use state as the talloc context for open_schannel_session_store. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 05d83ccf7a6fecf963fcb980acd50cebfc0c3ea9 Author: Uri Simchoni <u...@samba.org> Date: Thu Apr 13 12:44:58 2017 +0300 vfs_acl_xattr: avoid needlessly supplying a large buffer to getxattr() When obtaining the security descriptor via getxattr(), first try optimistically to supply a buffer of 4K, and if that turns out to be too small, determine the correct buffer size. The previous behavior of falling back to a 64K buffer encountered problem with Linux prior to version 3.6, due to pyisical memory fragmentation. With those kernels, as long as the buffer is 8K or smaller, getting the xattr is much less prone to failure due to memory fragmentation. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12737 Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Apr 18 04:41:16 CEST 2017 on sn-devel-144 commit 7b775abd9278ae34110ec87d94a736be7f64884a Author: Uri Simchoni <u...@samba.org> Date: Sun Apr 9 00:40:44 2017 +0300 vfs_acl_xattr: factor out fetching of an extended attribute Pure refactoring - add a function that fetches an extended attribute based on either the file descriptor or the file name. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12737 Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 4dfa2d6a0972847e3b21ddf05077e50ed72c4ea8 Author: Uri Simchoni <u...@samba.org> Date: Thu Apr 13 12:50:47 2017 +0300 vfs_xattr_tdb: handle case of zero size. With getxattr(), passing a zero buffer size is a way of obtaining actual xattr size. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12737 Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 5017dfeef24b8d568e0146c085f3f979d688acf2 Author: Uri Simchoni <u...@samba.org> Date: Sun Apr 9 00:20:40 2017 +0300 selftest: test fetching a large ACL from vfs_acl_xattr Add a test that fetches an ACL whose size is larger than 4K. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12737 Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 0e0f56485e83b5ab1c4a4ad44a9bf55103c9981c Author: Andreas Schneider <a...@samba.org> Date: Wed Apr 12 13:17:16 2017 +0200 docs: Update idmap_rid manpage Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: docs-xml/manpages/idmap_rid.8.xml | 12 ++--- source3/modules/vfs_acl_xattr.c| 84 -- source3/modules/vfs_xattr_tdb.c| 12 + source3/script/tests/test_large_acl.sh | 59 source3/selftest/tests.py | 1 + 5 files changed, 135 insertions(+), 33 deletions(-) create mode 100755 source3/script/tests/test_large_acl.sh Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/idmap_rid.8.xml b/docs-xml/manpages/idmap_rid.8.xml index b00d01e..19d89ef 100644 --- a/docs-xml/manpages/idmap_rid.8.xml +++ b/docs-xml/manpages/idmap_rid.8.xml @@ -23,22 +23,18 @@ in this case as the mapping is deterministic. - Note that the idmap_rid module has changed considerably since Samba - versions 3.0. and 3.2. Currently, there should to be an explicit idmap configuration for each domain that should use the idmap_rid backend, using disjoint ranges. + + + + NOTE: The idmap_rid backend can NOT bet used as the default backend. One usually needs to define a writeable default idmap range, using a backend like tdb or ldap that can create unix ids, in order to be able to map the BUILTIN sids and other domains, and also in order to be able to create group mappings. See the example below. - - - Note that the old syntax - idmap backend = rid:"DOM1=range DOM2=range2 ..." - is not supported any more
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ab597b9 s4: server: Use state as the talloc context for open_schannel_session_store. via f24ecb0 s4: server: Remove use of talloc_autofree_context as the parent of event_ctx. via fc8f858 s4: messaging: When talloc_free()'ing an event context, only remove msg_dgm_ref's that point to *that* context. via 5fe996b s4: server: Add a tevent signal handler for SIGTERM. via 139793c s4: server: Add error return checks for tevent_add_fde, tevent_add_timer. via 1ae7028 s4: server: Plumb server_state through the irpc messaging for samba_terminate(). via d721b8d s4: server: Use server_state as a parameter to max_runtime_handler, not just name. via cc14187 s4: server: Use server_state as a parameter to stdin handler, not just name. via a7d0e54 s4: server: Create a server 'state' struct. via 33f5997 s4: server. Whitespace and 80+ column cleanup. via 6115738 s4: messaging. Minor cleanup. Check for error returns on imessaging_register calls. from 5c04521 s3:tests: Add test for illegal value detection for 'name resolve order' https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ab597b9a47102e111a426640ac3ab32aa291687b Author: Jeremy Allison <j...@samba.org> Date: Mon Apr 3 18:16:02 2017 + s4: server: Use state as the talloc context for open_schannel_session_store. Ensure it's freed on all error paths. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Mon Apr 17 23:10:06 CEST 2017 on sn-devel-144 commit f24ecb035b8719c961e1e4ad7c4948f1dbd5165b Author: Jeremy Allison <j...@samba.org> Date: Mon Apr 3 18:04:31 2017 + s4: server: Remove use of talloc_autofree_context as the parent of event_ctx. Use state->event_ctx as the parent of the initial imessaging context. Now we control all exit paths, we can call TALLOC_FREE(state) on all of them. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit fc8f858c8cdac4a50517e48d4f5af6273c27b894 Author: Jeremy Allison <j...@samba.org> Date: Mon Apr 3 17:58:24 2017 + s4: messaging: When talloc_free()'ing an event context, only remove msg_dgm_ref's that point to *that* context. Defensive programming change. Not strictly needed to prevent any crash/error. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 5fe996bc1f0b80e8e68c6fd558222e42b5916b9a Author: Jeremy Allison <j...@samba.org> Date: Fri Mar 31 12:38:14 2017 -0700 s4: server: Add a tevent signal handler for SIGTERM. Simplify by removing global state we don't need now we're called by tevent (and in the short window where we're installed by CatchSignal but before we install the tevent handler we don't need the complex global state handling as we have no forked children). We now have access to struct server_state on all exit paths - next commits will stop using talloc autofree context. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 139793ce06ed5611d3eb37fc09f974265289ec55 Author: Jeremy Allison <j...@samba.org> Date: Fri Mar 31 12:29:03 2017 -0700 s4: server: Add error return checks for tevent_add_fde, tevent_add_timer. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 1ae7028e47076bee2d779a306b5ecb283a02ac0f Author: Jeremy Allison <j...@samba.org> Date: Fri Mar 31 12:23:56 2017 -0700 s4: server: Plumb server_state through the irpc messaging for samba_terminate(). Use it in the message print to avoid a "unused variable" compile error. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit d721b8d86b2f2355bd74c13da010843afcd8c3d2 Author: Jeremy Allison <j...@samba.org> Date: Fri Mar 31 12:00:29 2017 -0700 s4: server: Use server_state as a parameter to max_runtime_handler, not just name. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit cc14187c5ced700f99162d9e3425bb5b87bb70e9 Author: Jeremy Allison <j...@samba.org> Date: Fri Mar 31 11:59:13 2017 -0700 s4: server: Use server_state as a parameter to stdin handler, not just name. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit a7d0e54969701f61a9b05fd7ef2141e
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d92a23e winbind_msrpc: Use any_nt_status_not_ok via 5ee6d44 winbind_pam: Use any_nt_status_not_ok in map_auth_samlogon via e4173fb winbind: Slightly simplify remove_timed_out_clients via 5eacb88 winbind: Avoid a "ok==false" via c91bac5 winbind: Simplify a logic expression via 8220d74 winbindd: remove fallback from lookuprids via 2eeb538 winbindd: remove lookupsid() fallback for a failed lookupsids() via c79a5ac winbindd: remove fallback to lookupsid for unknown SIDs via 32e752e winbindd: handling of failed lookupsids in wb_lookupsids_single_done() via 36e01b6 winbindd: let wb_lookupsids_move_name() handle domain_index UINT32_MAX via 1efaeb0 winbindd: handling of SIDs without domain reference in wb_sids2xids_lookupsids_done() via a58b54a libcli/security: fix dom_sid_in_domain() via 2666121 s3:vfs:shadow_copy2: fix corner case of "/@GMT-token" in shadow_copy2_strip_snapshot via 16c8983 s3:vfs:shadow_copy2: fix the corner case if cwd=/ in make_relative_path via fffd611 s3:vfs:shadow_copy2: fix quoting in debug messages from 397d193 tdb: Test for readonly lock upgrade bug https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d92a23e4ae60801edce69bf9b26f50181fe391b5 Author: Volker Lendecke <v...@samba.org> Date: Thu Mar 9 18:57:14 2017 +0100 winbind_msrpc: Use any_nt_status_not_ok Less lines, less bytes .text Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Apr 12 05:40:36 CEST 2017 on sn-devel-144 commit 5ee6d44665d6a8bee2d50d241422f9b4ecd69ff2 Author: Volker Lendecke <v...@samba.org> Date: Mon Mar 6 20:36:25 2017 + winbind_pam: Use any_nt_status_not_ok in map_auth_samlogon Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit e4173fbc5308aa9376a0305fc0c77a39a28d3497 Author: Volker Lendecke <v...@samba.org> Date: Thu Mar 9 17:50:01 2017 +0100 winbind: Slightly simplify remove_timed_out_clients Best reviewed with "git show -b" Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 5eacb88831e8156d5a3dc3815807f5522af53c46 Author: Volker Lendecke <v...@samba.org> Date: Thu Mar 9 18:27:55 2017 +0100 winbind: Avoid a "ok==false" Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit c91bac5a63124bb33a7048e91fe1c27864251a3e Author: Volker Lendecke <v...@samba.org> Date: Thu Mar 9 18:49:39 2017 +0100 winbind: Simplify a logic expression This isn't 100% the same flow, but before this patch we initialized domain->primary to "false" via "talloc_zero". This means that the end-result should be the same before and after this patch that IMHO simplifies the logic a bit. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 8220d7453fcf900eb50a2a06b46f1c7807b02ec9 Author: Ralph Boehme <s...@samba.org> Date: Sun Apr 2 14:15:33 2017 +0200 winbindd: remove fallback from lookuprids We're only calling lookuprids for our local SAM and BUILTIN domains, if that results in a failed lookup for some rid, sending it again via lookupsids() won't help, it will just fail again. If the caller wrongly had sent any other SID that is not from our SAM or BUILTIN via lookuprids(), that it is up to the caller to fix that, not us. The retry logic with going through the single sids lookup at the end added a fake domain with an empty string. The wb_lookupsids caller wb_sids2xids needed this, as it wasn't doing the needed error handling itself. As wb_sids2xids has been fixed to cope, we can just fail the lookupsids here. Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 2eeb53890bba81a0fce18c3eb185c337c902 Author: Ralph Boehme <s...@samba.org> Date: Fri Mar 24 16:54:39 2017 +0100 winbindd: remove lookupsid() fallback for a failed lookupsids() If lookupsids() returned any other error then OK, SOME_NOT_MAPPED or NONE_MAPPED we must just bail out. If some or all SIDs could not be mapped via lookupds(), don't fallback to lookupsid(), it will just fail again. The retry logic with going through the single sids lookup at the end added a fake domain with an empty string. The wb_lo
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 397d193 tdb: Test for readonly lock upgrade bug via a6f1532 tdb: Do lock upgrades properly via 97cafdc tdb: Fix some signed/unsigned hickups via 3667876 selftest: Test for bug 12558 from 94b7672 third_party: Add cmocka 1.1.1 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 397d1936ec34fa573c7d46cc51c971986e8f7fe8 Author: Volker Lendecke <v...@samba.org> Date: Tue Nov 8 17:01:56 2016 +0100 tdb: Test for readonly lock upgrade bug Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Apr 11 00:33:31 CEST 2017 on sn-devel-144 commit a6f1532d7fedc6b6f36b511aebe8998e9452b7ff Author: Volker Lendecke <v...@samba.org> Date: Mon Nov 7 21:40:15 2016 +0100 tdb: Do lock upgrades properly When a process holds a readlock and wants to upgrade, this needs to be reflected in the underlying lock. Without this, it is possible to cheat: One process holds a readlock, and another process wants to write this record. All the writer has to do is take a readonly lock on the key and then do the store. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 97cafdcfaaaff17ebffe873b5e31462f0d1268b1 Author: Volker Lendecke <v...@samba.org> Date: Mon Nov 7 21:38:58 2016 +0100 tdb: Fix some signed/unsigned hickups Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 3667876ebebb7181d89834e6038e2d7218c98797 Author: Volker Lendecke <v...@samba.org> Date: Fri Apr 7 16:33:57 2017 +0200 selftest: Test for bug 12558 Bug: https://bugzilla.samba.org/show_bug.cgi?id=12558 Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> --- Summary of changes: lib/tdb/common/lock.c | 28 - lib/tdb/test/run-rdlock-upgrade.c | 166 ++ lib/tdb/wscript | 1 + source3/script/tests/test_smbclient_s3.sh | 11 ++ 4 files changed, 201 insertions(+), 5 deletions(-) create mode 100644 lib/tdb/test/run-rdlock-upgrade.c Changeset truncated at 500 lines: diff --git a/lib/tdb/common/lock.c b/lib/tdb/common/lock.c index 195dbb5..4ad70cf 100644 --- a/lib/tdb/common/lock.c +++ b/lib/tdb/common/lock.c @@ -294,7 +294,7 @@ fail: static struct tdb_lock_type *find_nestlock(struct tdb_context *tdb, tdb_off_t offset) { - unsigned int i; + int i; for (i=0; inum_lockrecs; i++) { if (tdb->lockrecs[i].off == offset) { @@ -321,6 +321,22 @@ int tdb_nest_lock(struct tdb_context *tdb, uint32_t offset, int ltype, new_lck = find_nestlock(tdb, offset); if (new_lck) { + if ((new_lck->ltype == F_RDLCK) && (ltype == F_WRLCK)) { + if (!tdb_have_mutexes(tdb)) { + int ret; + /* +* Upgrade the underlying fcntl +* lock. Mutexes don't do readlocks, +* so this only applies to fcntl +* locking. +*/ + ret = tdb_brlock(tdb, ltype, offset, 1, flags); + if (ret != 0) { + return ret; + } + } + new_lck->ltype = F_WRLCK; + } /* * Just increment the in-memory struct, posix locks * don't stack. @@ -381,7 +397,7 @@ static int tdb_lock_and_recover(struct tdb_context *tdb) static bool have_data_locks(const struct tdb_context *tdb) { - unsigned int i; + int i; for (i = 0; i < tdb->num_lockrecs; i++) { if (tdb->lockrecs[i].off >= lock_offset(-1)) @@ -560,7 +576,8 @@ static int tdb_allrecord_check(struct tdb_context *tdb, int ltype, return -1; } - if (tdb->allrecord_lock.count && tdb->allrecord_lock.ltype == ltype) { + if (tdb->allrecord_lock.count && + tdb->allrecord_lock.ltype == (uint32_t)ltype) { tdb->allrecord_lock.count++; return 0; } @@ -706,7 +723,7 @@ int tdb_allrecord_unlock(struct tdb_context *tdb, int ltype, bool mark_lock) } /* Upgradable l
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a9bd9a1 s3:tests: Create a test directory for a clean test from 5b4a1b6 docs: fixup smbclient rename -f option https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a9bd9a143e6f76dcef011399433b7b779f1ed2e5 Author: Andreas Schneider <a...@samba.org> Date: Tue Apr 4 11:07:36 2017 +0200 s3:tests: Create a test directory for a clean test The test fails on openSUSE Tumbleweed with: NT_STATUS_FILE_IS_A_DIRECTORY opening remote file \foo\bar\testfile This cleans up the code to create a directory 'test' which can be completely removed so nothing will stay behind. It also makes sure that all parent directories are created and the files have some content. https://bugzilla.samba.org/show_bug.cgi?id=12721 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Apr 8 12:29:19 CEST 2017 on sn-devel-144 --- Summary of changes: source3/script/tests/test_smbclient_s3.sh | 35 ++- 1 file changed, 16 insertions(+), 19 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/script/tests/test_smbclient_s3.sh b/source3/script/tests/test_smbclient_s3.sh index 9bff883..a7bffcb 100755 --- a/source3/script/tests/test_smbclient_s3.sh +++ b/source3/script/tests/test_smbclient_s3.sh @@ -1100,29 +1100,26 @@ EOF test_nosymlinks() { # Setup test dirs. -slink_name="$LOCAL_PATH/nosymlinks/source" -slink_target="$LOCAL_PATH/nosymlinks/target" -mkdir_target="$LOCAL_PATH/nosymlinks/a" -dir1="$LOCAL_PATH/nosymlinks/foo" -dir2="$LOCAL_PATH/nosymlinks/foo/bar" -get_target="$LOCAL_PATH/nosymlinks/foo/bar/testfile" - -rm -f $slink_target -rm -f $slink_name -rm -rf $mkdir_target -rm -rf $dir1 +test_dir="$LOCAL_PATH/nosymlinks/test" -touch $slink_target +slink_name="$test_dir/source" +slink_target="$test_dir/target" +foobar_dir="$test_dir/foo/bar" +get_target="$test_dir/foo/bar/testfile" + +rm -rf $test_dir + +mkdir -p $test_dir +echo "$slink_target" > $slink_target ln -s $slink_target $slink_name -mkdir $dir1 -mkdir $dir2 -touch $get_target +mkdir -p $foobar_dir +echo "$get_target" > $get_target # Getting a file through a symlink name should fail. tmpfile=$PREFIX/smbclient_interactive_prompt_commands cat > $tmpfile < $tmpfile < $tmpfile <
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5b4a1b6 docs: fixup smbclient rename -f option via 8dfbba5 winbindd: error handling in rpc_lookup_sids() via 416c74e s3/rpc_client: lookupsids error handling of NT_STATUS_NONE_MAPPED via 0e7e4eb s3/rpc_client: use NT_STATUS_LOOKUP_ERR via fc37c73 s3/include: add NT_STATUS_LOOKUP_ERR via 893fc5a s4/torture: vfs_fruit: test for bug 12565 via a36de8b vfs_fruit: resource fork open request with flags=O_CREAT|O_RDONLY via baa3e71 smbd: Fix smb1 findfirst with DFS from 94e2aa7 WHATSNEW: Deprecate "auth methods" and "map untrusted to domain" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5b4a1b628ecf533374f57c8cdda8fc0f9f38d496 Author: Uri Simchoni <u...@samba.org> Date: Fri Apr 7 21:10:47 2017 +0300 docs: fixup smbclient rename -f option Fixup documentation of new -f option of the smbclient rename command. This command is supported by SMB1 and SMB2. Signed-off-by: Uri Simchoni <u...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Apr 8 02:38:16 CEST 2017 on sn-devel-144 commit 8dfbba59d768b10f6b088cfc49e5dbe6de4834e1 Author: Ralph Boehme <s...@samba.org> Date: Sun Mar 26 08:22:13 2017 +0200 winbindd: error handling in rpc_lookup_sids() NT_STATUS_NONE_MAPPED and NT_STATUS_SOME_NOT_MAPPED should not be treated as fatal error. We should continue processing the results and not bail out. In case we got NT_STATUS_NONE_MAPPED we must have to ensure all lsa_TranslatedName are of type SID_NAME_UNKNOWN. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12728 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 416c74e8c89dc2fb2083beaaa9ac8a6e975ec873 Author: Ralph Boehme <s...@samba.org> Date: Sat Apr 1 16:51:07 2017 +0200 s3/rpc_client: lookupsids error handling of NT_STATUS_NONE_MAPPED NT_STATUS_NONE_MAPPED is not a fatal error, it just means we must return all lsa_TranslatedName's as type SID_NAME_UNKNOWN. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12728 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 0e7e4ebad31caa1ccb392f2fe20c67929149b8c9 Author: Ralph Boehme <s...@samba.org> Date: Sat Apr 1 16:56:39 2017 +0200 s3/rpc_client: use NT_STATUS_LOOKUP_ERR No change in behaviour. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12728 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit fc37c7327dc7e4ad4405e324fc88d4bbf9b6ef9e Author: Ralph Boehme <s...@samba.org> Date: Sat Apr 1 16:44:45 2017 +0200 s3/include: add NT_STATUS_LOOKUP_ERR Useful helper macro to check the return value of LSA and SAMR translations. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12728 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 893fc5abbe0a1b63ebd81f442a8d544572ed76a9 Author: Ralph Boehme <s...@samba.org> Date: Tue Feb 7 15:13:15 2017 +0100 s4/torture: vfs_fruit: test for bug 12565 Bug: https://bugzilla.samba.org/show_bug.cgi?id=12565 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a36de8b81aa88c31450e68ec54d6b659b1693878 Author: Ralph Boehme <s...@samba.org> Date: Tue Feb 7 07:44:40 2017 +0100 vfs_fruit: resource fork open request with flags=O_CREAT|O_RDONLY When receiving an SMB create request with read-only access mode and open_if disposition, we end of calling the open() function with flags=O_CREAT|O_RDONLY for the ._ AppleDouble file. If the file doesn't exist, ie there's currently no rsrc stream, we create it but then we fail to write the AppleDouble header into the file due to the O_RDONLY open mode, leaving a 0 byte size ._ file. Running this create requests against macOS SMB server yields an interesting result: it returns NT_STATUS_OBJECT_NAME_NOT_FOUND even though create dispotion is open_if. Another instance where the macOS SMB server just exposes FSA behaviour (ie HFS+) and we have to adapt to be compatible. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12565 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit baa3e71f7968ec3239d80d7602839c2d7c2de74f Author: Volker Lendecke <v...@samba.org> Date: Thu Apr 6 22:12:36 2017 +0200 smbd: Fix smb1 findfi