[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d650f884ec1 lib:ldb: Use correct integer types for sizes via 17dd13bb4bc lib:ldb: Add missing overflow check in ldb_msg_normalize() via 82b07bd048e lib:tdb: Add missing overflow check for num_values in pytdb.c via e9c4538e272 lib:tdb: Remove trailing spaces from pytdb.c from 80159018e41 s3:utils: Fix Inherit-Only flag being automatically propagated to children https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d650f884ec1be0745af93020366b9e115670b771 Author: Andreas Schneider Date: Tue Apr 30 14:33:51 2024 +0200 lib:ldb: Use correct integer types for sizes Error: INTEGER_OVERFLOW (CWE-190): ldb-2.9.0/common/ldb_ldif.c:84: tainted_data_return: Called function "read(f, buf, size)", and a possible return value may be less than zero. ldb-2.9.0/common/ldb_ldif.c:84: cast_overflow: An assign that casts to a different type, which might trigger an overflow. ldb-2.9.0/common/ldb_ldif.c:92: overflow: The expression "size" is considered to have possibly overflowed. ldb-2.9.0/common/ldb_ldif.c:84: overflow_sink: "size", which might be negative, is passed to "read(f, buf, size)". [Note: The source code implementation of the function has been overridden by a builtin model.] 82| buf = (char *)value->data; 83| while (count < statbuf.st_size) { 84|-> bytes = read(f, buf, size); 85| if (bytes == -1) { 86| talloc_free(value->data); Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Apr 30 15:33:32 UTC 2024 on atb-devel-224 commit 17dd13bb4bc9bd38f663c376ee73de6598715da7 Author: Andreas Schneider Date: Tue Apr 30 14:27:54 2024 +0200 lib:ldb: Add missing overflow check in ldb_msg_normalize() Error: INTEGER_OVERFLOW (CWE-190): ldb-2.9.0/common/ldb_msg.c:1235: tainted_data_argument: The check "i < msg2->num_elements" contains the tainted expression "i" which causes "msg2->num_elements" to be considered tainted. ldb-2.9.0/common/ldb_msg.c:1253: overflow: The expression "msg2->num_elements - (i + 1U)" is deemed underflowed because at least one of its arguments has underflowed. ldb-2.9.0/common/ldb_msg.c:1253: overflow: The expression "32UL * (msg2->num_elements - (i + 1U))" is deemed underflowed because at least one of its arguments has underflowed. ldb-2.9.0/common/ldb_msg.c:1253: overflow_sink: "32UL * (msg2->num_elements - (i + 1U))", which might have underflowed, is passed to "memmove(el2, el2 + 1, 32UL * (msg2->num_elements - (i + 1U)))". [Note: The source code implementation of the function has been overridden by a builtin model.] 1251| talloc_free(discard_const_p(char, el2->name)); 1252| if ((i+1) < msg2->num_elements) { 1253|-> memmove(el2, el2+1, sizeof(struct ldb_message_element) * 1254| (msg2->num_elements - (i+1))); 1255| } Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit 82b07bd048e8039896be7edec6b83cbd6ff218d9 Author: Andreas Schneider Date: Tue Apr 30 14:16:33 2024 +0200 lib:tdb: Add missing overflow check for num_values in pytdb.c Error: INTEGER_OVERFLOW (CWE-190): tdb-1.4.10/pytdb.c:401: cast_overflow: Truncation due to cast operation on "num_values" from 64 to 32 bits. tdb-1.4.10/pytdb.c:401: overflow_sink: "num_values", which might have overflowed, is passed to "tdb_storev(self->ctx, key, values, num_values, flag)". 399| } 400| 401|-> ret = tdb_storev(self->ctx, key, values, num_values, flag); 402| free(values); 403| PyErr_TDB_ERROR_IS_ERR_RAISE(ret, self->ctx); Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit e9c4538e272a32f9fe4dcdabc6f44b95ddfda6e7 Author: Andreas Schneider Date: Tue Apr 30 14:16:15 2024 +0200 lib:tdb: Remove trailing spaces from pytdb.c Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: lib/ldb/common/ldb_ldif.c | 3 ++- lib/ldb/common/ldb_msg.c | 2 +- lib/tdb/pytdb.c | 22 +- 3 files changed, 16 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/common/ldb_ldif.c b/lib/ldb/common/ldb_
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 96b5cfe4e6c s3:libsmb: Pass a memory context to get_ipc_connect() via 56426eda9bd s3:libsmb: Make get_ipc_connect() static via bf688e0d2af s3:libnet: Fix memory leak in libnet_join_connect_dc_ipc() via d2297b41a20 s3:libsmb: Pass memory context to cli_full_connection_creds() via 5c63d5bdab1 s3:libsmb: Pass memory context to cli_full_connection_creds_recv() via f95947b s3:libsmb: Pass a memory context to cli_start_connection() via f3fda1e440c s3:libsmb: Pass a memory context to cli_start_connection_recv() via bbb21797bf6 s3:libsmb: Pass memory context to cli_connect_nb() via 4f62937dfab s3:torture: Remove trailing spaces in torture.c via c8eabee18bd s3:nmbd: Remove trailing spaces in nmbd_synclists.c via 2154bd37e41 s3:libsmb: Pass a memory context to cli_connect_nb_recv() from 73e3ffb8418 python:tests: Store keys as bytes rather than as lists of ints https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 96b5cfe4e6c4b727c286b0856446c1d5a31b920b Author: Andreas Schneider Date: Thu Nov 23 15:53:29 2023 +0100 s3:libsmb: Pass a memory context to get_ipc_connect() Indirect leak of 792 byte(s) in 1 object(s) allocated from: #0 0x7f261b8dc03f in malloc (/lib64/libasan.so.8+0xdc03f) (BuildId: 3e1694ad218c99a8b1b69231666a27df63cf19d0) #1 0x7f261b2c2bc2 in __talloc_with_prefix ../../lib/talloc/talloc.c:783 #2 0x7f261b2c473d in __talloc ../../lib/talloc/talloc.c:825 #3 0x7f261b2c473d in _talloc_named_const ../../lib/talloc/talloc.c:982 #4 0x7f261b2c473d in _talloc_zero ../../lib/talloc/talloc.c:2421 #5 0x7f2618cb42bc in smbXcli_conn_create ../../libcli/smb/smbXcli_base.c:350 #6 0x7f261a74acd3 in cli_state_create ../../source3/libsmb/clientgen.c:196 #7 0x7f261a751f0d in cli_connect_nb_done ../../source3/libsmb/cliconnect.c:2715 #8 0x7f261a69bacf in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177 #9 0x7f261a69bd06 in tevent_req_finish ../../lib/tevent/tevent_req.c:234 #10 0x7f261a69bd6e in _tevent_req_done ../../lib/tevent/tevent_req.c:240 #11 0x7f261a752dde in cli_connect_sock_done ../../source3/libsmb/cliconnect.c:2624 #12 0x7f261a69bacf in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177 #13 0x7f261a69bd06 in tevent_req_finish ../../lib/tevent/tevent_req.c:234 #14 0x7f261a69bd6e in _tevent_req_done ../../lib/tevent/tevent_req.c:240 #15 0x7f261a7ba2c4 in smbsock_any_connect_connected ../../source3/libsmb/smbsock_connect.c:788 #16 0x7f261a69bacf in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177 #17 0x7f261a69bd06 in tevent_req_finish ../../lib/tevent/tevent_req.c:234 #18 0x7f261a69bd6e in _tevent_req_done ../../lib/tevent/tevent_req.c:240 #19 0x7f261a7b75ad in smbsock_connect_connected ../../source3/libsmb/smbsock_connect.c:524 #20 0x7f261a69bacf in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177 #21 0x7f261a69bd06 in tevent_req_finish ../../lib/tevent/tevent_req.c:234 #22 0x7f261a69bd6e in _tevent_req_done ../../lib/tevent/tevent_req.c:240 #23 0x7f261b4b400a in open_socket_out_connected ../../source3/lib/util_sock.c:484 #24 0x7f261a69bacf in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177 #25 0x7f261a69bd06 in tevent_req_finish ../../lib/tevent/tevent_req.c:234 #26 0x7f261a69be3e in tevent_req_trigger ../../lib/tevent/tevent_req.c:291 #27 0x7f261a699df4 in tevent_common_invoke_immediate_handler ../../lib/tevent/tevent_immediate.c:190 #28 0x7f261a699e31 in tevent_common_loop_immediate ../../lib/tevent/tevent_immediate.c:236 #29 0x7f261a6ad3ec in epoll_event_loop_once ../../lib/tevent/tevent_epoll.c:905 #30 0x7f261a6a679e in std_event_loop_once ../../lib/tevent/tevent_standard.c:110 #31 0x7f261a696538 in _tevent_loop_once ../../lib/tevent/tevent.c:820 Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Apr 29 09:48
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 78208d4fe47 ctdb: Remove an unnecessary cast via 8eaba9dbc5b smbd: Fix a DBG message from 072cb98e432 smbd: Avoid a ZERO_STRUCT() with direct struct initialization https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 78208d4fe47a0c634a6bd7c04f3d01f0020ee88b Author: Volker Lendecke Date: Thu Feb 29 15:33:56 2024 +0100 ctdb: Remove an unnecessary cast nl->srvid is uint64_t, as is the srvid parameter of ctdb_daemon_send_message() Signed-off-by: Volker Lendecke Reviewed-by: Martin Schwenke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Mar 13 08:43:16 UTC 2024 on atb-devel-224 commit 8eaba9dbc5bd4befd6d1a651cf0666da0ff36265 Author: Volker Lendecke Date: Tue Feb 20 12:50:36 2024 +0100 smbd: Fix a DBG message Signed-off-by: Volker Lendecke Reviewed-by: Martin Schwenke --- Summary of changes: ctdb/server/ctdb_daemon.c | 5 - source3/smbd/notifyd/notifyd.c | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/server/ctdb_daemon.c b/ctdb/server/ctdb_daemon.c index eb9d63454de..0a53770a6bf 100644 --- a/ctdb/server/ctdb_daemon.c +++ b/ctdb/server/ctdb_daemon.c @@ -2016,7 +2016,10 @@ static int ctdb_client_notify_destructor(struct ctdb_client_notify_list *nl) DEBUG(DEBUG_ERR,("Sending client notify message for srvid:%llu\n", (unsigned long long)nl->srvid)); - ret = ctdb_daemon_send_message(nl->ctdb, CTDB_BROADCAST_CONNECTED, (unsigned long long)nl->srvid, nl->data); + ret = ctdb_daemon_send_message(nl->ctdb, + CTDB_BROADCAST_CONNECTED, + nl->srvid, + nl->data); if (ret != 0) { DEBUG(DEBUG_ERR,("Failed to send client notify message\n")); } diff --git a/source3/smbd/notifyd/notifyd.c b/source3/smbd/notifyd/notifyd.c index ca303bd4d51..4af62a9a1f9 100644 --- a/source3/smbd/notifyd/notifyd.c +++ b/source3/smbd/notifyd/notifyd.c @@ -228,7 +228,7 @@ struct tevent_req *notifyd_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, ret = server_id_db_set_exclusive(names_db, "notify-daemon"); if (ret != 0) { - DBG_DEBUG("server_id_db_add failed: %s\n", + DBG_DEBUG("server_id_db_set_exclusive() failed: %s\n", strerror(ret)); tevent_req_error(req, ret); goto deregister_get_db; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 072cb98e432 smbd: Avoid a ZERO_STRUCT() with direct struct initialization via 02d9631cf33 tools: Fix whitespace via f948b6267e4 smbd: Fix a typo via 17caec0ead0 smbd: Fix and modernize a few DBG statements via 965fec35472 smbd: Give smbXsrv_session.c its own header file via c37eb90d731 vfs: Fix a typo via d393fd46936 auth: Simplify smb_krb5_send_to_kdc_state_destructor() via 7f5d5ddde1d smbd: Fix a comment via ac8d38cf13f smbXsrv_version: Use a struct assignment via 5885a69a985 smbXsrv_version: Remove unused smbXsrv_version_global0->db_rec via f1af8843def smbXsrv_version: Use a struct assignment instead of ZERO_STRUCT via 90bd197dd57 smbXsrv_version: Modernize DEBUG statements via 97896fa7e54 lib: Simplify _hexcharval via 01cbfab9538 smbd: Add parentheses for easier readability via 56233406de4 torture: Fix an error message via 32ecf1fe607 lib: Simplify copy_unix_token() via 9f565512755 libsmb: Simplify an if-condition via 7c68d88cefb lib: Make GUID_to_ndr_buf() return void via ea09be77523 smbd: Remove get_Protocol() via 67f6fcfe17b smbd: Remove the last use of get_Protocol() via 72492de5783 smbd: Add conn_protocol() via 51bb236a698 smbd: Modernize a DEBUG statement via 5246267d173 smbd: Simplify fsp_fullbasepath() via be15ab4c785 smbd: Remove unused declarations in smbXsrv.idl from 0e40506d21b selftest: add tests for "samba-tool user list --locked-only" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 072cb98e4326c4124c649e911970acbf004f16bb Author: Volker Lendecke Date: Mon Feb 19 09:57:16 2024 +0100 smbd: Avoid a ZERO_STRUCT() with direct struct initialization Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Mar 12 14:33:14 UTC 2024 on atb-devel-224 commit 02d9631cf3319ead42487ea301aa268f659d9f0b Author: Volker Lendecke Date: Thu Feb 8 11:02:15 2024 +0100 tools: Fix whitespace Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit f948b6267e413b33672d4de7d78fe4eb5b838c5a Author: Volker Lendecke Date: Thu Feb 8 10:28:02 2024 +0100 smbd: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 17caec0ead0913836ca136663fc5c591dc983f84 Author: Volker Lendecke Date: Thu Feb 8 10:24:56 2024 +0100 smbd: Fix and modernize a few DBG statements There were still a few function names in DBGs Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 965fec354729fd63a25616fc52989d524826f4b4 Author: Volker Lendecke Date: Thu Feb 8 10:04:32 2024 +0100 smbd: Give smbXsrv_session.c its own header file Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit c37eb90d73131d005b563d7f0944daf39cd92de6 Author: Volker Lendecke Date: Sun Feb 4 10:09:07 2024 +0100 vfs: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit d393fd469365d64c4acde3c399a167123916c348 Author: Volker Lendecke Date: Mon Feb 12 13:35:19 2024 +0100 auth: Simplify smb_krb5_send_to_kdc_state_destructor() Replace a call to dbwrap_fetch_locked() with the higherlevel dbwrap_delete(). Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 7f5d5ddde1d8fa7674c352f049f49298d5169975 Author: Volker Lendecke Date: Sun Feb 11 12:44:10 2024 +0100 smbd: Fix a comment Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit ac8d38cf13f6feee9ae70c851a3a045ed63dbb6d Author: Volker Lendecke Date: Sat Feb 10 10:40:46 2024 +0100 smbXsrv_version: Use a struct assignment Make sure everything is initialized Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 5885a69a9855e450a27980462f58654c80a9782b Author: Volker Lendecke Date: Sat Feb 10 10:37:42 2024 +0100 smbXsrv_version: Remove unused smbXsrv_version_global0->db_rec Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit f1af8843defeaaf03b1e7d77655419b6c9e67f39 Author: Volker Lendecke Date: Sat Feb 10 10:36:51 2024 +0100 smbXsrv_version: Use a struct assignment instead of ZERO_STRUCT Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 90bd197dd57d7872b730b488e9d16144bde60438 Author: Volker Lendecke Date: Sat Feb 10 10:29:35 2024 +0100 smbXsrv_version: Modernize DEBUG statements Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 97896fa7e54039b0a56510f9ccd22e71fb42b42c Author: Volker Lendecke Date: Mon Feb 19 13:15:55 202
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6005de8cb39 ctdb-scripts: Remove usage of releaseip-pre, takeip-pre pseudo-events via 2de2d5dd201 ctdb-scripts: Remove unnecessary 06.nfs.script via e3294e55269 ctdb-doc: Put NFS in grace on startipreallocate via 34c76ffec50 ctdb-doc: Factor out grace period function via 9631e3569d7 ctdb-client: Remove unused function via a4e492f728d ctdb-scripts: Add handling for startipreallocate via 7dacbcd0ec7 ctdb: send a CTDB_SRVID_START_IPREALLOCATE message after CTDB_EVENT_START_IPREALLOCATE via 2483a2ae209 ctdb-takeover: Use CTDB_CONTROL_START_IPREALLOCATE via b7cc56d22db ctdb-server: Implement CTDB_CONTROL_START_IPREALLOCATE via 9a20dfe97a0 ctdb-protocol: Add new control CTDB_CONTROL_START_IPREALLOCATE via d97e642ba8b ctdb-daemon: Implement startipreallocate event via 786adccaa93 ctdb-protocol: Add new event startipreallocate via ed67e650579 ctdb-common: Remove old runstate/string translation functions via 318d526a0d1 ctdb-common: Remove unused variable ctdb_eventscript_call_names. via 9f68656b473 ctdb-daemon: Use ctdb_event_to_string() from da7f056fb5d lib/ldb-samba: Remove unused ldb.set_opaque_integer() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6005de8cb39320a06ff33c4b3c725ba14f72951a Author: Vinit Agnihotri Date: Thu Oct 26 23:38:22 2023 -0700 ctdb-scripts: Remove usage of releaseip-pre, takeip-pre pseudo-events These were generated by 06.nfs.script. Signed-off-by: Vinit Agnihotri Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Mar 6 07:09:06 UTC 2024 on atb-devel-224 commit 2de2d5dd2018708eeca7e8a7c66015f81bcaf693 Author: Vinit Agnihotri Date: Thu Oct 26 23:35:25 2023 -0700 ctdb-scripts: Remove unnecessary 06.nfs.script Signed-off-by: Vinit Agnihotri Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit e3294e552690afe2e7b5fae03e684542d45cc5ce Author: Vinit Agnihotri Date: Thu Oct 26 23:07:47 2023 -0700 ctdb-doc: Put NFS in grace on startipreallocate Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 34c76ffec50d9d4e85a33859b5694bc8c01e304d Author: Vinit Agnihotri Date: Thu Oct 26 23:03:01 2023 -0700 ctdb-doc: Factor out grace period function Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 9631e3569d77857f92deed41faa888f62f2c541e Author: Vinit Agnihotri Date: Thu Oct 26 03:09:07 2023 -0700 ctdb-client: Remove unused function Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit a4e492f728d895d59730de7d8f2e4f3a9ac8b7f4 Author: Vinit Agnihotri Date: Thu Oct 26 03:32:00 2023 -0700 ctdb-scripts: Add handling for startipreallocate Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 7dacbcd0ec79a3a2198aebc43040d2693375adcf Author: Vinit Agnihotri Date: Tue Feb 27 00:13:57 2024 -0800 ctdb: send a CTDB_SRVID_START_IPREALLOCATE message after CTDB_EVENT_START_IPREALLOCATE Event scripts run the "start_ipreallocate" hook in order to notice that some ip addresses in the cluster potentially changed. CTDB_SRVID_START_IPREALLOCATE gives C code a chance to get notified as well once the event scripts are finished. Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 2483a2ae209c86b441fb4763cd595cb9254e5382 Author: Vinit Agnihotri Date: Wed Oct 25 03:30:27 2023 -0700 ctdb-takeover: Use CTDB_CONTROL_START_IPREALLOCATE Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit b7cc56d22dbd117f4c32a794f3116a61b3c8a7ee Author: Vinit Agnihotri Date: Wed Oct 25 23:55:17 2023 -0700 ctdb-server: Implement CTDB_CONTROL_START_IPREALLOCATE Trigger a "startipreallocate" event, but only if in RUNNING runstate. "startipreallocate" is intended to allow an NFS server to be put into grace on all nodes before any locks are released as part of releaseip during failover. If node A is leader and initiates a takeover run then node B may be connected/active but may not have completed startup. In this case, the attempt to put NFS-Ganesha into grace on node B will fail, startipreallocate will fail, and the node will be banned. Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 9a20dfe97a03d772a5bb73e4becd7865acb3644f Author
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 667265b6851 ctdb-tests: Limit red-black tree test to 5s of random inserts from 0c1ac197768 samba-tool user getpassword: Clarify success wording https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 667265b6851e3c99f761ed65e8d2b9a8eb9cb4e1 Author: Martin Schwenke Date: Thu Feb 29 13:30:04 2024 +1100 ctdb-tests: Limit red-black tree test to 5s of random inserts rb_test_001.sh runs for 60s even though rb_tree.c is almost never modified. This generally extends test time by an unreasonable amount of time. Add an optional timeout (in seconds) argument to rb_test, defaulting to 60, and pass 5 from rb_test_001.sh. If anyone ever significantly updates rb_tree.c then they can run rb_test directly with its default 60s timeout... or for as long as they like. Reported-by: Volker Lendecke Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Feb 29 13:20:40 UTC 2024 on atb-devel-224 --- Summary of changes: ctdb/tests/UNIT/cunit/rb_test_001.sh | 6 -- ctdb/tests/src/rb_test.c | 14 +++--- 2 files changed, 15 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/tests/UNIT/cunit/rb_test_001.sh b/ctdb/tests/UNIT/cunit/rb_test_001.sh index 25d3ceb8ed0..a2cf2571f98 100755 --- a/ctdb/tests/UNIT/cunit/rb_test_001.sh +++ b/ctdb/tests/UNIT/cunit/rb_test_001.sh @@ -1,5 +1,7 @@ #!/bin/sh +timeout=5 + . "${TEST_SCRIPTS_DIR}/unit.sh" output="\ @@ -22,10 +24,10 @@ traverse data:3 deleting key1 -run random insert and delete for 60 seconds +run random insert and delete for ${timeout} seconds deleting all entries" ok "$output" -unit_test rb_test +unit_test rb_test "$timeout" diff --git a/ctdb/tests/src/rb_test.c b/ctdb/tests/src/rb_test.c index d712c9a80ad..aaab459477f 100644 --- a/ctdb/tests/src/rb_test.c +++ b/ctdb/tests/src/rb_test.c @@ -105,6 +105,7 @@ static int count_traverse_abort(void *p, void *d) */ int main(int argc, const char *argv[]) { + unsigned int timeout = 0; int traverse_count; int i,j,k; trbt_tree_t *tree; @@ -118,6 +119,13 @@ int main(int argc, const char *argv[]) uint32_t **u32array; uint32_t checksum; + if (argc >= 2) { + timeout = atoi(argv[1]); + } + if (timeout == 0) { + timeout = 60; + } + /* testing trbt_insert32_callback for num_records */ memctx = talloc_new(NULL); assert(memctx != NULL); @@ -252,7 +260,7 @@ int main(int argc, const char *argv[]) talloc_free(memctx); - printf("\nrun random insert and delete for 60 seconds\n"); + printf("\nrun random insert and delete for %u seconds\n", timeout); memctx = talloc_new(NULL); assert(memctx != NULL); @@ -262,12 +270,12 @@ int main(int argc, const char *argv[]) i=0; start_timer(); checksum = 0; - /* Add and delete nodes from a 3 level tree for 60 seconds. + /* Add and delete nodes from a 3 level tree for seconds. Each time a node is added or deleted, traverse the tree and compute a checksum over the data stored in the tree and compare this with a checksum we keep which contains what the checksum should be */ - while(end_timer() < 60.0){ + while(end_timer() < (double)timeout){ char *str; i++; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5a0fce58650 source4/torture: Add SEC_STD_DELETE to enable proper cleanup from e4c3c61302b python:gp: Implement client site lookup in site_dn_for_machine() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5a0fce58650770bc7701d1be72492637c2ced63c Author: Anoop C S Date: Thu Feb 22 19:26:08 2024 +0530 source4/torture: Add SEC_STD_DELETE to enable proper cleanup basic.maximum_allowed and smb2.maximum_allowed attempt to unlink the files created by those tests. But the restrictive SD with which they were created prohibits the deletion inside shares where vfs_acl_xattr is configured including "ignore system acls". The very same file will otherwise cause problems while progressing with remaining sub tests. SEC_STD_DELETE could be the minimum required additional access mask to successfully delete the file under the said configuration using vfs_acl_xattr and "ignore system acls" option without loosing the integrity of the overall test. Signed-off-by: Anoop C S Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Feb 26 18:35:43 UTC 2024 on atb-devel-224 --- Summary of changes: source4/torture/basic/denytest.c | 30 ++- source4/torture/smb2/max_allowed.c | 42 +- 2 files changed, 66 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/basic/denytest.c b/source4/torture/basic/denytest.c index c9f4a97743e..ba636fe2a95 100644 --- a/source4/torture/basic/denytest.c +++ b/source4/torture/basic/denytest.c @@ -2680,10 +2680,11 @@ bool torture_maximum_allowed(struct torture_context *tctx, struct security_descriptor *sd, *sd_orig; union smb_open io; static TALLOC_CTX *mem_ctx; - int fnum, i; + int fnum, fnum1 = -1, i; bool ret = true; NTSTATUS status; union smb_fileinfo q; + union smb_setfileinfo set; const char *owner_sid; bool has_restore_privilege, has_backup_privilege, has_system_security_privilege; @@ -2813,7 +2814,34 @@ bool torture_maximum_allowed(struct torture_context *tctx, smbcli_close(cli->tree, fnum); } + io.generic.level = RAW_OPEN_NTTRANS_CREATE; + io.ntcreatex.in.access_mask = SEC_STD_WRITE_DAC; + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; + io.ntcreatex.in.fname = MAXIMUM_ALLOWED_FILE; + + status = smb_raw_open(cli->tree, mem_ctx, ); + CHECK_STATUS(status, NT_STATUS_OK); + fnum1 = io.ntcreatex.out.file.fnum; + + sd = security_descriptor_dacl_create(tctx, + 0, NULL, NULL, + SID_NT_AUTHENTICATED_USERS, + SEC_ACE_TYPE_ACCESS_ALLOWED, + SEC_STD_DELETE, + 0, + NULL); + set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC; + set.set_secdesc.in.file.fnum = fnum1; + set.set_secdesc.in.secinfo_flags = SECINFO_DACL; + set.set_secdesc.in.sd = sd; + + status = smb_raw_setfileinfo(cli->tree, ); + CHECK_STATUS(status, NT_STATUS_OK); + done: + smbcli_close(cli->tree, fnum1); smbcli_unlink(cli->tree, MAXIMUM_ALLOWED_FILE); return ret; } diff --git a/source4/torture/smb2/max_allowed.c b/source4/torture/smb2/max_allowed.c index af8b08ac9a9..6d69b84fbe6 100644 --- a/source4/torture/smb2/max_allowed.c +++ b/source4/torture/smb2/max_allowed.c @@ -33,11 +33,12 @@ static bool torture_smb2_maximum_allowed(struct torture_context *tctx, struct security_descriptor *sd = NULL, *sd_orig = NULL; struct smb2_create io = {0}; TALLOC_CTX *mem_ctx = NULL; - struct smb2_handle fnum = {{0}}; + struct smb2_handle fnum = {{0}}, fnum1 = {{0}}; int i; bool ret = true; NTSTATUS status; union smb_fileinfo q; + union smb_setfileinfo set; const char *owner_sid = NULL; bool has_restore_privilege, has_backup_privilege, has_system_security_privilege; @@ -82,7 +83,7 @@ static bool torture_smb2_maximum_allowed(struct torture_context *tctx, q.query_secdesc.in.file.handle = fnum; q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER; status = smb2_getinfo_file(tree, tctx, ); - torture_assert_ntstatus_ok_goto(tctx, status, ret, done, + torture_assert_ntstatu
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via dd9b11acbc4 ctdb-protocol: Add missing push support for new controls from 885850b6aaa s3/rpc_client: Fix array offset check https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dd9b11acbc4fbde1941719968aeb463b853b0ffb Author: Martin Schwenke Date: Fri Feb 9 17:29:46 2024 +1100 ctdb-protocol: Add missing push support for new controls CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and CTDB_CONTROL_TCP_CLIENT_PASSED were added in commits c6602b686b4e50d93272667ef86d3904181fb1ab and 037e8e449deb136ad5ed5e4de05439411b545b6d. They were missing test support for the packet push/pull. While adding the testing (for completeness, before adding another new control) I noticed that the push functionality was absent. This adds that, along with the test support. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15580 Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Feb 19 10:21:48 UTC 2024 on atb-devel-224 --- Summary of changes: ctdb/protocol/protocol_control.c | 8 ctdb/tests/src/protocol_common_ctdb.c | 33 + ctdb/tests/src/protocol_ctdb_test.c | 2 +- 3 files changed, 42 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/ctdb/protocol/protocol_control.c b/ctdb/protocol/protocol_control.c index 83ed6cb4ee1..e4491159937 100644 --- a/ctdb/protocol/protocol_control.c +++ b/ctdb/protocol/protocol_control.c @@ -693,6 +693,14 @@ static void ctdb_req_control_data_push(struct ctdb_req_control_data *cd, case CTDB_CONTROL_ECHO_DATA: ctdb_echo_data_push(cd->data.echo_data, buf, ); break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + ctdb_connection_push(cd->data.conn, buf, ); + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + ctdb_connection_push(cd->data.conn, buf, ); + break; } *npush = np; diff --git a/ctdb/tests/src/protocol_common_ctdb.c b/ctdb/tests/src/protocol_common_ctdb.c index 384076824a4..8a8e114f67a 100644 --- a/ctdb/tests/src/protocol_common_ctdb.c +++ b/ctdb/tests/src/protocol_common_ctdb.c @@ -593,6 +593,19 @@ void fill_ctdb_req_control_data(TALLOC_CTX *mem_ctx, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + cd->data.conn = talloc(mem_ctx, struct ctdb_connection); + assert(cd->data.conn != NULL); + fill_ctdb_connection(mem_ctx, cd->data.conn); + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + cd->data.conn = talloc(mem_ctx, struct ctdb_connection); + assert(cd->data.conn != NULL); + fill_ctdb_connection(mem_ctx, cd->data.conn); + break; + } } @@ -982,6 +995,14 @@ void verify_ctdb_req_control_data(struct ctdb_req_control_data *cd, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + verify_ctdb_connection(cd->data.conn, cd2->data.conn); + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + verify_ctdb_connection(cd->data.conn, cd2->data.conn); + break; } } @@ -1378,6 +1399,12 @@ void fill_ctdb_reply_control_data(TALLOC_CTX *mem_ctx, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + break; } } @@ -1715,6 +1742,12 @@ void verify_ctdb_reply_control_data(struct ctdb_reply_control_data *cd, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + break; } } diff --git a/ctdb/tests/src/protocol_ctdb_test.c b/ctdb/tests/src/protocol_ctdb_test.c index f6fb5134a00..840d465ae30 100644 --- a/ctdb/tests/src/protocol_ctdb_test.c +++ b/ctdb/tests/src/protocol_ctdb_test.c @@ -277,7 +277,7 @@ PROTOCOL_CTDB4_TEST(struct ctdb_req_dmaster, ctdb_req_dmaster, PROTOCOL_CTDB4_TEST(struct ctdb_reply_dmaster, ctdb_reply_dmaster, CTDB_REPLY_DMASTER); -#define NUM_CONTROLS 159 +#define NUM_CONTROLS 161 PROTOCOL_CTDB2_TEST(struct ctdb_req_control_data, ctdb_req_control_data); PROTOCOL_CTDB2_TEST(struct ctdb_reply_control_data, ctdb_reply_control_data); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 885850b6aaa s3/rpc_client: Fix array offset check via f487211706a s3/rpc_client: Ensure max possible row buffer size is not exceeded via 01e901ef869 idl: Add constant for max rows buffer size from 4698cf0f335 s4:dsdb: Fix grammar https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 885850b6aaabf089f422b1b015481a0ccff4f90e Author: Noel Power Date: Thu Feb 8 14:05:43 2024 + s3/rpc_client: Fix array offset check Previous to this commit we were modifying the offset before the array offset check. This was causing a spurious debug message indicating the offset was out of bounds. An second problem is that upon detecting the error we don't exit the loop. A third problem was that when reading the offset the check didn't cater for the size of the integer address about to be read. This commit moves the offset check to before the first read, additionally when an error is detected now we actually exit the loop and the offset have been corrected to include the size of the integer to be read BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Sat Feb 17 17:58:43 UTC 2024 on atb-devel-224 commit f487211706a74d516bf447ed393222b4c0dce7b0 Author: Noel Power Date: Wed Feb 14 11:19:39 2024 + s3/rpc_client: Ensure max possible row buffer size is not exceeded The max buf size of rows buffer should not exceed 0x4000. Ensuring this value is within limits means we can safely use uint32_t offsets. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke commit 01e901ef869a1a87fba0e67bce311dbeb199b717 Author: Noel Power Date: Wed Feb 14 12:01:28 2024 + idl: Add constant for max rows buffer size BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke --- Summary of changes: librpc/idl/wsp_data.idl | 5 +++ source3/rpc_client/wsp_cli.c | 74 ++-- 2 files changed, 70 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/wsp_data.idl b/librpc/idl/wsp_data.idl index 2a94355b0b0..fde754aef81 100644 --- a/librpc/idl/wsp_data.idl +++ b/librpc/idl/wsp_data.idl @@ -11,6 +11,11 @@ interface constants * for details of this and other language id(s) */ const uint32_t WSP_DEFAULT_LCID = 0x0409; + /* +* Max size of rows buffer in getrowsout response +* see MS-WSP 2.2.3.11 +*/ + const uint32_t MAX_ROW_BUFF_SIZE = 0x0004000; /* values for guidPropertySet */ const char* DBPROPSET_FSCIFRMWRK_EXT = "A9BD1526-6A80-11D0-8C9D-0020AF1D740E"; diff --git a/source3/rpc_client/wsp_cli.c b/source3/rpc_client/wsp_cli.c index d8a9aca46ff..15b6e36007e 100644 --- a/source3/rpc_client/wsp_cli.c +++ b/source3/rpc_client/wsp_cli.c @@ -938,6 +938,15 @@ static enum ndr_err_code extract_variant_addresses(TALLOC_CTX *ctx, count = 1; } + /* ensure count is at least within buffer range */ + if (count >= MAX_ROW_BUFF_SIZE || count >= rows_buf->length) { + DBG_ERR("count %"PRIu64" either exceeds max buffer size " + "or buffer size (%zu)", + count, rows_buf->length); + err = NDR_ERR_VALIDATE; + goto out; + } + /* read address */ if (is_64bit) { err = ndr_pull_udlong(ndr_pull, @@ -974,30 +983,64 @@ static enum ndr_err_code extract_variant_addresses(TALLOC_CTX *ctx, goto out; } + /* +* non vector case addr points to value +* otherwise addr points to list of addresses +* for the values in vector +*/ if (is_vector == false) { vec_address[0] = addr; } else { uint64_t array_offset = addr - baseaddress; uint64_t i; + uint32_t intsize; + + if (is_64bit) { + intsize = 8; + } else { + intsize = 4; + } + + if (array_offset >= MAX_ROW_BUFF_SIZE + || array_offset >= rows_buf->length) { + DBG_ERR("offset %"PRIu64" either exceeds max buf size " + "or buffer size (%zu)", + array_offset, rows_buf
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2713023250f smbd: use dirfsp and atname in open_directory() via 1965fc77b38 smbd: use safe_symlink_target_path() in symlink_target_below_conn() via fc80c72d658 smbd: add a directory argument to safe_symlink_target_path() via 0515dded4dd smbd: pass symlink target path to safe_symlink_target_path() via 62cbe145c7e CI: disable /proc/fds and RESOLVE_NO_SYMLINK in samba-no-opath-build runner via 5c2f96442a2 vfs_default: allow disabling /proc/fds and RESOLVE_NO_SYMLINK at compile time from fdf3656d30c autobuild: Run ad_member_idmap_nss tests as part of samba-admem https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2713023250f15cf9971d88620cab9dd4afd0dc73 Author: Ralph Boehme Date: Mon Dec 18 12:35:58 2023 +0100 smbd: use dirfsp and atname in open_directory() On systems without /proc/fd support this avoid the expensive chdir() logic in non_widelink_open(). open_file_ntcreate() already passes dirfsp and atname to reopen_from_fsp(), it was just missed in the conversion. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Reviewed-by: Volker Lendecke Signed-off-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Jan 22 12:00:56 UTC 2024 on atb-devel-224 commit 1965fc77b3852a0593e13897af08f5304a1ce3a2 Author: Ralph Boehme Date: Tue Jan 2 14:34:26 2024 +0100 smbd: use safe_symlink_target_path() in symlink_target_below_conn() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit fc80c72d658a41fe4d93b24b793b52c91b350175 Author: Ralph Boehme Date: Tue Jan 2 13:25:25 2024 +0100 smbd: add a directory argument to safe_symlink_target_path() Existing caller passes NULL, no change in behaviour. Prepares for replacing symlink_target_below_conn() in open.c. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 0515dded4ddb49e5570ae7df51126af1a2d643de Author: Ralph Boehme Date: Tue Jan 2 12:49:14 2024 +0100 smbd: pass symlink target path to safe_symlink_target_path() Moves creating the symlink target path via symlink_target_path() to the caller. This prepares for using this in non_widelink_open(), where it will replace symlink_target_below_conn() with the same functionality. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 62cbe145c7e500c4759ed2005c78bd5056c87f43 Author: Ralph Boehme Date: Tue Dec 19 11:12:49 2023 +0100 CI: disable /proc/fds and RESOLVE_NO_SYMLINK in samba-no-opath-build runner This is a more sensible combination of missing Linux specific features: - O_PATH - openat2() with RESOLVE_NO_SYMLINKS - somehow safely reopen an O_PATH file handle Currently only O_PATH is disabled for these jobs, but that doesn't really match and know OS. The following list shows which features are available and used by Samba on a few OSes: | O_PATH | RESOLVE_NO_SYMLINKS | Safe reopen| CI covered ||-| | Supported Used | Supported Used | Supported Used | Linux | + +| + + | + +| + FreeBSD | + +| + [1] - | + [2] -| - AIX | - -| - - | - -| + So by also disabling RESOLVE_NO_SYMLINKS and Safe Reopen, we cover classic UNIX systems like AIX. [1] via open() flag O_RESOLVE_BENEATH [2] via open() flag O_EMPTY_PATH BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 5c2f96442a25a1725809a28b3719afbc0bd01830 Author: Ralph Boehme Date: Tue Dec 19 11:11:55 2023 +0100 vfs_default: allow disabling /proc/fds and RESOLVE_NO_SYMLINK at compile time This will be used in CI to have a gitlab runner without all modern Linux features we make use of as part of path processing: - O_PATH - openat2() with RESOLVE_NO_SYMLINKS - somehow safely reopen an O_PATH file handle That gives what a classix UNIX like AIX or Solaris offers feature wise. Other OSes support other combinations of those features, but we leave the exersize of possibly adding more runners supporting those combinations to the reader. The following list shows which features are available and used by Samba on a few OSes
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c82a267b2a1 s3:passdb: smbpasswd reset permissions only if not 0600 from 0caaa2d1723 vfs: Remove shadow_copy2_get_real_filename_at() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c82a267b2a1b7617e818548aa486b7cfbda74657 Author: Jones Syue Date: Fri Jan 12 11:52:34 2024 +0800 s3:passdb: smbpasswd reset permissions only if not 0600 Browsing files or download files from samba server, smbd would check user's id to decide whether this user could access these files, by lookup user's information from the password file (e.g. /usr/local/samba/private/smbpasswd). smbd might goes through startsmbfilepwent(), this api calls [f]chmod() to make sure the password file has valid permissions 0600. Consider a scenario: we are doing a read performance benchmark about downloading a bunch of files (e.g. a thousand files) from a samba server, monitoring file system i/o activities counters, and expecting that should be only read operations on file system because this is just downloading, no uploading is involved. But actually found that still write operations on file system, because smbd lookup user and always reset 0600 permissions on password file while access each file, it makes dirty pages (inode modification) in ram, later triggered a kernel journal daemon to sync dirty pages into back storage (e.g. ext3 kjournald, or ext4 jbd2). This looks like not friendly for read performance benchmark if it happened on an entry-level systems with much less memory and limited computation power, because dirty pages syncing in the meantime slows down read performance. This patch adds fstat() before [f]chmod(), it would check whether password file has valid permissions 0600 or not. If 0600 smbd would bypass [f]chmod() to avoid making dirty pages on file systems. If not 0600 smbd would warn and go through [f]chmod() to set valid permissions 0600 to password file as earlier days. BUG: https://bugzilla.samba.org/show_bug.cgi?id=1 Signed-off-by: Jones Syue Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jan 18 10:28:19 UTC 2024 on atb-devel-224 --- Summary of changes: source3/passdb/pdb_smbpasswd.c | 36 1 file changed, 28 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c index 04cf419d890..adeb0e308c0 100644 --- a/source3/passdb/pdb_smbpasswd.c +++ b/source3/passdb/pdb_smbpasswd.c @@ -192,6 +192,7 @@ static FILE *startsmbfilepwent(const char *pfile, enum pwf_access_type type, int const char *open_mode = NULL; int race_loop = 0; int lock_type = F_RDLCK; + struct stat st; if (!*pfile) { DEBUG(0, ("startsmbfilepwent: No SMB password file set\n")); @@ -324,19 +325,38 @@ Error was %s\n", pfile, strerror(errno))); /* Set a buffer to do more efficient reads */ setvbuf(fp, (char *)NULL, _IOFBF, 1024); - /* Make sure it is only rw by the owner */ -#ifdef HAVE_FCHMOD - if(fchmod(fileno(fp), S_IRUSR|S_IWUSR) == -1) { -#else - if(chmod(pfile, S_IRUSR|S_IWUSR) == -1) { -#endif - DEBUG(0, ("startsmbfilepwent_internal: failed to set 0600 permissions on password file %s. \ -Error was %s\n.", pfile, strerror(errno) )); + /* Ensure we have a valid stat. */ + if (fstat(fileno(fp), ) != 0) { + DBG_ERR("Unable to fstat file %s. Error was %s\n", + pfile, + strerror(errno)); pw_file_unlock(fileno(fp), lock_depth); fclose(fp); return NULL; } + /* If file has invalid permissions != 0600, then [f]chmod(). */ + if ((st.st_mode & 0777) != (S_IRUSR|S_IWUSR)) { + DBG_WARNING("file %s has invalid permissions 0%o should " + "be 0600.\n", + pfile, + (unsigned int)st.st_mode & 0777); + /* Make sure it is only rw by the owner */ +#ifdef HAVE_FCHMOD + if (fchmod(fileno(fp), S_IRUSR|S_IWUSR) == -1) { +#else + if (chmod(pfile, S_IRUSR|S_IWUSR) == -1) { +#endif + DBG_ERR("Failed to set 0600 permissions on password file %s. " + "Error was %s\n.", + pfile, + strerror(errno)); + pw_file_unlock(fileno(fp), l
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c09d1a3ac1c tests: add a test for "fake directory create times" via 56c3dbc2ff8 system.c: fix fake directory create times via 85f7d9d5b94 tests: add test for vfs_worm via abe1e959bf5 vfs_worm: add FILE_WRITE_EA to write access mask via 24227f7ecc1 vfs_worm: add my copyright via 30fea0e9592 vfs_worm: add some more vfs functions that worm needs to take care of via 0022acac9a5 vfs_worm: move write_access_flags to global via 58847271e10 vfs_worm: factor out readonly check via d27180bd0d9 vfs_recycle: add connect function to cache parameters via f02b0b984b7 tests: add a test for vfs_recycle via 2df2e34c3c1 time.c: fix ctime which was feeded with the mtime seconds via 1a89b5237b6 test_smbget.sh: reduce sleep time from f30a79d7f23 python: Generate HRESULT definitions automatically https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c09d1a3ac1c8790a4162b22698616baa2ba484d5 Author: Björn Jacke Date: Tue Jan 9 01:14:39 2024 +0100 tests: add a test for "fake directory create times" Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Jan 16 15:44:10 UTC 2024 on atb-devel-224 commit 56c3dbc2ff8531772bf79eb9da3497767a20ce6f Author: Bjoern Jacke Date: Mon Jan 8 15:04:12 2024 + system.c: fix fake directory create times This was broken by c9c3d4312d7281904fc back in 2009 already. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12421 Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 85f7d9d5b943c237966e6b466beca0cbe8076b04 Author: Björn Jacke Date: Sat Dec 30 19:46:53 2023 +0100 tests: add test for vfs_worm Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit abe1e959bf5a05a91a66b2bfaac97d000e4768ff Author: Björn Jacke Date: Sun Jan 7 14:42:20 2024 +0100 vfs_worm: add FILE_WRITE_EA to write access mask Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 24227f7ecc16d3fc17430ac9039d7ad1ae1ee553 Author: Björn Jacke Date: Mon Jan 8 14:25:45 2024 +0100 vfs_worm: add my copyright Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 30fea0e959229ee583bc76490aff5e54bc7f5be8 Author: Björn Jacke Date: Thu Jan 4 12:48:59 2024 +0100 vfs_worm: add some more vfs functions that worm needs to take care of BUG: https://bugzilla.samba.org/show_bug.cgi?id=10430 Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 0022acac9a56efaca3235a10a4b1fc2b669b11a6 Author: Björn Jacke Date: Sat Dec 30 21:01:04 2023 +0100 vfs_worm: move write_access_flags to global Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 58847271e109e9ebe8d053611bd8b25620d5ecbe Author: Björn Jacke Date: Sat Dec 30 20:45:31 2023 +0100 vfs_worm: factor out readonly check Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit d27180bd0d93a3d15f7e877f1f82210b29334dc1 Author: Björn Jacke Date: Sat Jan 6 17:35:55 2024 +0100 vfs_recycle: add connect function to cache parameters Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit f02b0b984b7128319613315819599ef7acb54776 Author: Björn Jacke Date: Sat Jan 6 17:32:57 2024 +0100 tests: add a test for vfs_recycle Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 2df2e34c3c1ccf76bbcc78586cbbb6433b6d30d5 Author: Björn Jacke Date: Sun Jan 7 05:09:58 2024 +0100 time.c: fix ctime which was feeded with the mtime seconds This bug was introduced with 53a1d034f3e47ed3c in 2020. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15550 Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 1a89b5237b61ae9ed5b23ec42d7c56533d0cce90 Author: Björn Jacke Date: Mon Jan 8 00:27:48 2024 +0100 test_smbget.sh: reduce sleep time Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke --- Summary of changes: lib/util/time.c | 2 +- selftest/target/Samba3.pm | 29 +++ source3/lib/system.c| 1 + source3/modules/vfs_recycle.c | 294 +++- source3/modules/vfs_worm.c | 252 ++-- source3/script/tests/test_fakedircreatetimes.sh | 65 ++ source3/script/tests/test_recycle.sh| 102 source3/script/tests/test_smbget.sh | 2 +- source3/script/tests/test_worm.sh | 121 ++ source3/selftest/tests.py
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f2dbcea6f04 lib: Confine the copy_no_nl memcpy to debug_gpfs_log() via c3399cd46f7 lib: Avoid memcpy in debug_lttng_log() via f8a75f83077 lib: Avoid memcpy in debug_systemd_log() from 16d802f9c1f script/autobuild.py: add some --private-libraries=ALL testing https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f2dbcea6f0499e81cf5b3215459925bb1dffd4a8 Author: Volker Lendecke Date: Tue Dec 19 15:34:50 2023 +0100 lib: Confine the copy_no_nl memcpy to debug_gpfs_log() gpfswrap_add_trace() seems not to have a format string that could understand the %.*s notation. While there this removes >4k of r/w memory from every smbd. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jan 4 17:06:19 UTC 2024 on atb-devel-224 commit c3399cd46f7a33db516b5716a2ce0ebf50fd117a Author: Volker Lendecke Date: Tue Dec 19 14:47:24 2023 +0100 lib: Avoid memcpy in debug_lttng_log() tracef() understands the %.*s format. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit f8a75f830774a6f32ed834cd3d17ba8804fddb82 Author: Volker Lendecke Date: Tue Dec 19 14:44:12 2023 +0100 lib: Avoid memcpy in debug_systemd_log() sd_journal_send() understands the %.*s format. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher --- Summary of changes: lib/util/debug.c | 145 --- 1 file changed, 62 insertions(+), 83 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/debug.c b/lib/util/debug.c index f1f91ebe7a7..86f13f181cf 100644 --- a/lib/util/debug.c +++ b/lib/util/debug.c @@ -100,9 +100,7 @@ static struct { debug_callback_fn callback; void *callback_private; char header_str[300]; - char header_str_no_nl[300]; size_t hs_len; - char msg_no_nl[FORMAT_BUFR_SIZE]; } state = { .settings = { .timestamp_logs = true @@ -244,48 +242,6 @@ static int debug_level_to_priority(int level) } #endif -/* -- ** - * Produce a version of the given buffer without any trailing newlines. - */ -#if defined(HAVE_LIBSYSTEMD_JOURNAL) || defined(HAVE_LIBSYSTEMD) || \ - defined(HAVE_LTTNG_TRACEF) || defined(HAVE_GPFS) -static void copy_no_nl(char *out, - size_t out_size, - const char *in, - size_t in_len) -{ - size_t len; - /* -* Some backends already add an extra newline, so also provide -* a buffer without the newline character. -*/ - len = MIN(in_len, out_size - 1); - if ((len > 0) && (in[len - 1] == '\n')) { - len--; - } - - memcpy(out, in, len); - out[len] = '\0'; -} - -static void ensure_copy_no_nl(char *out, - size_t out_size, - const char *in, - size_t in_len) -{ - /* -* Assume out is a static buffer that is reused as a cache. -* If it isn't empty then this has already been done with the -* same input. -*/ - if (out[0] != '\0') { - return; - } - - copy_no_nl(out, out_size, in, in_len); -} -#endif - /* -- ** * Debug backends. When logging to DEBUG_FILE, send the log entries to * all active backends. @@ -366,24 +322,33 @@ static void debug_syslog_log(int msg_level, const char *msg, size_t msg_len) static void debug_systemd_log(int msg_level, const char *msg, size_t msg_len) { if (state.hs_len > 0) { - ensure_copy_no_nl(state.header_str_no_nl, - sizeof(state.header_str_no_nl), - state.header_str, - state.hs_len); - sd_journal_send("MESSAGE=%s", - state.header_str_no_nl, + size_t len = state.hs_len; + + if (state.header_str[len - 1] == '\n') { + len -= 1; + } + + sd_journal_send("MESSAGE=%.*s", + (int)len, + state.header_str, "PRIORITY=%d", debug_level_to_priority(msg_level), "LEVEL=%d", msg_level, N
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1134c4f3a63 s3:utils: Fix the auth function to print correct values to the user via 25021b836f7 s3:utils: Handle the domain before username and password from 2cfbf43f706 smbd: Fix traversing snapshot dirs that vanished in current fileset https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1134c4f3a63c9618c3fb79abefb40a798c7c1701 Author: Andreas Schneider Date: Fri Dec 15 08:23:25 2023 +0100 s3:utils: Fix the auth function to print correct values to the user In order to show correct values in the password prompt displayed by cli_credentials_get_password*(). We need to set the domain and username in the credentials system. The credentials supplied via the SMB URL have a higher priority than the command line options. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15538 Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jan 4 11:26:52 UTC 2024 on atb-devel-224 commit 25021b836f74d3d247bce44c6c02a2d8b2cc39ea Author: Andreas Schneider Date: Fri Dec 15 09:41:06 2023 +0100 s3:utils: Handle the domain before username and password The cli_credentials_get_password*() function will interactively ask the user for a password if none has been supplied via another ways. To show the correct domain and username in the prompt, we need handle domain and user first. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15538 Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: source3/utils/smbget.c | 37 - 1 file changed, 20 insertions(+), 17 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/smbget.c b/source3/utils/smbget.c index 70b3685c89f..67ea259afb8 100644 --- a/source3/utils/smbget.c +++ b/source3/utils/smbget.c @@ -116,22 +116,23 @@ static void get_auth_data_with_context_fn(SMBCCTX *ctx, const char *domain = NULL; enum credentials_obtained obtained = CRED_UNINITIALISED; - username = cli_credentials_get_username_and_obtained(creds, ); - if (username != NULL) { + domain = cli_credentials_get_domain_and_obtained(creds, ); + if (domain != NULL) { bool overwrite = false; - if (usr[0] == '\0') { + if (dom[0] == '\0') { overwrite = true; } if (obtained >= CRED_CALLBACK_RESULT) { overwrite = true; } if (overwrite) { - strncpy(usr, username, usr_len - 1); + strncpy(dom, domain, dom_len - 1); } } + cli_credentials_set_domain(creds, dom, obtained); - password = cli_credentials_get_password_and_obtained(creds, ); - if (password != NULL) { + username = cli_credentials_get_username_and_obtained(creds, ); + if (username != NULL) { bool overwrite = false; if (usr[0] == '\0') { overwrite = true; @@ -140,33 +141,35 @@ static void get_auth_data_with_context_fn(SMBCCTX *ctx, overwrite = true; } if (overwrite) { - strncpy(pwd, password, pwd_len - 1); + strncpy(usr, username, usr_len - 1); } } + cli_credentials_set_username(creds, usr, obtained); - domain = cli_credentials_get_domain_and_obtained(creds, ); - if (domain != NULL) { + password = cli_credentials_get_password_and_obtained(creds, ); + if (password != NULL) { bool overwrite = false; - if (usr[0] == '\0') { + if (pwd[0] == '\0') { overwrite = true; } if (obtained >= CRED_CALLBACK_RESULT) { overwrite = true; } if (overwrite) { - strncpy(dom, domain, dom_len - 1); + strncpy(pwd, password, pwd_len - 1); } } + cli_credentials_set_password(creds, pwd, obtained); - smbc_set_credentials_with_fallback(ctx, domain, username, password); + smbc_set_credentials_with_fallback(ctx, dom, usr, pwd); - if (!opt.quiet && username != NULL) { - if (username[0] == '\0') { + if (!opt.quiet) { + if (usr[0] == '\0') { printf("Using guest user\n"); + } else if (dom[0] == '\0') { + printf("Using user: %s\n&q
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 88174f48d2e vfs_fruit: ignore ENAMETOOLONG in fruit_unlink_rsrc_adouble() from 82f021d43de pidl: include scompat headers and servers in s3 server template https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 88174f48d2ecb1c9ebb74a0eb45c4fa8e20eb923 Author: MikeLiu Date: Thu Oct 26 16:15:39 2023 +0800 vfs_fruit: ignore ENAMETOOLONG in fruit_unlink_rsrc_adouble() adouble_path() inside fruit_unlink_rsrc_adouble() prepend "._" to a basename, lenth of apple double filename will exceed NAME_MAX if length of basename is equal to NAME_MAX (or NAME_MAX-1). BUG: https://bugzilla.samba.org/show_bug.cgi?id=15504 Signed-off-by: MikeLiu Reviewed-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Nov 17 11:07:01 UTC 2023 on atb-devel-224 --- Summary of changes: source3/modules/vfs_fruit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c index b510b04aea6..b3dd6016ae3 100644 --- a/source3/modules/vfs_fruit.c +++ b/source3/modules/vfs_fruit.c @@ -2110,7 +2110,7 @@ static int fruit_unlink_rsrc_adouble(vfs_handle_struct *handle, adp_smb_fname, 0); TALLOC_FREE(adp_smb_fname); - if ((rc != 0) && (errno == ENOENT) && force_unlink) { + if ((rc != 0) && (errno == ENOENT || errno == ENAMETOOLONG) && force_unlink) { rc = 0; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4e585186f2b smbd: Get the symlink mode for posix through fdos_mode() via aaa73cce1da smbd: Centralize fdos_mode() in smbd_dirptr_get_entry() via 80c98acbf05 smbd: Centralize wiping the ".." stat info via c96010a2a9f smbd: Simplify smbd_dirptr_get_entry() via 6b0cfcdbc37 smbd: Remove a pointless NULL check via 5991f4e66b5 smbd: Slightly simplify smbd_dirptr_get_entry() via 901c7cc6aaf smbd: Move mask_match_search() to smb1_reply.c via b1e5ed4490f smbd: Simplify smbd_dirptr_get_entry() via 47f36e0b1df smbd: Simplify smbd_dirptr_8_3_mode_fn() via f905384f5df smbd: Rename "fsp" to "dirfsp" in smbd_smb2_query_directory_state via f195df4e652 smbd: Directly print errno in openat_pathref_fsp_lcomp() via 46372997a09 smbd: Remove a NULL check that became obsolete via 15648b5da5d smbd: Modernize a DEBUG statement from b6661e77de2 netcmd: docs: update docs for silo member grant + revoke https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4e585186f2b4905ab4504a464766b3fda1875cb3 Author: Volker Lendecke Date: Tue Nov 14 12:12:22 2023 +0100 smbd: Get the symlink mode for posix through fdos_mode() fdos_mode() has special code to deal with symlinks, so we don't have to replicate that logic here. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Nov 15 06:10:38 UTC 2023 on atb-devel-224 commit aaa73cce1da0c9058615a9b3d91e926d445277de Author: Volker Lendecke Date: Tue Nov 14 12:11:17 2023 +0100 smbd: Centralize fdos_mode() in smbd_dirptr_get_entry() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 80c98acbf0550c760dbc9de2cc7a3328c3c53bd6 Author: Volker Lendecke Date: Tue Nov 14 12:09:54 2023 +0100 smbd: Centralize wiping the ".." stat info Make sure this also happens for symlinks etc. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c96010a2a9ff59b3cc086fc3df15ce9408fe5986 Author: Volker Lendecke Date: Mon Nov 13 13:46:51 2023 +0100 smbd: Simplify smbd_dirptr_get_entry() This uses the much simpler openat_pathef_fsp_lcomp, avoiding non_widelink_open where we don't need it. The only case where we still have to call openat_pathref_fsp() in its full capacity is to find out whether a symlink we found is dangling or not. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 6b0cfcdbc3755709f928ac4bc010d130deb042fe Author: Volker Lendecke Date: Mon Nov 13 13:48:42 2023 +0100 smbd: Remove a pointless NULL check We've dereferenced smb_fname before, and talloc_move() never fails. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 5991f4e66b59cda65142a68f9db4e0fa1b7b147d Author: Volker Lendecke Date: Mon Nov 13 10:25:58 2023 +0100 smbd: Slightly simplify smbd_dirptr_get_entry() Check for dirptr being toplevel just once. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 901c7cc6aafc98a91888e6ca7c9f7cb2ccdf8627 Author: Volker Lendecke Date: Sun Nov 12 11:48:30 2023 +0100 smbd: Move mask_match_search() to smb1_reply.c Only called there. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b1e5ed4490ff92f001d9f0d282059c4cc17e19a7 Author: Volker Lendecke Date: Sun Nov 12 11:30:11 2023 +0100 smbd: Simplify smbd_dirptr_get_entry() Both mode_fn's are now the same. Fold them into smbd_dirptr_get_entry() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 47f36e0b1df028cf9abf1a88efaf0296c527e18b Author: Volker Lendecke Date: Sat Nov 11 19:12:16 2023 +0100 smbd: Simplify smbd_dirptr_8_3_mode_fn() Do the smb1-specific code directly in smb1-code. Don't tunnel it through generic smb1/smb2 code. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f905384f5dfe8e297a54e3e3ad1d2ecd13e96713 Author: Volker Lendecke Date: Thu Nov 9 12:50:07 2023 +0100 smbd: Rename "fsp" to "dirfsp" in smbd_smb2_query_directory_state Makes it clearer to me what we have there. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f195df4e65257b8fe1175135fd1217dd9541cbff Author: Volker Lendecke Date: Tue Nov 14 10:53:30 2023 +0100 smbd: Directly print errno in openat_pathref_fsp_lcomp() This is where the error came from. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 46372997a09c6c4cc213941d3d510cfebf500855 Author: Volker Lendecke Date: Thu Nov 9 12:25:32 2023 +0100 smbd:
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d314fc5874e smbd: Make get_real_filename_cache_key() static in files.c via 8d00b0e664d smbd: Simplify openat_pathref_fsp_case_insensitive() via ab56379c227 smbd: Make get_real_filename_cache_key() public via 552f9e9d558 smbd: We want to delete symlinks as such in reply_unlink() via 6ea681f36e0 smbd: Make create_open_symlink_err() public via 8308d25ff9d smbd: Make in_create_options available in smbd_smb2_create_after_exec() via 6c3c37cf209 smbd: Make a fake file's stat a valid regular file via 193df617816 smbd: Simplify fsp_fullbasepath() via 8392a832b59 smbd: Correct PATH_ vs NAME_NOT_FOUND for not following lcomp via cee9586c6ee smbd: Return OBJECT_NAME_NOT_FOUND if lcomp points outside the share via c81d1d3fe4e smbd: Return open_symlink_err from filename_convert_dirfsp_nosymlink() via 62800d6213e libcli: Fix whitespace via ac60b7a1455 smbd: We don't reopen anything but dirs and files via ae236f8f4db smbd: Remove a few pointless return; statements via 5b0500f0c90 smbd: Protect ea-reading on symlinks via f72f9915680 smbd: Remove an assert that never triggers via 74e121f93b3 librpc: Fix error path cleanups in start_rpc_host_send() from 273d48504e1 CI: smb3unix.py: check more attributes of test files (and dirs) in test_posix_perm_files() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d314fc5874e243f9fd659aa9fdf3c5ed6c0c6a22 Author: Volker Lendecke Date: Sat Nov 4 16:17:36 2023 +0100 smbd: Make get_real_filename_cache_key() static in files.c Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Nov 7 13:58:07 UTC 2023 on atb-devel-224 commit 8d00b0e664d76931dd29b417e90ec1e4ff488939 Author: Volker Lendecke Date: Wed Oct 18 11:50:20 2023 +0200 smbd: Simplify openat_pathref_fsp_case_insensitive() This is more lines of code, but it's still a simplification. With this patch we don't call the full openat_pathref_fsp() anymore when looking up the last component in filename_convert_dirfsp(), instead we do the direct SMB_VFS_OPENAT(). We don't need the whole complexity of non_widelink_open() for this case, we do know that we have a real non-cwd dirfsp. The other big change that is not obvious just from looking at the patch: This removes the special case for looking up posix symlinks. Before this patch, filename_convert_dirfsp() returned a proper smb_filename but without an attached fsp when a smb1 posix client hits a symlink. This caused all sorts of special case code everywhere. For example smbd_do_qfilepathinfo() needs to cover both cases just for the smb1 posix symlink case. This special-case handling can go now. We can do the path lookup in the smb1-only qpathinfo code and call into the common code with a proper fsp. When hitting a symlink and with O_PATH available, we'll get the symlink opened with an O_PATH fd. Without O_PATH we obviously can't do that, there we get fd=-1 and an indication that we don't have the procfd fallback around. Why all this? I want to present FIFOs (and eventually symlinks) as reparse points as the very next step. Without this patch, there is no real unified way to get the file attributes from disk. Now we can use the proper logic of fdos_mode() everywhere and not rely on special cases for fsp==NULL. This patch also changes some error codes for smb1 posix extensions. I chose to just change the test instead of going after each and every change. As long as we do get an error, I'm willing to accept that we slightly change error path behaviour for this deprecated code. And, I tried to split this up into smaller patches but I failed. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit ab56379c22702d364b0b55fe993e407739b6af91 Author: Volker Lendecke Date: Sat Nov 4 15:41:40 2023 +0100 smbd: Make get_real_filename_cache_key() public Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 552f9e9d5584dac4177aef70eb438530976557d6 Author: Volker Lendecke Date: Wed Oct 25 18:58:34 2023 +0200 smbd: We want to delete symlinks as such in reply_unlink() Even with "follow symlinks = yes" we don't want to delete the target when being given a symlink name. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 6ea681f36e09c05ede087ec88809ed6805657354 Author: Volker Lendecke Date: Mon Oct 23 15:45:08 2023 +0200 smbd: Make create_open_symlink_err() public Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehm
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via de20ee1adad WHATSNEW: Mention logged on users list removal from 7a5228ffce0 CI: smb3unix.py: check basic CreateContexts response https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit de20ee1adad4a6b26e07a6cf1ac89819ceaf8ecc Author: Samuel Cabrero Date: Mon Oct 30 13:24:29 2023 +0100 WHATSNEW: Mention logged on users list removal Signed-off-by: Samuel Cabrero Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Nov 1 12:52:13 UTC 2023 on atb-devel-224 --- Summary of changes: WHATSNEW.txt | 9 + 1 file changed, 9 insertions(+) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 0f20c4779df..2bd3f02e1dc 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -42,6 +42,15 @@ in a package may locate other dependencies we no longer require. REMOVED FEATURES +Get locally logged on users from utmp +- + +The Workstation Service Remote Protocol [MS-WKST] calls NetWkstaGetInfo +level 102 and NetWkstaEnumUsers level 0 and 1 return the list of locally +logged on users. Samba was getting the list from utmp, which is not +Y2038 safe. This feature has been completely removed and Samba will +always return an empty list. + smb.conf changes -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 853ae7a913e smbd: add inode marshalling in smb3_file_posix_information_init() via 3aedefccbac smbd: add nlinks marshalling in smb3_file_posix_information_init() via 788dafccd15 s3/libsmb: reuse smbXcli_conn_have_posix() via 45643c703b6 smbd: fix group marshalling in smb3_file_posix_information_init from d57f3bdcd33 s4:kdc: Simplify principal_comp_strcmp_int() to handle only equality https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 853ae7a913e1051bebbabf07a2280904835b8bef Author: Ralph Boehme Date: Thu Oct 26 15:24:07 2023 +0200 smbd: add inode marshalling in smb3_file_posix_information_init() Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Oct 26 16:32:30 UTC 2023 on atb-devel-224 commit 3aedefccbac8b3b31831c9c27b1d1cde04c9d41f Author: Ralph Boehme Date: Thu Oct 26 15:24:27 2023 +0200 smbd: add nlinks marshalling in smb3_file_posix_information_init() Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 788dafccd15b72a076413423764a2a1703ef6249 Author: Ralph Boehme Date: Fri Oct 13 10:26:46 2023 +0200 s3/libsmb: reuse smbXcli_conn_have_posix() We already store the negotiated POSIX state in smbXcli_connection and there we only store it if the server actually supports the version we requested. Signed-off-by: Ralph Boehme Reviewed-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit 45643c703b636db22514548e59ac13be9e80f524 Author: Ralph Boehme Date: Tue Oct 24 19:06:23 2023 +0200 smbd: fix group marshalling in smb3_file_posix_information_init Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke --- Summary of changes: source3/client/client.c | 2 +- source3/include/client.h | 1 - source3/libsmb/clidfs.c | 6 -- source3/smbd/smb2_posix.c | 4 +++- 4 files changed, 4 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/client.c b/source3/client/client.c index ad9d157db18..267e3ebeb99 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -3164,7 +3164,7 @@ static int cmd_posix(void) char *caps; NTSTATUS status; - if (!(SERVER_HAS_UNIX_CIFS(cli) || cli->smb2.server_smb311_posix)) { + if (!smbXcli_conn_have_posix(cli->conn)) { d_printf("Server doesn't support UNIX CIFS extensions.\n"); return 1; } diff --git a/source3/include/client.h b/source3/include/client.h index 3644e40ca50..9634166428c 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -91,7 +91,6 @@ struct cli_state { struct smbXcli_session *session; struct smbXcli_tcon *tcon; struct idr_context *open_handles; - bool server_smb311_posix; bool client_smb311_posix; } smb2; }; diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c index 7bc733492ce..939b3b0da09 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c @@ -245,12 +245,6 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx, smb2cli_conn_set_max_credits(c->conn, DEFAULT_SMB2_MAX_CREDITS); } - if ((protocol >= PROTOCOL_SMB3_11) && (out_contexts != NULL)) { - c->smb2.server_smb311_posix = smb2_negotiate_context_find( - out_contexts, - SMB2_POSIX_EXTENSIONS_AVAILABLE); - } - status = cli_session_setup_creds(c, creds); if (!NT_STATUS_IS_OK(status)) { /* If a password was not supplied then diff --git a/source3/smbd/smb2_posix.c b/source3/smbd/smb2_posix.c index 1cd76e2..9623e59e43a 100644 --- a/source3/smbd/smb2_posix.c +++ b/source3/smbd/smb2_posix.c @@ -34,11 +34,13 @@ void smb3_file_posix_information_init( *dst = (struct smb3_file_posix_information) { .end_of_file = get_file_size_stat(st), .allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,NULL,st), + .inode = SMB_VFS_FS_FILE_ID(conn, st), .device = st->st_ex_dev, .creation_time = unix_timespec_to_nt_time(st->st_ex_btime), .last_access_time = unix_timespec_to_nt_time(st->st_ex_atime), .last_write_time = unix_timespec_to_nt_time(st->st_ex_mtime), .change_time = unix_timespec_to_nt_time(st->st_ex_ctime), + .cc.nlinks = st->st_ex_nlink, .cc.reparse_tag = reparse_tag, .cc.posix_perms = unix_perms_to_wire(st->st_ex_mode & ~S_IFMT), .cc.owner = global_sid_NUL
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 52fd0d79ab0 smbd: put back code to fill in user and group SID from 14600a3128c s3:libads: Improve logging for failover scenarios https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 52fd0d79ab0ca65e94d9dc6908faa42a75103e6e Author: Ralph Boehme Date: Wed Oct 18 15:32:03 2023 +0200 smbd: put back code to fill in user and group SID This is accidentally removed by 6874ed6a9defdf6f842e1e25f1ffd95708534ca6. Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Oct 18 16:46:00 UTC 2023 on atb-devel-224 --- Summary of changes: source3/smbd/smb2_create.c | 3 +++ 1 file changed, 3 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index d71dfc3083f..94e73b0a27c 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -1673,6 +1673,9 @@ static void smbd_smb2_create_after_exec(struct tevent_req *req) }; enum ndr_err_code ndr_err; + uid_to_sid(, psbuf->st_ex_uid); + gid_to_sid(, psbuf->st_ex_gid); + ndr_err = ndr_push_smb3_posix_cc_info(, NDR_SCALARS | NDR_BUFFERS, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a6b1c75 ctdb: Add "home_nodes" file to deterministic IP allocation via ea9cbbd8309 ctdb: setup $CTDB_BASE for deterministic ip alloc tests via 23ccb1c0ca5 ctdb: Align variable signedness via ce3243d7b20 ctdb: Reduce indentation in get_tunable_values() via 58ec800928b ctdb: Fix whitespace from 633a3ee6894 s3: smbd: Ignore fstat() error on deleted stream in fd_close(). https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a6b1c754f8ecf7c6c8a43ff015257adf5d0a Author: Volker Lendecke Date: Fri Aug 4 14:47:51 2023 +0200 ctdb: Add "home_nodes" file to deterministic IP allocation With a file "home_nodes" next to "public_addresses" you can assign public IPs to specific nodes when using the deterministic allocation algorithm. Whenever the "home node" is up, the IP address will be assigned to that node, independent of any other deterministic calculation. The line 192.168.21.254 2 in the file "home_nodes" assigns the IP address to node 2. Only when node 2 is not able to host IP addresses, 192.168.21.254 undergoes the normal deterministic IP allocation algorithm. Signed-off-by: Volker Lendecke add home_nodes Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Oct 10 14:17:19 UTC 2023 on atb-devel-224 commit ea9cbbd8309fd8514e4a9a4aa80749e8adfff0bc Author: Volker Lendecke Date: Thu Oct 5 17:11:51 2023 +0200 ctdb: setup $CTDB_BASE for deterministic ip alloc tests ipalloc_deterministic() will require it in the next patch Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 23ccb1c0ca53f2e46238eece186ac7726af9b96d Author: Volker Lendecke Date: Fri Aug 4 15:35:46 2023 +0200 ctdb: Align variable signedness ipalloc_state->num_nodes is uint32_t Reviewed-by: Ralph Boehme commit ce3243d7b2095970d00e5c59c880ebf81f2bf9ed Author: Volker Lendecke Date: Thu Sep 28 15:55:36 2023 +0200 ctdb: Reduce indentation in get_tunable_values() Use an early return tvals; review with "git sh -b". Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 58ec800928bdda2f1260ee24eeca8a0018931a68 Author: Volker Lendecke Date: Thu Sep 28 15:50:28 2023 +0200 ctdb: Fix whitespace Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme --- Summary of changes: ctdb/doc/ctdb-tunables.7.xml | 11 ++ ctdb/server/ipalloc_deterministic.c| 130 - ctdb/tests/UNIT/takeover/det.001.sh| 2 + ctdb/tests/UNIT/takeover/det.002.sh| 2 + ctdb/tests/UNIT/takeover/det.003.sh| 2 + .../tests/UNIT/takeover/{det.003.sh => det.004.sh} | 17 ++- .../tests/UNIT/takeover/{det.002.sh => det.005.sh} | 18 ++- .../tests/UNIT/takeover/{det.001.sh => det.006.sh} | 16 ++- ctdb/tests/src/ctdb_takeover_tests.c | 45 +++ 9 files changed, 212 insertions(+), 31 deletions(-) copy ctdb/tests/UNIT/takeover/{det.003.sh => det.004.sh} (63%) copy ctdb/tests/UNIT/takeover/{det.002.sh => det.005.sh} (66%) copy ctdb/tests/UNIT/takeover/{det.001.sh => det.006.sh} (71%) Changeset truncated at 500 lines: diff --git a/ctdb/doc/ctdb-tunables.7.xml b/ctdb/doc/ctdb-tunables.7.xml index 725c781e47e..e4f7ce0b96a 100644 --- a/ctdb/doc/ctdb-tunables.7.xml +++ b/ctdb/doc/ctdb-tunables.7.xml @@ -283,6 +283,17 @@ MonitorInterval=20 with care when addresses are defined across multiple networks. + + You can override automatic the "home" node allocation by + creating a file "home_nodes" next to the + "public_addresses" file. As an example the following + "home_nodes" file assigns the address 192.168.1.1 to + node 0 and 192.168.1.2 to node 2: + + + 192.168.1.1 0 + 192.168.1.2 2 + diff --git a/ctdb/server/ipalloc_deterministic.c b/ctdb/server/ipalloc_deterministic.c index 097d8169da8..43680ba5c2f 100644 --- a/ctdb/server/ipalloc_deterministic.c +++ b/ctdb/server/ipalloc_deterministic.c @@ -24,13 +24,120 @@ #include "lib/util/debug.h" #include "common/logging.h" +#include "common/path.h" + +#include "protocol/protocol_util.h" +#include "lib/util/smb_strtox.h" +#include "lib/util/memory.h" #include "server/ipalloc_private.h" +struct home_node { + ctdb_sock_ad
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 633a3ee6894 s3: smbd: Ignore fstat() error on deleted stream in fd_close(). via 23deb79a280 tests: Add reproducer for bug 15487 via 340f0420bd3 pylibsmb: Add SMB2_CLOSE_FLAGS_FULL_INFORMATION constant via c4047443a51 libsmb: Pass "flags" through cli_close_send() and pylibsmb via f72ef19cf51 libsmb: Add "flags" to cli_smb2_close_fnum_send() from d1846452e96 vfs: Add VFS_OPEN_HOW_WITH_BACKUP_INTENT https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 633a3ee6894cc1d05b44dbe47a278202803d9b21 Author: Ralph Boehme Date: Wed Sep 20 14:21:44 2023 -0700 s3: smbd: Ignore fstat() error on deleted stream in fd_close(). In the fd_close() fsp->fsp_flags.fstat_before_close code path. If this is a stream and delete-on-close was set, the backing object (an xattr from streams_xattr) might already be deleted so fstat() fails with NT_STATUS_NOT_FOUND. So if fsp refers to a stream we ignore the error and only bail for normal files where an fstat() should still work. NB. We cannot use fsp_is_alternate_stream(fsp) for this as the base_fsp has already been closed at this point and so the value fsp_is_alternate_stream() checks for is already NULL. Remove knownfail. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15487 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Oct 10 09:39:27 UTC 2023 on atb-devel-224 commit 23deb79a28009f5c4ea2f2c2ceb84cfdbc9fb5b1 Author: Volker Lendecke Date: Sat Oct 7 12:28:05 2023 +0200 tests: Add reproducer for bug 15487 Show that smbd crashes if asked to return full information on close of a stream handle with delete on close disposition set. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15487 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 340f0420bd34149ebe8fc76eb5fe4547970a5c5b Author: Volker Lendecke Date: Sat Oct 7 12:20:35 2023 +0200 pylibsmb: Add SMB2_CLOSE_FLAGS_FULL_INFORMATION constant Bug: https://bugzilla.samba.org/show_bug.cgi?id=15487 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c4047443a511f003eb855504315eeb8499fafcb7 Author: Volker Lendecke Date: Sat Oct 7 12:13:09 2023 +0200 libsmb: Pass "flags" through cli_close_send() and pylibsmb Bug: https://bugzilla.samba.org/show_bug.cgi?id=15487 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f72ef19cf51d8ededa449344cc16b72cf3685302 Author: Volker Lendecke Date: Sat Oct 7 12:06:26 2023 +0200 libsmb: Add "flags" to cli_smb2_close_fnum_send() Bug: https://bugzilla.samba.org/show_bug.cgi?id=15487 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: examples/fuse/clifuse.c | 2 +- examples/winexe/winexe.c | 37 +++- python/samba/tests/libsmb-basic.py | 21 ++ source3/libsmb/cli_smb2_fnum.c | 56 +--- source3/libsmb/cli_smb2_fnum.h | 3 +- source3/libsmb/clifile.c | 23 --- source3/libsmb/clisymlink.c | 11 --- source3/libsmb/proto.h | 4 ++- source3/libsmb/pylibsmb.c| 11 --- source3/smbd/open.c | 15 +- source3/torture/nbench.c | 7 +++-- source3/torture/test_chain3.c| 2 +- source3/torture/test_notify.c| 11 --- source3/torture/test_notify_online.c | 6 ++-- source3/torture/torture.c| 6 ++-- 15 files changed, 141 insertions(+), 74 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/fuse/clifuse.c b/examples/fuse/clifuse.c index 28c5177b250..ba4aca751fe 100644 --- a/examples/fuse/clifuse.c +++ b/examples/fuse/clifuse.c @@ -952,7 +952,7 @@ static void cli_ll_release(fuse_req_t freq, fuse_ino_t ino, fnum = fi->fh; - req = cli_smb2_close_fnum_send(state, mstate->ev, mstate->cli, fnum); + req = cli_smb2_close_fnum_send(state, mstate->ev, mstate->cli, fnum, 0); if (req == NULL) { TALLOC_FREE(state); fuse_reply_err(freq, ENOMEM); diff --git a/examples/winexe/winexe.c b/examples/winexe/winexe.c index 29e1fe2055b..5c2529cb2de 100644 --- a/examples/winexe/winexe.c +++ b/examples/winexe/winexe.c @@ -993,11 +993,11 @@ static void winexe_out_pipe_got_data(struct tevent_req *subreq) nt_errstr(status)); if (NT_STATUS_EQUAL(status, NT_STATUS_PIPE_DISCONNECTED)) { - subreq = cli_close_send( -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d7394a90f51 testparm: Allow idmap ranges overlap for idmap_nss from fab08854af3 libsmb: Pass neg contexts through sync smbXcli_negprot_recv() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d7394a90f51e9a2caac58d280e2ec3331f45a315 Author: Samuel Cabrero Date: Tue Sep 26 13:01:03 2023 +0200 testparm: Allow idmap ranges overlap for idmap_nss Signed-off-by: Samuel Cabrero Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Sep 26 19:28:08 UTC 2023 on atb-devel-224 --- Summary of changes: source3/utils/testparm.c | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index 4a19f888632..fd90e8d734a 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -229,16 +229,21 @@ static bool do_idmap_check(void) if ((c->low >= x->low && c->low <= x->high) || (c->high >= x->low && c->high <= x->high)) { - /* Allow overlapping ranges for idmap_ad */ + /* +* Allow overlapping ranges for idmap_ad +* and idmap_nss +*/ ok = strequal(c->backend, x->backend); if (ok) { - ok = strequal(c->backend, "ad"); + ok = strequal(c->backend, "ad") || +strequal(c->backend, "nss"); if (ok) { fprintf(stderr, - "NOTE: The idmap_ad " + "NOTE: The idmap_%s " "range for the domain " "%s overlaps with the " "range of %s.\n\n", + c->backend, c->domain_name, x->domain_name); continue; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5379b8d557a s3: smbd: Ensure all callers to srvstr_pull_req_talloc() pass a zeroed-out dest pointer. via 5bc50d2ea44 s3: smbd: Uncorrupt the pointer we were using to prove a crash. via 9220c45cc19 s3: smbd: Ensure srvstr_pull_req_talloc() always NULLs out *dest. via 963fd8aa9b7 s3: torture: Add SMB1-TRUNCATED-SESSSETUP test. via e7bf94b4e3a s3: smbd: Deliberately currupt an uninitialized pointer. from c01c206d765 s4:kdc: Add get_claims_set_for_principal() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5379b8d557a9a16b81eafb87b60b81debc4bfccb Author: Jeremy Allison Date: Fri Aug 11 10:52:31 2023 -0700 s3: smbd: Ensure all callers to srvstr_pull_req_talloc() pass a zeroed-out dest pointer. Now we've fixed srvstr_pull_req_talloc() this isn't strictly needed, but ensuring pointers are initialized is best practice to avoid future bugs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Aug 14 15:55:43 UTC 2023 on atb-devel-224 commit 5bc50d2ea244721e72b4264311c7005d2f3c Author: Jeremy Allison Date: Fri Aug 11 10:47:28 2023 -0700 s3: smbd: Uncorrupt the pointer we were using to prove a crash. Rather than restore to uninitialized, set to NULL as per modern coding practices. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420 Reviewed-by: Volker Lendecke Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 9220c45cc191b34e293190f6a923ba463edd5db9 Author: Jeremy Allison Date: Fri Aug 11 10:42:41 2023 -0700 s3: smbd: Ensure srvstr_pull_req_talloc() always NULLs out *dest. Robert Morris noticed that in the case where srvstr_pull_req_talloc() is being called with buffer remaining == 0, we don't NULL out the destination pointed which is *always* done in the codepaths inside pull_string_talloc(). This prevents a crash in the caller. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 963fd8aa9b76361ab9aeb63307773f2498b17879 Author: Jeremy Allison Date: Fri Aug 11 10:39:36 2023 -0700 s3: torture: Add SMB1-TRUNCATED-SESSSETUP test. Shows that we indirect through an uninitialized pointer and the client crashes it's own smbd. Add knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit e7bf94b4e3a7f994aa6f0b859089c5add2ad380f Author: Jeremy Allison Date: Fri Aug 11 10:38:23 2023 -0700 s3: smbd: Deliberately currupt an uninitialized pointer. We will need this to show smbd crashing in the test code. This will be removed once we're passing the test. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke --- Summary of changes: source3/selftest/tests.py | 11 +++ source3/smbd/smb1_ipc.c | 2 +- source3/smbd/smb1_message.c | 2 +- source3/smbd/smb1_sesssetup.c | 4 +- source3/smbd/smb2_reply.c | 1 + source3/torture/torture.c | 181 ++ 6 files changed, 197 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 461e09be87b..579ed87656d 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -219,6 +219,17 @@ plantestsuite("samba3.smbtorture_s3.hidenewfiles_showdirs", "", "-l $LOCAL_PATH"]) +plantestsuite("samba3.smbtorture_s3.smb1.SMB1-TRUNCATED-SESSSETUP", +"fileserver_smb1", +[os.path.join(samba3srcdir, + "script/tests/test_smbtorture_s3.sh"), +'SMB1-TRUNCATED-SESSSETUP', +'//$SERVER_IP/tmp', +'$USERNAME', +'$PASSWORD', +smbtorture3, +"-mNT1"]) + # # MSDFS attribute tests. # diff --git a/source3/smbd/smb1_ipc.c b/source3/smbd/smb1_ipc.c index 3f9958fece0..716b67b40ea 100644 --- a/source3/smbd/smb1_ipc.c +++ b/source3/smbd/smb1_ipc.c @@ -695,7 +695,7 @@ void reply_trans(struct smb_request *req) return; } - if ((state = talloc(conn, struct trans_state)) == NULL) { + if ((state = talloc_zero(conn, struct trans_state)) == NULL) { DEBUG(0, ("
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9ec22e68024 dcerpc.idl: fix definitions for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED payload via 5c724a3e156 librpc/rpc: let dcerpc_read_ncacn_packet_next_vector() handle fragments without any payload via c37adb76264 s4:torture/ndr: add tests for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED from 269738d6ce4 lib/replace: fix strlcat/strlcpy compile for Honggfuzz https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9ec22e680249cfde06fb1a0a34fcc94d1f47002d Author: Stefan Metzmacher Date: Fri Aug 4 14:03:43 2023 +0200 dcerpc.idl: fix definitions for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED payload It seems commit 259129e8f4bc8cacd1850eba3f6551134835d079 was partly just fantasy... Windows clients just use 16 bytes for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED pdus. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Aug 8 08:57:46 UTC 2023 on atb-devel-224 commit 5c724a3e156ae734e4d187bf9639d895bb011834 Author: Stefan Metzmacher Date: Mon Aug 7 16:16:27 2023 +0200 librpc/rpc: let dcerpc_read_ncacn_packet_next_vector() handle fragments without any payload DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED don't have any payload by default. In order to receive them via dcerpc_read_ncacn_packet_send/recv we need to allow fragments with frag_len == DCERPC_NCACN_PAYLOAD_OFFSET. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit c37adb762640b7df9731d6a60edce808aa8787f8 Author: Stefan Metzmacher Date: Fri Aug 4 13:57:12 2023 +0200 s4:torture/ndr: add tests for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED The PDUs were generated by Windows clients. And we fail to parse them currently. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke --- Summary of changes: librpc/idl/dcerpc.idl | 2 - librpc/rpc/dcerpc_util.c | 9 ++- source4/torture/ndr/dcerpc.c | 148 ++ source4/torture/ndr/ndr.c | 1 + source4/torture/wscript_build | 1 + 5 files changed, 157 insertions(+), 4 deletions(-) create mode 100644 source4/torture/ndr/dcerpc.c Changeset truncated at 500 lines: diff --git a/librpc/idl/dcerpc.idl b/librpc/idl/dcerpc.idl index bbb17f0b8c4..1850526042c 100644 --- a/librpc/idl/dcerpc.idl +++ b/librpc/idl/dcerpc.idl @@ -276,12 +276,10 @@ interface dcerpc } dcerpc_auth3; typedef [public] struct { - [value(0)]uint32_pad; [flag(NDR_REMAINING)] DATA_BLOB auth_info; } dcerpc_orphaned; typedef [public] struct { - [value(0)]uint32_pad; [flag(NDR_REMAINING)] DATA_BLOB auth_info; } dcerpc_co_cancel; diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c index 0ecb2bff1fa..a3a734b0c09 100644 --- a/librpc/rpc/dcerpc_util.c +++ b/librpc/rpc/dcerpc_util.c @@ -565,9 +565,14 @@ static int dcerpc_read_ncacn_packet_next_vector(struct tstream_context *stream, ofs = state->buffer.length; - if (frag_len < ofs) { + if (frag_len <= ofs) { /* -* something is wrong, let the caller deal with it +* With frag_len == ofs, we are done, this is likely +* a DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED +* without any payload. +* +* Otherwise it's a broken packet and we +* let the caller deal with it. */ *_vector = NULL; *_count = 0; diff --git a/source4/torture/ndr/dcerpc.c b/source4/torture/ndr/dcerpc.c new file mode 100644 index 000..459817d4951 --- /dev/null +++ b/source4/torture/ndr/dcerpc.c @@ -0,0 +1,148 @@ +/* + Unix SMB/CIFS implementation. + test suite for dcerpc ndr operations + + Copyright (C) Stefan Metzmacher 2023 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY o
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6965e77268e s3:libads: re-initialize num_requests to 0 for cldap_ping_list retries from bf7fbf7e2b6 s3-net: no secrets access required when processing a ODJ provisioning https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6965e77268e1abfc21f1793c7cd006444938ac03 Author: Stefan Metzmacher Date: Tue Jul 4 18:07:12 2023 +0200 s3:libads: re-initialize num_requests to 0 for cldap_ping_list retries Commit 8132edf119757ee91070facffef016c93de9c2a6 introduced a retry loop arround cldap_multi_netlogon(), but it forgot to reset num_requests to 0 for the retries. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15416 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jul 5 11:17:43 UTC 2023 on atb-devel-224 --- Summary of changes: source3/libads/ldap.c | 1 + 1 file changed, 1 insertion(+) Changeset truncated at 500 lines: diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index a01b1193013..3ba32d0cf44 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -446,6 +446,7 @@ again: * The retry loop is bound by the timeout */ retry = false; + num_requests = 0; for (i = 0; i < count; i++) { char server[INET6_ADDRSTRLEN]; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 358631ce331 smbd: Merge openat_pathref_fsp_nosymlink() into _internal() via f19f3c1a16c smbd: Factor out create_open_symlink_err() via e4422b2ff33 smbd: Remove "atname" from smbd_dirptr_get_entry()'s mode_fn via 88f32b783c4 smbd: Rewrite smbd_dirptr_get_entry() via e9040fa42a5 smbd: Factor out full_path_from_dirfsp_at_basename() via b4698f3b13e smbd: Introduce dir_fname helper var in smbd_dirptr_get_entry() via 16ae3c2e26d smbd: Modernize two DEBUG statements via f56ceab909a smbd: Pass name and stat_ex to dos_mode_msdfs() via 614debf4d96 smbd: Pass "char*" to dos_mode_from_name() via 0958afd297d smbd: Pass stat_ex and files_struct to dos_mode_from_sbuf() via e9363926dc8 smbd: Extend openat_pathref_dirfsp_nosymlink() via eb2978f55cb test: skip the open-eintr test via 7a71e275e44 smbd: Fully fill in fsp in openat_pathref_fsp_nosymlink_internal() via 03660778f07 smbd: Lift up conn->cwd from openat_pathref_dirfsp_nosymlink() via 8b651a68471 smbd: Factor out full_path_extend() via 58f7ec12bd4 smbd: Add read_symlink_reparse() via 633d71eeffc smbd: Apply some README.Coding to dos_mode_from_sbuf() via 08e881aeb58 smbd: Simplify dos_mode_msdfs() via c921cdf87e6 smbd: Move dos_mode_from_name() up in dosmode.c via 290ca547a89 smbd: Slightly simplify smbd_dirptr_get_entry() from 7b6cedf5385 .gitlab-ci:bootstrap: remove ubuntu1804*, add debian12, upgrade opensuse 15.5 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 358631ce3314f952e9b205fc69f0a5b6e067e242 Author: Volker Lendecke Date: Fri Jun 30 11:18:42 2023 +0200 smbd: Merge openat_pathref_fsp_nosymlink() into _internal() Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Jun 30 11:43:46 UTC 2023 on atb-devel-224 commit f19f3c1a16c8df9caaee14f176f8e332d3d6a2bc Author: Volker Lendecke Date: Fri Jun 30 10:57:58 2023 +0200 smbd: Factor out create_open_symlink_err() 3 times talloc_zero() and read_symlink_reparse() makes a nice separate function. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit e4422b2ff33c5d49df23da1686a7be636779d5ab Author: Volker Lendecke Date: Sat Jun 24 10:02:05 2023 +0200 smbd: Remove "atname" from smbd_dirptr_get_entry()'s mode_fn Unused. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 88f32b783c43573ec3e2a82a640ad082e996aae2 Author: Volker Lendecke Date: Thu Jun 22 15:12:25 2023 +0200 smbd: Rewrite smbd_dirptr_get_entry() Move filtering of entries, in particular symlinks, fully into smbd_dirptr_get_entry(). Before, this was hidden in magic code inside openat_pathref_fsp() and the mode_fn()s. Changing anything file open code led to changes in very distant code paths because of unforeseen consequences to directory listing. This change centralizes the decision what directory entries to show into smbd_dirptr_get_entry(). It uses openat_pathref_fsp_nosymlink() without any symlink magic. It might need some tweaking when we also want to show other special files, but this will hopefully be easier. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit e9040fa42a5539c8bdbf41bd99db74759e966e88 Author: Volker Lendecke Date: Thu Jun 22 14:46:01 2023 +0200 smbd: Factor out full_path_from_dirfsp_at_basename() Will use this logic in the next patch Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit b4698f3b13e9e7560e6fa42fca81333d527c25cc Author: Volker Lendecke Date: Thu Jun 22 11:33:05 2023 +0200 smbd: Introduce dir_fname helper var in smbd_dirptr_get_entry() Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 16ae3c2e26dbb1af45df99db373d671f83babd45 Author: Volker Lendecke Date: Thu Jun 22 11:19:29 2023 +0200 smbd: Modernize two DEBUG statements Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit f56ceab909a23e1bd114c4a914d5c1a10626022a Author: Volker Lendecke Date: Tue Jun 20 16:28:19 2023 +0200 smbd: Pass name and stat_ex to dos_mode_msdfs() We'll use it in a place without a smb_fname soon. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 614debf4d9670b5919ac614d03b834c2859dc454 Author: Volker Lendecke Date: Tue Jun 20 16:22:30 2023 +0200 smbd: Pass "char*" to dos_mode_from_name() Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 0958afd297df458ee6d10f9531708b77fc65fb60 Author: Volker Lendecke Date: Tue Jun 20 16:19:50 2023 +02
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via afbed653526 s3:utils: smbget fix a memory leak from b0524830aaf s4:kdc: don't log an error if msDS-AllowedToActOnBehalfOfOtherIdentity is missing https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit afbed653526b572f7309e67ed742a76ef7b2b8ec Author: Jones Syue Date: Tue Jun 27 17:19:59 2023 +0800 s3:utils: smbget fix a memory leak Using smbget to download files recursively (-R). If smbget found that a file is already existed in the destination, smbget would said 'File exists', return early, and 'newname' allocated memory is never freed, this is found by valgrind. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15403 Signed-off-by: Jones Syue Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jun 28 07:02:34 UTC 2023 on atb-devel-224 --- Summary of changes: source3/utils/smbget.c | 1 + 1 file changed, 1 insertion(+) Changeset truncated at 500 lines: diff --git a/source3/utils/smbget.c b/source3/utils/smbget.c index 00bf20e8192..5c99dcf918a 100644 --- a/source3/utils/smbget.c +++ b/source3/utils/smbget.c @@ -246,6 +246,7 @@ static bool smb_download_dir(const char *base, const char *name, int resume) if (!ok) { fprintf(stderr, "Failed to download %s: %s\n", newname, strerror(errno)); + free(newname); free(tmpname); return false; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via de2738fb9a7 smbd: Don't mask open error if fstatat() fails via 13d199bea0f tests: Show smbd returns wrong error code when creating on r/o fs via 37b3667f65d error_inject: Enable returning EROFS for O_CREAT via 840480789fc error_inject: map EROFS from 7828c6535cd s4:kdc: Don’t overwrite error code https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit de2738fb9a7dad84eb50a0cf007d89b6ef53ec9a Author: Volker Lendecke Date: Mon Jun 26 13:17:44 2023 +0200 smbd: Don't mask open error if fstatat() fails Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402 Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Jun 26 16:53:21 UTC 2023 on atb-devel-224 commit 13d199bea0f39fafd2bf39516d83e20893003aa2 Author: Volker Lendecke Date: Mon Jun 26 14:54:00 2023 +0200 tests: Show smbd returns wrong error code when creating on r/o fs Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402 Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 37b3667f65d10a39b95dd84c002677d16f8c0776 Author: Volker Lendecke Date: Mon Jun 26 13:17:19 2023 +0200 error_inject: Enable returning EROFS for O_CREAT Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402 Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 840480789fcbb2e4ffe8b08818869f8490dc29d5 Author: Volker Lendecke Date: Mon Jun 26 12:47:17 2023 +0200 error_inject: map EROFS Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402 Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme --- Summary of changes: source3/modules/vfs_error_inject.c | 20 source3/script/tests/test_rofs.sh | 34 ++ source3/selftest/tests.py | 7 +++ source3/smbd/open.c| 9 + 4 files changed, 70 insertions(+) create mode 100755 source3/script/tests/test_rofs.sh Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_error_inject.c b/source3/modules/vfs_error_inject.c index 1a327097b30..edb7c64a92a 100644 --- a/source3/modules/vfs_error_inject.c +++ b/source3/modules/vfs_error_inject.c @@ -31,6 +31,7 @@ struct unix_error_map { { "EBADF",EBADF }, { "EINTR",EINTR }, { "EACCES", EACCES }, + { "EROFS",EROFS }, }; static int find_unix_error_from_string(const char *err_str) @@ -115,6 +116,7 @@ static int vfs_error_inject_openat(struct vfs_handle_struct *handle, const struct vfs_open_how *how) { int error = inject_unix_error("openat", handle); + int create_error = inject_unix_error("openat_create", handle); int dirfsp_flags = (O_NOFOLLOW|O_DIRECTORY); bool return_error; @@ -126,6 +128,24 @@ static int vfs_error_inject_openat(struct vfs_handle_struct *handle, #endif #endif + if ((create_error != 0) && (how->flags & O_CREAT)) { + struct stat_ex st = { + .st_ex_nlink = 0, + }; + int ret; + + ret = SMB_VFS_FSTATAT(handle->conn, + dirfsp, + smb_fname, + , + AT_SYMLINK_NOFOLLOW); + + if ((ret == -1) && (errno == ENOENT)) { + errno = create_error; + return -1; + } + } + return_error = (error != 0); return_error &= !fsp->fsp_flags.is_pathref; return_error &= ((how->flags & dirfsp_flags) != dirfsp_flags); diff --git a/source3/script/tests/test_rofs.sh b/source3/script/tests/test_rofs.sh new file mode 100755 index 000..72901e5845a --- /dev/null +++ b/source3/script/tests/test_rofs.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash +# Test smbd handling EROFS when creating a file +# Copyright (C) 2023 Volker Lendecke + +if [ $# -ne 4 ]; then + echo Usage: $0 SERVERCONFFILE SMBCLIENT SERVER SHARE + exit 1 +fi + +CONF=$1 +shift 1 +SMBCLIENT=$1 +shift 1 +SERVER=$1 +shift 1 +SHARE=$1 +shift 1 + +incdir=$(dirname $0)/../../../testprogs/blackbox +. $incdir/subunit.sh + +error_inject_conf=$(dirname ${SERVERCONFFILE})/error_inject.conf +echo "error_inject:openat_create = EROFS" >${error_inject_conf} + +failed=0 + +out=$(${SMBCLIENT} //${SERVER}/${SHARE} ${CONF} -U${USER}%${PASSWORD} \ + -c "put VERSION") +testit_grep "Expect MEDIA_WRI
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c4e27ae4f69 smbd: Don't set security_descriptor_hash_v4->time from d34ff44d91b s3:winbind: Fix talloc parent in find_dc() leading to a segfault https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c4e27ae4f69c3a3e067db3627455175b0b427cb1 Author: Volker Lendecke Date: Tue Jun 20 09:56:22 2023 +0200 smbd: Don't set security_descriptor_hash_v4->time This prevents de-duplication of xattrs in the backend file system where otherwise ACLs are often very similar. Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jun 21 07:11:56 UTC 2023 on atb-devel-224 --- Summary of changes: librpc/idl/xattr.idl | 5 + source3/modules/vfs_acl_common.c | 4 2 files changed, 5 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/xattr.idl b/librpc/idl/xattr.idl index 82d4ec5a473..d1cf913e9d8 100644 --- a/librpc/idl/xattr.idl +++ b/librpc/idl/xattr.idl @@ -204,6 +204,11 @@ interface xattr * this hash (to allow * forensics later, if we have * a bug in one codepath */ + /* +* "time" is always set to 0. Left here to avoid +* bumping the union versions. Remove in case a v5 is +* necessary. +*/ NTTIME time; uint8 sys_acl_hash[64]; /* 64 bytes hash. */ } security_descriptor_hash_v4; diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index fd54d7b2dd6..7a35a946f51 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -259,9 +259,6 @@ static NTSTATUS create_sys_acl_blob(const struct security_descriptor *psd, struct security_descriptor_hash_v4 sd_hs4; enum ndr_err_code ndr_err; TALLOC_CTX *ctx = talloc_tos(); - NTTIME nttime_now; - struct timeval now = timeval_current(); - nttime_now = timeval_to_nttime(); ZERO_STRUCT(xacl); ZERO_STRUCT(sd_hs4); @@ -272,7 +269,6 @@ static NTSTATUS create_sys_acl_blob(const struct security_descriptor *psd, xacl.info.sd_hs4->hash_type = hash_type; memcpy(_hs4->hash[0], hash, XATTR_SD_HASH_SIZE); xacl.info.sd_hs4->description = description; - xacl.info.sd_hs4->time = nttime_now; memcpy(_hs4->sys_acl_hash[0], sys_acl_hash, XATTR_SD_HASH_SIZE); ndr_err = ndr_push_struct_blob( -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 585e4cdd6c9 docs-xml: remove completely outdated Samba-Developers-Guide from cac38aa3870 vfs: Remove vfs telldir/seekdir functions https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 585e4cdd6c98c91ea629f767e95e6c02ab5ed1af Author: Björn Jacke Date: Wed Jun 7 02:49:49 2023 +0200 docs-xml: remove completely outdated Samba-Developers-Guide Signed-off-by: Bjoern Jacke Reviewed-by: Andrew Bartlett Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jun 14 12:21:50 UTC 2023 on atb-devel-224 --- Summary of changes: .../Samba-Developers-Guide/CodingSuggestions.xml | 239 -- docs-xml/Samba-Developers-Guide/Tracing.xml| 131 - docs-xml/Samba-Developers-Guide/architecture.xml | 186 -- docs-xml/Samba-Developers-Guide/cifsntdomain.xml | 2934 docs-xml/Samba-Developers-Guide/contributing.xml | 112 - docs-xml/Samba-Developers-Guide/debug.xml | 323 --- docs-xml/Samba-Developers-Guide/encryption.xml | 199 -- docs-xml/Samba-Developers-Guide/gencache.xml | 119 - docs-xml/Samba-Developers-Guide/index.xml | 99 - docs-xml/Samba-Developers-Guide/internals.xml | 442 --- docs-xml/Samba-Developers-Guide/modules.xml| 176 -- docs-xml/Samba-Developers-Guide/packagers.xml | 54 - docs-xml/Samba-Developers-Guide/parsing.xml| 241 -- docs-xml/Samba-Developers-Guide/printing.xml | 395 --- docs-xml/Samba-Developers-Guide/rpc_plugin.xml | 90 - docs-xml/Samba-Developers-Guide/unix-smb.xml | 316 --- docs-xml/Samba-Developers-Guide/vfs.xml| 921 -- docs-xml/Samba-Developers-Guide/wins.xml | 81 - 18 files changed, 7058 deletions(-) delete mode 100644 docs-xml/Samba-Developers-Guide/CodingSuggestions.xml delete mode 100644 docs-xml/Samba-Developers-Guide/Tracing.xml delete mode 100644 docs-xml/Samba-Developers-Guide/architecture.xml delete mode 100644 docs-xml/Samba-Developers-Guide/cifsntdomain.xml delete mode 100644 docs-xml/Samba-Developers-Guide/contributing.xml delete mode 100644 docs-xml/Samba-Developers-Guide/debug.xml delete mode 100644 docs-xml/Samba-Developers-Guide/encryption.xml delete mode 100644 docs-xml/Samba-Developers-Guide/gencache.xml delete mode 100644 docs-xml/Samba-Developers-Guide/index.xml delete mode 100644 docs-xml/Samba-Developers-Guide/internals.xml delete mode 100644 docs-xml/Samba-Developers-Guide/modules.xml delete mode 100644 docs-xml/Samba-Developers-Guide/packagers.xml delete mode 100644 docs-xml/Samba-Developers-Guide/parsing.xml delete mode 100644 docs-xml/Samba-Developers-Guide/printing.xml delete mode 100644 docs-xml/Samba-Developers-Guide/rpc_plugin.xml delete mode 100644 docs-xml/Samba-Developers-Guide/unix-smb.xml delete mode 100644 docs-xml/Samba-Developers-Guide/vfs.xml delete mode 100644 docs-xml/Samba-Developers-Guide/wins.xml Changeset truncated at 500 lines: diff --git a/docs-xml/Samba-Developers-Guide/CodingSuggestions.xml b/docs-xml/Samba-Developers-Guide/CodingSuggestions.xml deleted file mode 100644 index 4adb8cb09b7..000 --- a/docs-xml/Samba-Developers-Guide/CodingSuggestions.xml +++ /dev/null @@ -1,239 +0,0 @@ - -http://www.samba.org/samba/DTD/samba-doc;> - - - - SteveFrench - - - SimoSorce - - - AndrewBartlett - - - TimPotter - - - MartinPool - - - -Coding Suggestions - - -So you want to add code to Samba ... - - - -One of the daunting tasks facing a programmer attempting to write code for -Samba is understanding the various coding conventions used by those most -active in the project. These conventions were mostly unwritten and helped -improve either the portability, stability or consistency of the code. This -document will attempt to document a few of the more important coding -practices used at this time on the Samba project. The coding practices are -expected to change slightly over time, and even to grow as more is learned -about obscure portability considerations. Two existing documents -samba/source/internals.doc and -samba/source/architecture.doc provide -additional information. - - - -The loosely related question of coding style is very personal and this -document does not attempt to address that subject, except to say that I -have observed that eight character tabs seem to be preferred in Samba -source. If you are interested in the topic of coding style, two oft-quoted -documents are: - - - -http://lxr.linux.no/source/Documentation/CodingStyle;>http://lxr.linux.no/source/Documentation/CodingStyle - - - -http://www.fsf.org/prep/standards_toc.html
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9c24f853a84 smbd: remove comments about deprecated 'write cache size' from f30f5793ad5 libsmb: Fix directory listing against old servers https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9c24f853a84e1435235ba58ffcaaeff7dd80f6aa Author: Jones Syue Date: Fri Jun 2 14:40:09 2023 +0800 smbd: remove comments about deprecated 'write cache size' The option 'write cache size' was removed since samba-4.12 version: https://wiki.samba.org/index.php/Samba_4.12_Features_added/changed https://git.samba.org/?p=samba.git;a=commit;h=3fea05e0 https://git.samba.org/?p=samba.git;a=commit;h=728fabea It is supposed to remove comments about deprecated 'write cache size', in order to avoid confusion when reading source code and documents. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15383 Signed-off-by: Jones Syue Reviewed-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Jun 2 09:48:17 UTC 2023 on atb-devel-224 --- Summary of changes: docs-xml/smbdotconf/locking/smb2leases.xml | 2 -- docs-xml/smbdotconf/tuning/aioreadsize.xml | 2 +- docs-xml/smbdotconf/tuning/aiowritesize.xml | 2 +- libgpo/admx/en-US/samba.adml| 15 +++ source3/smbd/smb2_read.c| 1 - 5 files changed, 9 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/locking/smb2leases.xml b/docs-xml/smbdotconf/locking/smb2leases.xml index 5a490875af7..89ff307d8f9 100644 --- a/docs-xml/smbdotconf/locking/smb2leases.xml +++ b/docs-xml/smbdotconf/locking/smb2leases.xml @@ -15,8 +15,6 @@ and no. - Note that the write cache won't be used for file handles with a smb2 write lease. - oplocks diff --git a/docs-xml/smbdotconf/tuning/aioreadsize.xml b/docs-xml/smbdotconf/tuning/aioreadsize.xml index 71120a80388..5218f34a6d6 100644 --- a/docs-xml/smbdotconf/tuning/aioreadsize.xml +++ b/docs-xml/smbdotconf/tuning/aioreadsize.xml @@ -6,7 +6,7 @@ If this integer parameter is set to a non-zero value, Samba will read from files asynchronously when the request size is bigger than this value. Note that it happens only for non-chained and non-chaining -reads and when not using write cache. +reads. The only reasonable values for this parameter are 0 (no async I/O) and 1 (always do async I/O). aio write size diff --git a/docs-xml/smbdotconf/tuning/aiowritesize.xml b/docs-xml/smbdotconf/tuning/aiowritesize.xml index cdc079d13dc..029e1d135c0 100644 --- a/docs-xml/smbdotconf/tuning/aiowritesize.xml +++ b/docs-xml/smbdotconf/tuning/aiowritesize.xml @@ -6,7 +6,7 @@ If this integer parameter is set to a non-zero value, Samba will write to files asynchronously when the request size is bigger than this value. Note that it happens only for non-chained and non-chaining -reads and when not using write cache. +writes. The only reasonable values for this parameter are 0 (no async I/O) and 1 (always do async I/O). Compared to this parameter has diff --git a/libgpo/admx/en-US/samba.adml b/libgpo/admx/en-US/samba.adml index 2b1b520ca62..c073758b004 100755 --- a/libgpo/admx/en-US/samba.adml +++ b/libgpo/admx/en-US/samba.adml @@ -323,14 +323,13 @@ Example: 4194304 The time in milliseconds that smbd should keep waiting to see if a failed lock request can be granted. This parameter has changed in default value from Samba 3.0.23 from 10 to 200. The associated parameter is no longer used in Samba 3.0.24. You should not need to change the value of this parameter. oplock break wait time This is a tuning parameter added due to bugs in both Windows 9x and WinNT. If Samba responds to a client too quickly when that client issues an SMB that can cause an oplock break request, then the network client can fail and not respond to the break request. This tuning parameter (which is set in milliseconds) is the amount of time Samba will wait before sending an oplock break request to such (broken) clients. - DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND UNDERSTOOD THE SAMBA OPLOCK CODE. - smb2 leases - This boolean option tells smbd whether to globally negotiate SMB2 leases on file open requests. Leasing is an SMB2-only feature which allows clients to aggressively cache files locally above and beyond the caching allowed by SMB1 oplocks. - This is only available with yes and no. - Note that the write cache won't be used for file handles with a smb2 write lease. - debug class - With this boolean parameter enabled, the debug class (DBGC_CLASS) - will be displayed in the debug header. + DO NOT CHANGE
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e03e738dfc9 librpc/rpc: allow smb3_sid_parse() to accept modern encryption algorithms from 8296b6884df s4:torture: Replace calls to deprecated function https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e03e738dfc96b3c8ce54e2d280143965713f4778 Author: Stefan Metzmacher Date: Tue May 16 13:09:23 2023 +0200 librpc/rpc: allow smb3_sid_parse() to accept modern encryption algorithms We should not limit the possible encryption algorithms to the currently known ones. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15374 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed May 17 07:34:28 UTC 2023 on atb-devel-224 --- Summary of changes: librpc/rpc/dcerpc_helper.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/librpc/rpc/dcerpc_helper.c b/librpc/rpc/dcerpc_helper.c index eec78e034ee..e1589f90794 100644 --- a/librpc/rpc/dcerpc_helper.c +++ b/librpc/rpc/dcerpc_helper.c @@ -49,7 +49,12 @@ static bool smb3_sid_parse(const struct dom_sid *sid, } cipher = sid->sub_auths[3]; - if (cipher > SMB2_ENCRYPTION_AES128_GCM) { + if (cipher > 256) { + /* +* It is unlikely that we +* ever have more then 256 +* encryption algorithms +*/ return false; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 59694ad0a4c rpc_server3: Pass winbind_env_set() state through to rpcd_* via bb3ea36e100 lib: Add security_token_del_npa_flags() helper function via bdba027a33e rpc: Remove named_pipe_auth_req_info6->need_idle_server via 31180e0e6d9 rpc_server3: Use global_sid_Samba_NPA_Flags to pass "need_idle" via ebbb93cc7a5 rpc: Add global_sid_Samba_NPA_Flags SID via 1d11e0489b2 librpc: Simplify dcerpc_is_transport_encrypted() via 244ee8ad75c smbd: Use security_token_count_flag_sids() in open_np_file() via 5e8c7192ba5 libcli: Add security_token_count_flag_sids() from 6206e15b4de winbind: Fix "wbinfo -u" on a Samba AD DC with >1000 users https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 59694ad0a4cc489f1baa4c2c94c6322c0f22c1df Author: Volker Lendecke Date: Tue Apr 18 12:47:04 2023 +0200 rpc_server3: Pass winbind_env_set() state through to rpcd_* Winbind can ask rpcd_lsad for LookupNames etc. This can recurse back into winbind for getpwnam. We have the "_NO_WINBINDD" environment variable set in winbind itself for this case, but this is lost on the way into rpcd_lsad. Use a flag in global_sid_Samba_NPA_Flags to pass this information to dcerpc_core, where it sets the variable on every call if requested. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue May 16 11:54:32 UTC 2023 on atb-devel-224 commit bb3ea36e10079ad9c73c68d7ed8fce51ecb40ebe Author: Volker Lendecke Date: Tue Apr 18 14:32:20 2023 +0200 lib: Add security_token_del_npa_flags() helper function Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit bdba027a33e35aab7bb322bc3167cdd7babfc059 Author: Volker Lendecke Date: Tue Apr 18 12:29:34 2023 +0200 rpc: Remove named_pipe_auth_req_info6->need_idle_server Involves bumping up the version number Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 31180e0e6d9e43d54e7656a56ed3af129f578105 Author: Volker Lendecke Date: Tue Apr 18 12:28:28 2023 +0200 rpc_server3: Use global_sid_Samba_NPA_Flags to pass "need_idle" More code, but will be more flexible in the future. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit ebbb93cc7a57a118b82b8f383d25f1eb022397d6 Author: Volker Lendecke Date: Tue Apr 18 12:09:45 2023 +0200 rpc: Add global_sid_Samba_NPA_Flags SID This will be used as a flexible way to pass per-RPC-connection flags over ncalrpc to the RPC server without having to modify named_pipe_auth_req_info6 every time something new needs to be passed. It's modeled after global_sid_Samba_SMB3. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 1d11e0489b2c91fc05c6befc0463695d7102abcc Author: Volker Lendecke Date: Tue Apr 18 12:04:17 2023 +0200 librpc: Simplify dcerpc_is_transport_encrypted() Simplify logic by using security_token_count_flag_sids() Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 244ee8ad75c2c968997dfdd5eeb9e9cb97a191fb Author: Volker Lendecke Date: Tue Apr 18 12:01:02 2023 +0200 smbd: Use security_token_count_flag_sids() in open_np_file() Simpler logic in the caller Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 5e8c7192ba5469547ba3101885dfbaba2f8181f4 Author: Volker Lendecke Date: Tue Apr 18 11:31:16 2023 +0200 libcli: Add security_token_count_flag_sids() To be used in a few places when checking special-case Samba SIDs. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher --- Summary of changes: libcli/named_pipe_auth/npa_tstream.c | 144 +++ libcli/named_pipe_auth/npa_tstream.h | 4 +- libcli/security/dom_sid.h| 4 + libcli/security/security_token.c | 37 + libcli/security/security_token.h | 9 +++ libcli/security/util_sid.c | 7 ++ librpc/idl/named_pipe_auth.idl | 9 +-- librpc/rpc/dcerpc_helper.c | 25 +++--- librpc/rpc/dcesrv_core.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4dccf5afa44 ctdb-recovery: Use correct struct ban_node_state type for state from de1fdf1e020 s4:lib:policy: cleanup and handle errors in push_recursive() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4dccf5afa444edecd2893dac7558bac9212526bf Author: Christof Schmitt Date: Tue May 2 12:17:56 2023 -0700 ctdb-recovery: Use correct struct ban_node_state type for state If this codepath is hit, ctdb aborts with: ctdb/server/ctdb_recovery_helper.c:2687: Type mismatch: name[struct ban_node_state] expected[struct node_ban_state]") at ../../lib/talloc/talloc.c:505 Fix this by using the correct type. Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed May 3 08:04:09 UTC 2023 on atb-devel-224 --- Summary of changes: ctdb/server/ctdb_recovery_helper.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/server/ctdb_recovery_helper.c b/ctdb/server/ctdb_recovery_helper.c index f3576474144..4df48417c7a 100644 --- a/ctdb/server/ctdb_recovery_helper.c +++ b/ctdb/server/ctdb_recovery_helper.c @@ -2327,8 +2327,8 @@ static void ban_node_done(struct tevent_req *subreq) { struct tevent_req *req = tevent_req_callback_data( subreq, struct tevent_req); - struct node_ban_state *state = tevent_req_data( - req, struct node_ban_state); + struct ban_node_state *state = tevent_req_data( + req, struct ban_node_state); struct ctdb_reply_control *reply; int ret; bool status; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via dc96e9cfd5d libcli:smb: Fix code spelling via e38f7cf4f19 libcli:security: Fix code spelling via fc7d58ee394 libcli:ldap: Fix code spelling via e3a710f2906 libcli:drsuapi: Fix code spelling via adcc92f8359 libcli:auth: Fix code spelling from 6490ff63552 s3:lib: Give better warnings about corrupted AppleDobule files https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dc96e9cfd5dad8e4586ef6214214f225fdf852c2 Author: Andreas Schneider Date: Thu Apr 27 15:58:18 2023 +0200 libcli:smb: Fix code spelling Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Apr 27 15:27:21 UTC 2023 on atb-devel-224 commit e38f7cf4f19c545d8fa31bed237427942311480d Author: Andreas Schneider Date: Thu Apr 27 15:56:42 2023 +0200 libcli:security: Fix code spelling Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit fc7d58ee39449201304771dd628b220e2578858a Author: Andreas Schneider Date: Thu Apr 27 15:54:54 2023 +0200 libcli:ldap: Fix code spelling Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit e3a710f2906ec263aa87807c9ac1118307f69580 Author: Andreas Schneider Date: Thu Apr 27 15:54:15 2023 +0200 libcli:drsuapi: Fix code spelling Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit adcc92f83594abc3ab98fd0f138cdc76d3d2560d Author: Andreas Schneider Date: Thu Apr 27 15:53:25 2023 +0200 libcli:auth: Fix code spelling Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: libcli/auth/msrpc_parse.c | 2 +- libcli/auth/proto.h | 2 +- libcli/auth/schannel_state_tdb.c | 4 ++-- libcli/auth/session.c | 8 libcli/auth/smbencrypt.c | 2 +- libcli/drsuapi/repl_decrypt.c | 4 ++-- libcli/ldap/tests/ldap_message_test.c | 4 ++-- libcli/security/access_check.c| 2 +- libcli/security/create_descriptor.c | 2 +- libcli/security/object_tree.c | 2 +- libcli/security/privileges.c | 4 ++-- libcli/security/privileges.h | 2 +- libcli/security/security.h| 2 +- libcli/security/security_descriptor.c | 2 +- libcli/security/util_sid.c| 2 +- libcli/smb/smb1cli_close.c| 4 ++-- libcli/smb/smb1cli_create.c | 8 libcli/smb/smb1cli_read.c | 4 ++-- libcli/smb/smb1cli_write.c| 8 libcli/smb/smbXcli_base.c | 6 +++--- libcli/smb/smb_constants.h| 6 +++--- libcli/smb/smb_signing.c | 6 +++--- libcli/smb/tstream_smbXcli_np.c | 2 +- libcli/smb/util.c | 6 +++--- 24 files changed, 47 insertions(+), 47 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/auth/msrpc_parse.c b/libcli/auth/msrpc_parse.c index 86ba2ec00d4..8326261e838 100644 --- a/libcli/auth/msrpc_parse.c +++ b/libcli/auth/msrpc_parse.c @@ -24,7 +24,7 @@ /* this is a tiny msrpc packet generator. I am only using this to - avoid tying this code to a particular varient of our rpc code. This + avoid tying this code to a particular variant of our rpc code. This generator is not general enough for all our rpc needs, its just enough for the spnego/ntlmssp code diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h index f6ca2f1632d..b202542068d 100644 --- a/libcli/auth/proto.h +++ b/libcli/auth/proto.h @@ -224,7 +224,7 @@ bool extract_pwd_blob_from_buffer514(TALLOC_CTX *mem_ctx, /** * @brief Decode AES password buffer to password in the given charset. * - * @param mem_ctx The memory context to allocate the deocded passwrod on. + * @param mem_ctx The memory context to allocate the decoded password on. * * @param in_buffer[514] The in buffer with the decrypted password data. * diff --git a/libcli/auth/schannel_state_tdb.c b/libcli/auth/schannel_state_tdb.c index e0ac8a378a0..ac3654e2c99 100644 --- a/libcli/auth/schannel_state_tdb.c +++ b/libcli/auth/schannel_state_tdb.c @@ -34,7 +34,7 @@ /** Open or create the schannel session store tdb. Non-static so it can - be called from parent processes to corectly handle TDB_CLEAR_IF_FIRST + be called from parent processes to correctly handle TDB_CLEAR_IF_FIRST ***/ struct db_context *open_schannel_session_store(TALLOC_CTX *mem_ctx, @@ -550,7 +550,7 @@ NTSTATUS schannel_save_challenge(struct loadparm_context *lp_ctx, remote machine stored in the schannel database
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8027283dd7c tests: Test ldap whoami exop via a00af01e656 ldap_server: Implement the rfc4532 whoami exop via e88332cbe41 ldb: Implement ldap_whoami in pyldb via 0575cc4b85f ldb: Allow extended operations through ildap via 8aab8d6cafd ldb: Add the RFC4532 LDB_EXTENDED_WHOAMI_OID definition from d5b8b804fe4 Add ROLE_IPA_DC into two more places https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8027283dd7c55b611d0af19caccbdd98bb2fa264 Author: Volker Lendecke Date: Fri Apr 21 16:04:30 2023 +0200 tests: Test ldap whoami exop Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Apr 26 07:20:14 UTC 2023 on atb-devel-224 commit a00af01e656af291a3abf01f05dcc4db51db77d0 Author: Volker Lendecke Date: Wed Nov 3 16:35:00 2021 +0100 ldap_server: Implement the rfc4532 whoami exop Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit e88332cbe41e817d74a411332c66f19aee6071e5 Author: Volker Lendecke Date: Fri Mar 24 11:49:02 2023 +0100 ldb: Implement ldap_whoami in pyldb Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 0575cc4b85f65fbcd3fa7fc2c1961284ba1a02f0 Author: Volker Lendecke Date: Fri Mar 24 11:48:31 2023 +0100 ldb: Allow extended operations through ildap Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 8aab8d6cafdd7d975b8f82692b8fad87723c5c6d Author: Volker Lendecke Date: Wed Nov 10 16:29:59 2021 +0100 ldb: Add the RFC4532 LDB_EXTENDED_WHOAMI_OID definition Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett --- Summary of changes: lib/ldb-samba/ldb_ildap.c | 111 lib/ldb/include/ldb.h | 5 ++ lib/ldb/pyldb.c | 36 python/samba/tests/ldap_whoami.py | 38 source4/ldap_server/ldap_extended.c | 48 source4/selftest/tests.py | 1 + 6 files changed, 239 insertions(+) create mode 100644 python/samba/tests/ldap_whoami.py Changeset truncated at 500 lines: diff --git a/lib/ldb-samba/ldb_ildap.c b/lib/ldb-samba/ldb_ildap.c index d738d1da0cf..c3d872ebaa1 100644 --- a/lib/ldb-samba/ldb_ildap.c +++ b/lib/ldb-samba/ldb_ildap.c @@ -370,6 +370,67 @@ static void ildb_callback(struct ldap_request *req) break; + case LDAP_TAG_ExtendedRequest: { + + struct ldap_ExtendedResponse *ext_response = NULL; + struct ldb_reply *ares = NULL; + + if (req->replies[0]->type != LDAP_TAG_ExtendedResponse) { + ret = LDB_ERR_PROTOCOL_ERROR; + return; + } + ext_response = >replies[0]->r.ExtendedResponse; + + status = ldap_check_response(ac->ireq->conn, +>replies[0]->r.GeneralResult); + if (!NT_STATUS_IS_OK(status)) { + ret = ildb_map_error(ac->module, status); + request_done = true; + break; + } + + ares = talloc_zero(req, struct ldb_reply); + if (ares == NULL) { + ret = LDB_ERR_OPERATIONS_ERROR; + request_done = true; + break; + } + + ares->type = LDB_REPLY_DONE; + + ares->response = talloc_zero(ares, struct ldb_extended); + if (ares->response == NULL) { + ret = LDB_ERR_OPERATIONS_ERROR; + request_done = true; + break; + } + + ares->response->oid = + talloc_strdup(ares->response, ext_response->oid); + if (ares->response->oid == NULL) { + ret = LDB_ERR_OPERATIONS_ERROR; + request_done = true; + break; + } + + if (ext_response->value != NULL) { + ares->response->data = + talloc_memdup(ares->response, + ext_response->value->data, + ext_response->value->length); + if (ares->response->data == NULL) { + ret = LDB_ERR_OPERATIONS_ERROR; + request_done = true; + break; + } + } + +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 24dd45613a6 python:tests: Skip the source_chars test if not a git dir from 3c50a921aec s3:client: Remove unused tree.c https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 24dd45613a693e029ffc4055abe6ae735a092824 Author: Andreas Schneider Date: Fri Apr 14 21:05:18 2023 +0200 python:tests: Skip the source_chars test if not a git dir This test doesn't work in release tarballs. Skip it if git fails. Signed-off-by: Andreas Schneider Reviewed-by: David Mulder Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Apr 21 13:59:29 UTC 2023 on atb-devel-224 --- Summary of changes: python/samba/tests/source_chars.py | 23 --- 1 file changed, 16 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/source_chars.py b/python/samba/tests/source_chars.py index 49733968e43..e0acb38b8f7 100644 --- a/python/samba/tests/source_chars.py +++ b/python/samba/tests/source_chars.py @@ -23,7 +23,7 @@ from collections import Counter from samba.colour import c_RED, c_GREEN, c_DARK_YELLOW, switch_colour_off import re import unicodedata as u -from samba.tests import TestCase +from samba.tests import TestCase, SkipTest if not sys.stdout.isatty(): switch_colour_off() @@ -35,10 +35,15 @@ def _find_root(): stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=10) -except subprocess.SubprocessError as e: -print(c_RED(f"Error running git (is this a git tree?): {e}")) -print("This test is only useful in a git working tree") -sys.exit(1) +except subprocess.CalledProcessError as err: +print(c_RED("Error running git (is this a git tree?): %s" % (err))) + +SkipTest("This test is only useful in a git working tree") +sys.exit(0) + +if p.returncode != 0: +raise SkipTest("This test is only useful in a git working tree") +sys.exit(0) root = p.stdout.decode().strip() @@ -54,8 +59,7 @@ def _find_root(): return root -ROOT = _find_root() - +ROOT = None IGNORED_FILES = ( 'examples/validchars/validchr.com', @@ -202,6 +206,11 @@ def is_bad_char(c): class CharacterTests(TestCase): +def setUp(self): +global ROOT +if not ROOT: +ROOT = _find_root() + def test_no_unexpected_format_chars(self): """This test tries to ensure that no source file has unicode control characters that can change the apparent order of other -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via af91bcb3593 pylibsmb: Return "flags" in create_returns via 03b552323be libsmb: Return [MS-SMB2] 2.2.14 SMB2 CREATE Response flags field via 86868cb0458 smbd: Save 488 bytes RSS via 33194ad2340 libsmb: Adapt cli_echo_send() to modern conventions via efdae5d2fa5 smbd: Fix a DBG statement via 76497f705f7 libsmb: Make setting errno safer in SMBC_add_cached_server() via 13187d1f6e4 libsmb: Simplify SMBC_add_cached_server() via 64ea002960d libsmb: Avoid an explicit ZERO_STRUCTP with calloc via 061aaf8622a libsmb: Slightly simplify smbc_init() via e0f9407155a libsmb: Make cli_smb2_qpathinfo2() asynchronous via 2446ea916d9 libsmb: Make cli_qpathinfo2_done() parse the results via 1e738cb061c libsmb: Introduce type-safe struct cli_smb2_create_flags from 526f381f413 shadow_copy2: Fix stream open for streams_depot paths https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit af91bcb35934b04d84d097103d92c0420e65d6b9 Author: Volker Lendecke Date: Tue Feb 14 20:49:52 2023 +0100 pylibsmb: Return "flags" in create_returns Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Apr 18 15:58:42 UTC 2023 on atb-devel-224 commit 03b552323be8c9ebc0dc5f0f81779300f9268d1f Author: Volker Lendecke Date: Tue Feb 14 20:44:16 2023 +0100 libsmb: Return [MS-SMB2] 2.2.14 SMB2 CREATE Response flags field Not used yet, mostly for completeness. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 86868cb0458cb7bde81862c831aff56e6df69610 Author: Volker Lendecke Date: Thu Mar 9 17:36:26 2023 +0100 smbd: Save 488 bytes RSS With this ld.so does not have to relocate the string pointers Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 33194ad2340622f3664e5dc517e08035aaf050f5 Author: Volker Lendecke Date: Sat Mar 11 13:51:43 2023 +0100 libsmb: Adapt cli_echo_send() to modern conventions Nowadays we rather do protocol-specific _done() functions, and overall this cuts a few lines. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit efdae5d2fa50939ba9cae73d68d07a644c483f42 Author: Volker Lendecke Date: Sat Mar 11 15:37:59 2023 +0100 smbd: Fix a DBG statement This is not smbd_smb2_create_send() anymore. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 76497f705f7737c8d54ea23554e6b10e400ed4df Author: Volker Lendecke Date: Sat Apr 1 11:57:47 2023 +0200 libsmb: Make setting errno safer in SMBC_add_cached_server() DEBUG should preserve errno, but make this more obvious. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 13187d1f6e48620649ca94f14ef383b38b734263 Author: Volker Lendecke Date: Sat Apr 1 11:57:29 2023 +0200 libsmb: Simplify SMBC_add_cached_server() ENOMEM is the only error condition we have Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 64ea002960dba4a31a2d550d623215328f80852e Author: Volker Lendecke Date: Sat Apr 1 11:55:10 2023 +0200 libsmb: Avoid an explicit ZERO_STRUCTP with calloc Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 061aaf8622a284ff1db0060b39dbfbc59a3f199e Author: Volker Lendecke Date: Sat Apr 1 12:47:51 2023 +0200 libsmb: Slightly simplify smbc_init() Reduce indentation with an early return, review with git show -w Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit e0f9407155a53a7fe5d3f9c68a6eebf10de863b1 Author: Volker Lendecke Date: Tue Apr 4 09:36:08 2023 +0200 libsmb: Make cli_smb2_qpathinfo2() asynchronous Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 2446ea916d9e48b6b8420ddd2a124abc18f62e2e Author: Volker Lendecke Date: Mon Apr 3 18:31:01 2023 +0200 libsmb: Make cli_qpathinfo2_done() parse the results Make it easier to do an async SMB2 version Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 1e738cb061c939e23663d6eb007baf4eea6d8fda Author: Volker Lendecke Date: Wed Apr 12 15:31:03 2023 +0200 libsmb: Introduce type-safe struct cli_smb2_create_flags This makes it clearer what to pass into the create_flags argument to cli_smb2_create_fnum(). There was already confusion in source3/torture/test_smb2.c: It passed in SMB2_OPLOCK_LEVEL_NONE (which was okay because it #defines to 0), but it should have been a straight 0, for example SMB2_OPLOCK_LEVEL_EXCLUSIVE would have been wrong. This way adding other flags (.nofollow comes t
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 45f026c45c9 debug: Only initialize gpfs wrapper when gpfs logging is enabled from 31418f95d3a testprogs: Set PREFIX_ABS before it is used in test_primary_group.sh https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 45f026c45c996bb65d2bd3e350587d51d6862a03 Author: Christof Schmitt Date: Thu Apr 13 11:13:00 2023 -0700 debug: Only initialize gpfs wrapper when gpfs logging is enabled This avoids unnecessary attempts to load libgpfs.so when it is not needed. Signed-off-by: Christof Schmitt Reviewed-by: Michael Tokarev Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Apr 14 12:28:23 UTC 2023 on atb-devel-224 --- Summary of changes: lib/util/debug.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/lib/util/debug.c b/lib/util/debug.c index 95de5ce3595..b83075cb239 100644 --- a/lib/util/debug.c +++ b/lib/util/debug.c @@ -406,7 +406,9 @@ static void debug_lttng_log(int msg_level, const char *msg, size_t msg_len) static void debug_gpfs_reload(bool enabled, bool previously_enabled, const char *prog_name, char *option) { - gpfswrap_init(); + if (enabled) { + gpfswrap_init(); + } if (enabled && !previously_enabled) { gpfswrap_init_trace(); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0cd66fe6bd4 libsmb: Fix test for smbc_getxattr via 4fc166628fd libsmb: fix regression on smbc_getxattr and fix doc via a1231c15ffe s3:libads: Remove executable bit from ldap.c from 3633027e49a rpcd_mdssvc: initialize POSIX locking https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0cd66fe6bd4ac2aa0b302ddf3eb5068fc9c522ec Author: Remi Collet Date: Tue Apr 4 12:16:09 2023 +0200 libsmb: Fix test for smbc_getxattr Bug: https://bugzilla.samba.org/show_bug.cgi?id=14808 Signed-off-by: Remi Collet Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Sun Apr 9 10:44:38 UTC 2023 on atb-devel-224 commit 4fc166628fda160d1cd38c140a9664defc5844ab Author: Remi Collet Date: Tue Apr 4 10:22:09 2023 +0200 libsmb: fix regression on smbc_getxattr and fix doc Bug: https://bugzilla.samba.org/show_bug.cgi?id=14808 Signed-off-by: Remi Collet Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke commit a1231c15ffe5468a2d0ffed8adca3f6d6adcf3b4 Author: Andreas Schneider Date: Thu Apr 6 21:40:31 2023 +0200 s3:libads: Remove executable bit from ldap.c Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: source3/include/libsmbclient.h | 2 +- source3/libads/ldap.c | 0 source3/libsmb/libsmb_xattr.c | 4 ++-- source4/torture/libsmbclient/libsmbclient.c | 25 +++-- 4 files changed, 22 insertions(+), 9 deletions(-) mode change 100755 => 100644 source3/libads/ldap.c Changeset truncated at 500 lines: diff --git a/source3/include/libsmbclient.h b/source3/include/libsmbclient.h index ef8b327e374..056444d008c 100644 --- a/source3/include/libsmbclient.h +++ b/source3/include/libsmbclient.h @@ -2419,7 +2419,7 @@ int smbc_getxattr(const char *url, * required to hold the attribute value will be returned, * but nothing will be placed into the value buffer. * - * @return 0 on success, < 0 on error with errno set: + * @return size on success, < 0 on error with errno set: * - EINVAL The client library is not properly initialized *or one of the parameters is not of a correct *form diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c old mode 100755 new mode 100644 diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c index 1e8d2718a22..1f820521193 100644 --- a/source3/libsmb/libsmb_xattr.c +++ b/source3/libsmb/libsmb_xattr.c @@ -2182,9 +2182,9 @@ SMBC_getxattr_ctx(SMBCCTX *context, TALLOC_FREE(frame); /* * static function cacl_get returns a value greater than zero -* on success. Map this to zero meaning success. +* which is needed buffer size needed when size_t is 0. */ -return ret < 0 ? -1 : 0; +return ret; } /* Unsupported attribute name */ diff --git a/source4/torture/libsmbclient/libsmbclient.c b/source4/torture/libsmbclient/libsmbclient.c index 55ea26f5bc8..72af8fc01c9 100644 --- a/source4/torture/libsmbclient/libsmbclient.c +++ b/source4/torture/libsmbclient/libsmbclient.c @@ -1542,17 +1542,30 @@ static bool torture_libsmbclient_getxattr(struct torture_context *tctx) ret)); /* -* Ensure getting a valid attribute returns 0. +* Ensure getting a valid attribute computes its size. +*/ + ret = smbc_getxattr(getxattr_name, "system.*", NULL, 0); + torture_assert_goto(tctx, + ret >= 0, + ok, + done, + talloc_asprintf(tctx, + "smbc_getxattr(foobar, NULL) on '%s' should " + "get >=0, got %d\n", + getxattr_name, + ret)); + + /* +* Ensure getting a valid attribute returns its size. */ ret = smbc_getxattr(getxattr_name, "system.*", value, sizeof(value)); - torture_assert_int_equal_goto(tctx, - ret, - 0, + torture_assert_goto(tctx, + ret >= 0, ok, done, talloc_asprintf(tctx, - "smbc_getxattr(foobar) on '%s' should " - "get -1, got %d\n", + "smbc_getxattr(foobar, value) on '%s' should " + "get >=0, got %d\n", getxattr_name, ret)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 38d2ca0a670 smbd: Indicate posix pathnames if SMB311 POSX cc requested from 4b1d2051383 lib:krb5_wrap: Fix code spelling https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 38d2ca0a67087c202c380dd56422889fd0fc3c48 Author: Volker Lendecke Date: Sun Feb 12 12:35:28 2023 +0100 smbd: Indicate posix pathnames if SMB311 POSX cc requested Avoid making smb311 posix extensions a global thing. Posix clients could request non-posix behaviour on individual create calls. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Apr 4 07:04:13 UTC 2023 on atb-devel-224 --- Summary of changes: source3/smbd/smb2_create.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index 93c345f5809..c8f5bbbe471 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -747,7 +747,7 @@ static NTSTATUS smbd_smb2_create_fetch_create_ctx( * ucf_flags_from_smb_request() to * return UCF_POSIX_PATHNAMES in ucf_flags. */ - state->smb1req->posix_pathnames = true; + state->smb1req->posix_pathnames = (state->posx != NULL); } return NT_STATUS_OK; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via bf9130d375b smbd: Fix case normalization in for directories via 342d8f6a0a8 tests: Show that the case sensitive large dir optimization is broken via a9301d8f295 tests: Move libsmb-basic to fileserver_smb1 environment from 62ea6ae8c9d doc/vfs_ceph: document ceph:filesystem parameter https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit bf9130d375b6c401bb79fc1a0911975814759e3b Author: Volker Lendecke Date: Fri Feb 17 10:02:37 2023 +0100 smbd: Fix case normalization in for directories Bug: https://bugzilla.samba.org/show_bug.cgi?id=15313 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Feb 24 08:46:14 UTC 2023 on atb-devel-224 commit 342d8f6a0a8bc2229332783a840c882f85a1dd4e Author: Volker Lendecke Date: Fri Feb 17 15:41:12 2023 +0100 tests: Show that the case sensitive large dir optimization is broken We don't normalize the directories Bug: https://bugzilla.samba.org/show_bug.cgi?id=15313 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit a9301d8f2956409a6d36e7776d0237d03bfbdbf6 Author: Volker Lendecke Date: Fri Feb 17 15:40:30 2023 +0100 tests: Move libsmb-basic to fileserver_smb1 environment This has the lower-case share, used in the next commit Bug: https://bugzilla.samba.org/show_bug.cgi?id=15313 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: python/samba/tests/libsmb-basic.py | 9 + selftest/target/Samba3.pm | 1 + source3/smbd/filename.c| 8 source4/selftest/tests.py | 2 +- 4 files changed, 19 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/libsmb-basic.py b/python/samba/tests/libsmb-basic.py index 61a25a8c682..37b82b26dac 100644 --- a/python/samba/tests/libsmb-basic.py +++ b/python/samba/tests/libsmb-basic.py @@ -193,6 +193,15 @@ class LibsmbTestCase(samba.tests.libsmb.LibsmbTests): finally: c.deltree(testdir) +def test_libsmb_TortureDirCaseSensitive(self): +c = libsmb.Conn(self.server_ip, "lowercase", self.lp, self.creds) +c.mkdir("subdir") +c.mkdir("subdir/b") +ret = c.chkpath("SubDir/b") +c.rmdir("subdir/b") +c.rmdir("subdir") +self.assertTrue(ret) + if __name__ == "__main__": import unittest unittest.main() diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index f9346ae812e..476f59c8783 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -2106,6 +2106,7 @@ sub setup_fileserver_smb1 [global] client min protocol = CORE server min protocol = LANMAN1 + check parent directory delete on close = yes [hidenewfiles] path = $prefix_abs/share diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 73e88add2c3..e9775387d11 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -1123,6 +1123,14 @@ static NTSTATUS filename_convert_dirfsp_nosymlink( char *substitute = NULL; size_t unparsed = 0; + status = normalize_filename_case(conn, dirname, ucf_flags); + if (!NT_STATUS_IS_OK(status)) { + DBG_ERR("normalize_filename_case %s failed: %s\n", + dirname, + nt_errstr(status)); + goto fail; + } + status = openat_pathref_dirfsp_nosymlink( mem_ctx, conn, diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py index 7eff1bb2469..2780d77ad07 100755 --- a/source4/selftest/tests.py +++ b/source4/selftest/tests.py @@ -535,7 +535,7 @@ for t in smbtorture4_testsuites("dlz_bind9."): # The dlz_bind9 tests needs to look at the DNS database plansmbtorture4testsuite(t, "chgdcpass:local", ["ncalrpc:$SERVER", '-U$USERNAME%$PASSWORD']) -planpythontestsuite("nt4_dc_smb1", "samba.tests.libsmb-basic") +planpythontestsuite("fileserver_smb1", "samba.tests.libsmb-basic") planpythontestsuite("ad_member", "samba.tests.smb-notify", environ={'USERNAME':'$DC_USERNAME', -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 206dcf7d426 lib:util: File descriptor being closed repeatedly. from 8441c03ccf8 lib:ldb: Print a debug message in case we have a corrupted MDB https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 206dcf7d426e9e85c896c54839008e194d9a2824 Author: baixiangcpp Date: Fri Feb 10 11:01:47 2023 +0800 lib:util: File descriptor being closed repeatedly. In file_load()/file_lines_load(), the file's fd is obtained using open(), and in fd_load() the fd is converted to a FILE* using fdopen(). However, after fclose(), the fd is closed again using close(). Bug: https://bugzilla.samba.org/show_bug.cgi?id=15311 Signed-off-by: baixiangcpp baixiang...@gmail.com Reviewed-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Feb 16 12:13:05 UTC 2023 on atb-devel-224 --- Summary of changes: lib/util/util_file.c | 9 - 1 file changed, 8 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/lib/util/util_file.c b/lib/util/util_file.c index af90e4a7621..fa5abadedec 100644 --- a/lib/util/util_file.c +++ b/lib/util/util_file.c @@ -175,13 +175,20 @@ _PUBLIC_ char *fd_load(int fd, size_t *psize, size_t maxsize, TALLOC_CTX *mem_ct size_t size = 0; size_t chunk = 1024; int err; + int fd_dup; if (maxsize == 0) { maxsize = SIZE_MAX; } - file = fdopen(fd, "r"); + fd_dup = dup(fd); + if (fd_dup == -1) { + return NULL; + } + + file = fdopen(fd_dup, "r"); if (file == NULL) { + close(fd_dup); return NULL; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 238056e5aad ctdb-scripts: Avoid using testparm to process its own output via 9a04ca1e1cd ctdb-scripts: Do not replace commas with spaces in "smb ports" list via 029dddfb79f ctdb-scripts: Reformat script with "shfmt -w -p -i 0 -fn" from 5d8647376fb vfs: Fix whitespace in vfs_aixacl_util.c https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 238056e5aadb597e3f6165757990a88952644866 Author: Martin Schwenke Date: Mon Feb 13 14:59:18 2023 +1100 ctdb-scripts: Avoid using testparm to process its own output When testparm processes the output of "testparm -v" (which includes default values) it appears to do global checks (or some other sort of initialisation logic) for all specified values. This includes a DNS lookup for the node's hostname, as a side-effect of a libldap ldap_set_option() call when processing "ldap debug level". If DNS servers are down then this can induce timeouts, possibly resulting in monitor timeouts. Avoid this by using sed to extract configuration values from the testparm cache file. This is already shown to work when retrieving share paths, where testparm is basically used as cat. Update the sed pattern to avoid matching empty values on the right-hand side of the equals ('=') - this avoids the default empty path value (and "smb ports" never has an empty value). Corresponding test changes: * 50.samba.monitor.111.sh no longer expects a failure from being unable to set smb ports, since testparm is no longer used in that code path. * smb ports needs to be set in fake smb.conf so it is in the default output and can be extracted using sed. * Although testparm --parameter-name is no longer used in 50.samba.script, update the stub implementation (in case it is ever used again) to extract from fake smb.conf, since "smb ports" is now set there. The change from $parameter to $param allows a long line to stay below 80 columns. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Feb 14 08:43:53 UTC 2023 on atb-devel-224 commit 9a04ca1e1cdf90065338b0ecb27043e63109a2cb Author: Martin Schwenke Date: Tue Feb 14 12:36:11 2023 +1100 ctdb-scripts: Do not replace commas with spaces in "smb ports" list The list changed back to space-separated in commit 93448f4be92d4e018aaf2f9705f0351360b2ed0f, so simplify the code a little. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 029dddfb79fb557039c9daa9eebde333e6d19233 Author: Martin Schwenke Date: Mon Feb 13 13:02:52 2023 +1100 ctdb-scripts: Reformat script with "shfmt -w -p -i 0 -fn" Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke --- Summary of changes: ctdb/config/events/legacy/50.samba.script | 167 +++-- .../UNIT/eventscripts/50.samba.monitor.111.sh | 4 +- ctdb/tests/UNIT/eventscripts/etc/samba/smb.conf| 1 + ctdb/tests/UNIT/eventscripts/stubs/testparm| 23 +-- 4 files changed, 95 insertions(+), 100 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/config/events/legacy/50.samba.script b/ctdb/config/events/legacy/50.samba.script index 81c6e7fa6ba..84600e25024 100755 --- a/ctdb/config/events/legacy/50.samba.script +++ b/ctdb/config/events/legacy/50.samba.script @@ -1,7 +1,7 @@ #!/bin/sh # ctdb event script for Samba -[ -n "$CTDB_BASE" ] || \ +[ -n "$CTDB_BASE" ] || CTDB_BASE=$(d=$(dirname "$0") && cd -P "$d" && dirname "$PWD") . "${CTDB_BASE}/functions" @@ -9,16 +9,16 @@ detect_init_style case $CTDB_INIT_STYLE in - suse) - CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smb} - ;; - debian) - CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smbd} - ;; - *) - # Use redhat style as default: - CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smb} - ;; +suse) + CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smb} + ;; +debian) + CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smbd} + ;; +*) + # Use redhat style as default: + CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smb} + ;; esac service_name="samba" @@ -27,25 +27,25 @@ load_script_options ctdb_setup_state_dir "service" "$service_name" -service_start () +service_start() { -# make sure samba is not already started -service "$CTDB_SERVICE_SMB" stop >
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f7b50bc059d smbd: Use smbXsrv_open_global_parse_record() in .._verify_record() via 132b83d0659 smbd: Simplify smbXsrv_open_global_parse_record() via 2f6776741dc smbd: Move smbXsrv_open_global_parse_record() up in smbXsrv_open.c via 3c779de8cf9 smbd: Simplify smbXsrv_open_global_verify_record() via f1a66267bcf smbd: Save a few lines in smb2srv_open_lookup_replay_cache() via 35a32171b50 smbd: Fix a typo from 253891032ee python: Don't use deprecated escape sequences https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f7b50bc059d1b5c7e40cdc4e88ef5ee16f7db670 Author: Volker Lendecke Date: Thu Jan 19 12:29:20 2023 +0100 smbd: Use smbXsrv_open_global_parse_record() in .._verify_record() Signed-off-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Jan 24 09:15:26 UTC 2023 on atb-devel-224 commit 132b83d0659ddc25a96327edc1c7dd23b17a56fd Author: Volker Lendecke Date: Thu Jan 19 12:25:21 2023 +0100 smbd: Simplify smbXsrv_open_global_parse_record() It does not need a db_record. Signed-off-by: Volker Lendecke commit 2f6776741dc6469d78b94da22d75f26a5fc9 Author: Volker Lendecke Date: Thu Jan 19 12:22:33 2023 +0100 smbd: Move smbXsrv_open_global_parse_record() up in smbXsrv_open.c Avoid a prototype in the next patches Signed-off-by: Volker Lendecke commit 3c779de8cf99d0936956a12484fd726d5be46c7e Author: Volker Lendecke Date: Fri Jan 6 16:25:03 2023 +0100 smbd: Simplify smbXsrv_open_global_verify_record() Don't depend on the record to be passed in, return NTSTATUS. The two flags were a bit confusing to me, now NT_STATUS_OK means "found a valid record with a live process", and NT_STATUS_FATAL_APP_EXIT means we found a stale record from a crashed smbd Signed-off-by: Volker Lendecke commit f1a66267bcfcd48f3c7ca2ada3f62d40209163e3 Author: Volker Lendecke Date: Wed Jan 11 11:44:29 2023 +0100 smbd: Save a few lines in smb2srv_open_lookup_replay_cache() Directly initialize variables, don't leave dangling pointers in TDB_DATA Signed-off-by: Volker Lendecke commit 35a32171b5067d5b80acffc99f8d43cdc7f5f9a7 Author: Volker Lendecke Date: Wed Jan 11 08:18:35 2023 +0100 smbd: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher --- Summary of changes: source3/smbd/smbXsrv_open.c | 312 1 file changed, 141 insertions(+), 171 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smbXsrv_open.c b/source3/smbd/smbXsrv_open.c index 6aa44ec4fcc..585d1ec0838 100644 --- a/source3/smbd/smbXsrv_open.c +++ b/source3/smbd/smbXsrv_open.c @@ -225,11 +225,11 @@ static NTSTATUS smbXsrv_open_local_lookup(struct smbXsrv_open_table *table, return NT_STATUS_OK; } -static void smbXsrv_open_global_verify_record(struct db_record *db_rec, - bool *is_free, - bool *was_free, - TALLOC_CTX *mem_ctx, - struct smbXsrv_open_global0 **_g); +static NTSTATUS smbXsrv_open_global_verify_record( + TDB_DATA key, + TDB_DATA val, + TALLOC_CTX *mem_ctx, + struct smbXsrv_open_global0 **_global0); static NTSTATUS smbXsrv_open_global_allocate( struct db_context *db, struct smbXsrv_open_global0 *global) @@ -245,9 +245,11 @@ static NTSTATUS smbXsrv_open_global_allocate( * ID for SRVSVC. */ for (i = 0; i < UINT32_MAX; i++) { - bool is_free = false; - bool was_free = false; + struct smbXsrv_open_global_key_buf key_buf; + struct smbXsrv_open_global0 *tmp_global0 = NULL; + TDB_DATA key, val; uint32_t id; + NTSTATUS status; if (i >= min_tries && last_free != 0) { id = last_free; @@ -261,141 +263,154 @@ static NTSTATUS smbXsrv_open_global_allocate( id--; } - global->db_rec = smbXsrv_open_global_fetch_locked( - db, id, global); + key = smbXsrv_open_global_id_to_key(id, _buf); + + global->db_rec = dbwrap_fetch_locked(db, global, key); if (global->db_rec == NULL) { return NT_STATUS_INSUFFICIENT_RESOURCES; } + val = dbwrap_record_get_value(global->db_rec); - smbXsrv_open_global_verify_record(global->db_rec, -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 872ea49ac6d kdc: Don't reference ENODATA in platform-independent code from 84f56f2b98b ldb: change the version to 2.8.0 for Samba 4.19 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 872ea49ac6dced44f114f80b7065017a381f46d7 Author: Volker Lendecke Date: Wed Jan 18 11:49:00 2023 +0100 kdc: Don't reference ENODATA in platform-independent code FreeBSD has ENOATTR but not ENODATA, Linux has ENODATA but not ENOATTR for returning "attr does not exist". With 2eb899de6a2 we settled on ENOATTR to handle this case. Alternatively we could #define ENODATA ENOATTR on FreeBSD... Signed-off-by: Volker Lendecke Reviewed-by: douglas.bagn...@catalyst.net.nz Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jan 19 09:24:15 UTC 2023 on atb-devel-224 --- Summary of changes: source4/kdc/mit_samba.c | 5 +++-- source4/kdc/pac-glue.c | 7 --- source4/kdc/wdc-samba4.c | 3 ++- 3 files changed, 9 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c index 54d308d35e8..8df3ad36228 100644 --- a/source4/kdc/mit_samba.c +++ b/source4/kdc/mit_samba.c @@ -25,6 +25,7 @@ #include "param/param.h" #include "dsdb/samdb/samdb.h" #include "system/kerberos.h" +#include "lib/replace/system/filesys.h" #include #include #include @@ -640,7 +641,7 @@ krb5_error_code mit_samba_reget_pac(struct mit_samba_context *ctx, new_pac); if (code != 0) { krb5_pac_free(context, new_pac); - if (code == ENODATA) { + if (code == ENOATTR) { krb5_pac_free(context, *pac); *pac = NULL; code = 0; @@ -740,7 +741,7 @@ krb5_error_code mit_samba_update_pac(struct mit_samba_context *ctx, old_pac, new_pac); if (code != 0) { - if (code == ENODATA) { + if (code == ENOATTR) { /* * We can't tell the KDC to not issue a PAC. It will * just return the newly allocated empty PAC. diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index f844b08d513..e9b951ff48e 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -23,6 +23,7 @@ #include "lib/replace/replace.h" #include "lib/replace/system/kerberos.h" +#include "lib/replace/system/filesys.h" #include "lib/util/debug.h" #include "lib/util/samba_util.h" #include "lib/util/talloc_stack.h" @@ -1401,7 +1402,7 @@ WERROR samba_rodc_confirm_user_is_allowed(uint32_t num_object_sids, * @param new_pac The new already allocated PAC * @return A Kerberos error code. If no PAC should be returned, the code will be - * ENODATA! + * ENOATTR! */ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx, krb5_context context, @@ -1756,7 +1757,7 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx, * need to re-generate anything anyway. */ if (!samba_princ_needs_pac(server)) { - code = ENODATA; + code = ENOATTR; goto done; } @@ -1779,7 +1780,7 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx, _pac); if (code != 0 || !requested_pac) { if (!requested_pac) { - code = ENODATA; + code = ENOATTR; } goto done; } diff --git a/source4/kdc/wdc-samba4.c b/source4/kdc/wdc-samba4.c index 1c10f13972f..f3ca04550b0 100644 --- a/source4/kdc/wdc-samba4.c +++ b/source4/kdc/wdc-samba4.c @@ -29,6 +29,7 @@ #include "sdb_hdb.h" #include "librpc/gen_ndr/auth.h" #include +#include "lib/replace/system/filesys.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_KERBEROS @@ -361,7 +362,7 @@ static krb5_error_code samba_wdc_reget_pac2(astgs_request_t r, new_pac); if (ret != 0) { krb5_pac_free(context, new_pac); - if (ret == ENODATA) { + if (ret == ENOATTR) { krb5_pac_free(context, *pac); *pac = NULL; ret = 0; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3d3d01cda8d s3: smbd: Tweak openat_pathref_dirfsp_nosymlink() to NULL out fsp->fsp_name after calling fd_close() on intermediate directories, rather than before. via c844bff3eca selftest: Show vfs_virusscanner crashes when traversing a 2-level directory tree. from 1421969b86b CI: add a test for @GMT mask in SMB1 find https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3d3d01cda8d3a6d0d18d1b808aa9414e71d56062 Author: Jeremy Allison Date: Thu Jan 12 11:20:08 2023 -0800 s3: smbd: Tweak openat_pathref_dirfsp_nosymlink() to NULL out fsp->fsp_name after calling fd_close() on intermediate directories, rather than before. vfs_virusfilter expects a non-NULL fsp->fsp_name to use for printing debugs (it always indirects fsp->fsp_name). vfs_fruit also does the same, so would also crash in fruit_close() with 'debug level = 10' and vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no set (we don't test with that which is why we haven't noticed this before). Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15283 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Jan 13 08:33:47 UTC 2023 on sn-devel-184 commit c844bff3eca336547c6cedfeeb03adda4eed57c6 Author: Jeremy Allison Date: Thu Jan 12 10:22:09 2023 -0800 selftest: Show vfs_virusscanner crashes when traversing a 2-level directory tree. Modify check_infected_read() test to use a 2-level deep directory. We must have vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no set on the virusscanner share as otherwise the openat flag shortcut defeats the test. Add knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15283 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke --- Summary of changes: selftest/target/Samba3.pm | 1 + source3/script/tests/test_virus_scanner.sh | 25 ++--- source3/smbd/files.c | 4 ++-- 3 files changed, 21 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index c6cdc84b615..6f93694f1b3 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -1998,6 +1998,7 @@ sub setup_fileserver virusfilter:infected files = *infected* virusfilter:infected file action = rename virusfilter:scan on close = yes + vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no [volumeserialnumber] path = $volume_serial_number_sharedir diff --git a/source3/script/tests/test_virus_scanner.sh b/source3/script/tests/test_virus_scanner.sh index 913c353028b..83b50df915f 100755 --- a/source3/script/tests/test_virus_scanner.sh +++ b/source3/script/tests/test_virus_scanner.sh @@ -26,25 +26,36 @@ check_infected_read() { rm -rf "${sharedir:?}"/* - if ! touch "${sharedir}/infected.txt"; then - echo "ERROR: Cannot create ${sharedir}/infected.txt" + if ! mkdir "${sharedir}/read1"; then + echo "ERROR: Cannot create ${sharedir}/read1" + return 1 + fi + + if ! mkdir "${sharedir}/read1/read2"; then + echo "ERROR: Cannot create ${sharedir}/read1/read2" return 1 fi - ${SMBCLIENT} "//${SERVER_IP}/${SHARE}" -U"${USER}"%"${PASSWORD}" -c "get infected.txt ${sharedir}/infected.download.txt" + if ! touch "${sharedir}/read1/read2/infected.txt"; then + echo "ERROR: Cannot create ${sharedir}/read1/read2/infected.txt" + return 1 + fi + + ${SMBCLIENT} "//${SERVER_IP}/${SHARE}" -U"${USER}"%"${PASSWORD}" -c "get read1/read2/infected.txt ${sharedir}/read1/read2/infected.download.txt" # check that virusfilter:rename prefix/suffix was added - if [ ! -f "${sharedir}/virusfilter.infected.txt.infected" ]; then - echo "ERROR: ${sharedir}/virusfilter.infected.txt.infected is missing." + if [ ! -f "${sharedir}/read1/read2/virusfilter.infected.txt.infected" ]; then + echo "ERROR: ${sharedir}/read1/read2/virusfilter.infected.txt.infected is missing." return 1 fi # check that file was not downloaded - if [ -f "${sharedir}/infected.download.txt" ]; then - echo "ERROR: {sharedir}/infected.download.txt should not exist." + if [ -f "${sha
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 98d84192a03 s3:utils:mdsearch go to cmdline_messaging_context_free from de5d31f452b s3:smbstatus: go to cmdline_messaging_context_free https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 98d84192a03a4f1135eaf1590fb62b16d8bc49c8 Author: Jones Syue Date: Thu Jan 12 15:47:20 2023 +0800 s3:utils:mdsearch go to cmdline_messaging_context_free mdsearch utility would exit earlier with failure in several cases like: a. samba server is not running yet, [~] # mdsearch -Uuser%password1 ${server} Public '*=="Samba"' main: Cannot connect to server: NT_STATUS_CONNECTION_REFUSED b. spotlight backend service is not ready yet, [~] # mdsearch -Uuser%password1 ${server} Public '*=="Samba"' Failed to connect mdssvc c. mdsearch utility paramters is not as expecred, [~] # mdsearch -Uuser%password1 ${server} share_not_exist '*=="Samba"' mdscli_search failed And in the mean while once mdsearch utility exit earlier with failure, the lock files are left behind in the directory 'msg.sock' and 'msg.lock'. If a script to run mdsearch utility in a loop, this might result in used space slowly growing-up on underlying filesystem. Supposed to add a new label 'fail_free_messaging', make it go through the cmdline_messaging_context_free() which deletes the lock files in the directory msg.sock and msg.lock before mdsearch utility is exiting with failure. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15284 Signed-off-by: Jones Syue Reviewed-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jan 12 11:40:19 UTC 2023 on sn-devel-184 --- Summary of changes: source3/utils/mdsearch.c | 20 +++- 1 file changed, 11 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/mdsearch.c b/source3/utils/mdsearch.c index ab48e366a0a..eddb83874cb 100644 --- a/source3/utils/mdsearch.c +++ b/source3/utils/mdsearch.c @@ -144,12 +144,12 @@ int main(int argc, char **argv) flags); if (!NT_STATUS_IS_OK(status)) { DBG_ERR("Cannot connect to server: %s\n", nt_errstr(status)); - goto fail; + goto fail_free_messaging; } status = cli_rpc_pipe_open_noauth(cli, _table_mdssvc, ); if (!NT_STATUS_IS_OK(status)) { - goto fail; + goto fail_free_messaging; } status = mdscli_connect(frame, @@ -159,7 +159,7 @@ int main(int argc, char **argv) _ctx); if (!NT_STATUS_IS_OK(status)) { printf("Failed to connect mdssvc\n"); - goto fail; + goto fail_free_messaging; } if (opt_path == NULL) { @@ -168,7 +168,7 @@ int main(int argc, char **argv) basepath = talloc_strdup(frame, opt_path); } if (basepath == NULL) { - goto fail; + goto fail_free_messaging; } status = mdscli_search(frame, @@ -179,7 +179,7 @@ int main(int argc, char **argv) ); if (!NT_STATUS_IS_OK(status)) { printf("mdscli_search failed\n"); - goto fail; + goto fail_free_messaging; } if (!opt_live) { @@ -199,7 +199,7 @@ int main(int argc, char **argv) } if (!NT_STATUS_IS_OK(status)) { printf("mdscli_get_results failed\n"); - goto fail; + goto fail_free_messaging; } ncnids = talloc_array_length(cnids); @@ -217,7 +217,7 @@ int main(int argc, char **argv) if (!NT_STATUS_IS_OK(status)) { printf("Get path for CNID 0x%"PRIx64" failed\n", cnids[i]); - goto fail; + goto fail_free_messaging; } printf("%s\n", path); TALLOC_FREE(path); @@ -227,13 +227,13 @@ int main(int argc, char **argv) status = mdscli_close_search(); if (!NT_STATUS_IS_OK(status)) { printf("mdscli_close_search failed\n"); - goto fail; + goto fail_free_messaging; } status = mdscli_disconnect(mdscli_ctx); if (!NT_STATUS_IS_OK(status)) { printf("mdscli_disconnect failed\n"); - got
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via de5d31f452b s3:smbstatus: go to cmdline_messaging_context_free from 7ffa732d828 s3: smbd: Move check_fsp_open() and check_fsp() to smb1_reply.c https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit de5d31f452b2445bd92b1746efb05aa096716af8 Author: Jones Syue Date: Wed Jan 11 16:59:42 2023 +0800 s3:smbstatus: go to cmdline_messaging_context_free If the locking.tdb is not found, (for example, fresh new installed samba server is not running yet) smbstatus utility would exit earlier, and lock files are left behind in the directory 'msg.sock' and 'msg.lock'. Consider that a script to run smbstatus utility in a loop, this might result in used space slowly growing-up on the underlying filesystem. Since the samba server is not running yet, there is no cleanupd daemon could delete these files to reclaim space. Supposed to use 'ret = 0; goto done;' instead of exit(0), this would go through the cmdline_messaging_context_free() which deletes the lock files in the directory msg.sock and msg.lock before smbstatus utility is exiting. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15282 Signed-off-by: Jones Syue Reviewed-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jan 11 17:08:10 UTC 2023 on sn-devel-184 --- Summary of changes: source3/utils/status.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/utils/status.c b/source3/utils/status.c index d1c69c512a8..cca8b7d6cb2 100644 --- a/source3/utils/status.c +++ b/source3/utils/status.c @@ -1185,7 +1185,8 @@ int main(int argc, const char *argv[]) fprintf(stderr, "This is normal if an SMB client has never " "connected to your server.\n"); TALLOC_FREE(db_path); - exit(0); + ret = 0; + goto done; } else { TALLOC_FREE(db); TALLOC_FREE(db_path); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7ffa732d828 s3: smbd: Move check_fsp_open() and check_fsp() to smb1_reply.c via 2fe95f6a302 s3: smbd: Ensure check_fsp_ntquota_handle() doesn't send SMB1 error packets. via 55f4ac65f91 s3: smbd: SMB1 check_fsp_open() implicitly calls reply_nterror(.., NT_STATUS_INVALID_HANDLE) on error so don't duplicate in reply_close(). from d7bab36ad11 tests/krb5: Use Python bindings for LZ77+Huffman compression https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7ffa732d8280c2e88daab6c3b97de71a3cdfb3ba Author: Jeremy Allison Date: Mon Jan 9 17:33:14 2023 -0800 s3: smbd: Move check_fsp_open() and check_fsp() to smb1_reply.c As these functions can implicitly call reply_nterror(..., NT_STATUS_INVALID_HANDLE) they should never be available to SMB2 code paths. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jan 11 08:17:04 UTC 2023 on sn-devel-184 commit 2fe95f6a3020ed2d582f94ab7640e8ef640a1c36 Author: Jeremy Allison Date: Mon Jan 9 17:22:12 2023 -0800 s3: smbd: Ensure check_fsp_ntquota_handle() doesn't send SMB1 error packets. check_fsp_ntquota_handle() is called from SMB2 codepaths as well as from SMB1. Even in the SMB1 cases the callers of check_fsp_ntquota_handle() handle sendng the error packet when check_fsp_ntquota_handle returns false so on a 'return false' we'd end up sending an error packet twice. The SMB2 callers of check_fsp_ntquota_handle() already check that fsp is valid, so there's no danger of us sending an SMB1 error packet over the SMB2 stream (so I'm not classing this as a bug to be back-ported). Fix check_fsp_ntquota_handle() by inlineing the check_fsp_open() functionality without the reply_nterror() calls. This will allow the next commit to move check_fsp_open() with the implicit reply_nterror() and also check_fsp() (which calls check_fsp_open()) into the SMB1 smb1_reply.c file as SMB1-only code. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 55f4ac65f9120d12ed4059b5c3214e9a97f97205 Author: Jeremy Allison Date: Mon Jan 9 17:28:06 2023 -0800 s3: smbd: SMB1 check_fsp_open() implicitly calls reply_nterror(.., NT_STATUS_INVALID_HANDLE) on error so don't duplicate in reply_close(). We'd end up sending 2 SMB1 error packets in this case. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke --- Summary of changes: source3/smbd/smb1_reply.c | 41 - source3/smbd/smb2_reply.c | 46 +- 2 files changed, 45 insertions(+), 42 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb1_reply.c b/source3/smbd/smb1_reply.c index d53f5902da4..de6b4d99f79 100644 --- a/source3/smbd/smb1_reply.c +++ b/source3/smbd/smb1_reply.c @@ -52,6 +52,46 @@ #include "source3/printing/rap_jobid.h" #include "source3/lib/substitute.h" +/ + Check if we have a correct fsp pointing to a file. Basic check for open fsp. +/ + +bool check_fsp_open(connection_struct *conn, struct smb_request *req, +files_struct *fsp) +{ + if ((fsp == NULL) || (conn == NULL)) { + reply_nterror(req, NT_STATUS_INVALID_HANDLE); + return false; + } + if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) { + reply_nterror(req, NT_STATUS_INVALID_HANDLE); + return false; + } + return true; +} + +/ + Check if we have a correct fsp pointing to a file. +/ + +bool check_fsp(connection_struct *conn, struct smb_request *req, + files_struct *fsp) +{ + if (!check_fsp_open(conn, req, fsp)) { + return false; + } + if (fsp->fsp_flags.is_directory) { + reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST); + return false; + } + if (fsp_get_pathref_fd(fsp) == -1) { + reply_nterror(req, NT_STATUS_ACCESS_DENIED); + return false; + } + fsp->num_smb_operations++; + return true; +} + / Reply to a tcon. conn POINTER CAN BE NULL HERE ! @@ -4744,7 +4784,6 @@ void reply_close(struct smb_request *smb1req) */
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c9a6e242d15 s3: smbd: Strip any leading '\' characters if the SMB2 DFS flag is set. via d99d14cbc1d s3: smbtorture: Add SMB2-DFS-FILENAME-LEADING-BACKSLASH test. from 01cdc5e00be lib/replace - add extra check to bsd_attr_list https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c9a6e242d15ee707a2e30f973fd37e80b3225aca Author: Jeremy Allison Date: Tue Jan 3 18:28:54 2023 -0800 s3: smbd: Strip any leading '\\' characters if the SMB2 DFS flag is set. MacOS clients send SMB2 DFS pathnames as \server\share\file\name. Ensure smbd can cope with this by stipping any leading '\\' characters from an SMB2 packet with the DFS flag set. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15277 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jan 4 07:46:06 UTC 2023 on sn-devel-184 commit d99d14cbc1db2e59e6c0d6169dd623bfb686fa0f Author: Jeremy Allison Date: Tue Jan 3 17:53:17 2023 -0800 s3: smbtorture: Add SMB2-DFS-FILENAME-LEADING-BACKSLASH test. Shows that we fail to cope with MacOSX clients that send a (or more than one) leading '\\' character for an SMB2 DFS pathname. I missed this in earlier tests as Windows, Linux, and libsmbclient clients do NOT send a leading backslash for SMB2 DFS paths. Only MacOSX (sigh:-). Passes against Windows. Adds a knownfail for smbd. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15277 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke --- Summary of changes: source3/selftest/tests.py | 14 source3/smbd/smb2_create.c | 13 ++- source3/torture/proto.h | 1 + source3/torture/test_smb2.c | 190 source3/torture/torture.c | 4 + 5 files changed, 220 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index a40316ef532..8039b4a8171 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -257,6 +257,20 @@ plantestsuite("samba3.smbtorture_s3.smb2.SMB2-DFS-PATHS", smbtorture3, "-mSMB2"]) +# BUG: https://bugzilla.samba.org/show_bug.cgi?id=15277 +# MacOSX clients send a leading '\\' character for DFS paths. +# +plantestsuite("samba3.smbtorture_s3.smb2.SMB2-DFS-FILENAME-LEADING-BACKSLASH", +"fileserver", +[os.path.join(samba3srcdir, + "script/tests/test_smbtorture_s3.sh"), +'SMB2-DFS-FILENAME-LEADING-BACKSLASH', +'//$SERVER_IP/msdfs-pathname-share', +'$USERNAME', +'$PASSWORD', +smbtorture3, +"-mSMB2"]) + # # SMB2-NON-DFS-SHARE needs to run against a special share non-msdfs-pathname-share # This is an empty non-DFS share with no links, used merely to test diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index aba339014bb..0f18d5594a4 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -776,6 +776,17 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx, in_file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS; + is_dfs = (smb1req->flags2 & FLAGS2_DFS_PATHNAMES); + if (is_dfs) { + /* +* With a DFS flag set, remove any leading '\\' +* characters from in_name before further processing. +*/ + while (in_name[0] == '\\') { + in_name++; + } + } + state->fname = talloc_strdup(state, in_name); if (tevent_req_nomem(state->fname, req)) { return tevent_req_post(req, state->ev); @@ -960,8 +971,6 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx, state->lease_ptr = NULL; } - is_dfs = (smb1req->flags2 & FLAGS2_DFS_PATHNAMES); - /* convert '\\' into '/' */ status = check_path_syntax_smb2(state->fname, is_dfs); if (tevent_req_nterror(req, status)) { diff --git a/source3/torture/proto.h b/source3/torture/proto.h index 92b7dd4216c..df98a7445d7 100644 --- a/source3/torture/proto.h +++ b/source3/torture/proto.h @@ -123,6 +123,7 @@ bool run_smb2_stream_acl(int dummy); bool run_smb2_dfs_paths(int dummy); bool run_smb2_non_dfs_share(int dummy); bool run_smb2_dfs_share_non_dfs_path(int dummy); +bool run_smb2_dfs_filename_leading_backslash(int dummy); bool run_smb1_dfs_paths(int dummy); bool run_smb1_dfs_se
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 89828c64c9a libsmb: Simplify clistr_is_previous_version_path() via 833cb4cb812 libsmb: Slightly simplify cli_smb2_create_fnum_send() via c64c8af6d4b libsmb: Use clistr_smb2_extract_snapshot_token() in cli_smb2_create_fnum_send() via 157a79f0ca4 s3: lib: Add new clistr_smb2_extract_snapshot_token() function. via fdc6449a3fd s3: smbd: Make extract_snapshot_token() a wrapper for extract_snapshot_token_internal(). via 96d68c6b8ae libsmb: Make a r/w copy of fname in cli_smb2_create_fnum_send() from 9189bd9c9c1 build: Convert winexe to use enabled= in wscript https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 89828c64c9a8114bb5f596bc007a7c126e803d80 Author: Volker Lendecke Date: Thu Dec 15 19:14:48 2022 +0100 libsmb: Simplify clistr_is_previous_version_path() Nobody looks at the out params anymore Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Dec 16 08:42:18 UTC 2022 on sn-devel-184 commit 833cb4cb8126dcbee914551bcd2e852cec67786c Author: Volker Lendecke Date: Thu Dec 15 19:10:09 2022 +0100 libsmb: Slightly simplify cli_smb2_create_fnum_send() We can now write to fname directly. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c64c8af6d4b121b0fa7ebe13b5c7c28ee9cc8053 Author: Jeremy Allison Date: Thu Dec 15 13:32:35 2022 -0800 libsmb: Use clistr_smb2_extract_snapshot_token() in cli_smb2_create_fnum_send() Now that fname is writable, we can avoid a bit of complexity with clistr_smb2_extract_snapshot_token() Signed-off-by: Volker Lendecke Signed-off-by: Jeremy Allison commit 157a79f0ca45a19db0826a7b49ab0582e8191a68 Author: Jeremy Allison Date: Thu Dec 15 13:26:49 2022 -0800 s3: lib: Add new clistr_smb2_extract_snapshot_token() function. Strips @GMT from client pathnames for SMB2 (uses '\\' separator). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit fdc6449a3fdfb342184d6a30f22d8cf9cf708841 Author: Jeremy Allison Date: Thu Dec 15 13:24:12 2022 -0800 s3: smbd: Make extract_snapshot_token() a wrapper for extract_snapshot_token_internal(). Allows us to pass in path separator from a new function without changing existing calling code. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 96d68c6b8aef33d6a227f3b52c241140cc0e8246 Author: Volker Lendecke Date: Thu Dec 15 18:54:58 2022 +0100 libsmb: Make a r/w copy of fname in cli_smb2_create_fnum_send() We're messing with this in 2 places in this routine and have to make a copy in both places. Make this writable, so we don't have to make a copy further down. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/lib/util_path.c| 34 ++--- source3/lib/util_path.h| 6 ++ source3/libsmb/cli_smb2_fnum.c | 43 ++ source3/libsmb/clifile.c | 28 +-- source3/libsmb/clilist.c | 4 ++-- 5 files changed, 46 insertions(+), 69 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/util_path.c b/source3/lib/util_path.c index 5a94b391dd6..9c9c6eb5807 100644 --- a/source3/lib/util_path.c +++ b/source3/lib/util_path.c @@ -260,10 +260,7 @@ static bool find_snapshot_token( return true; } -bool clistr_is_previous_version_path(const char *path, -const char **startp, -const char **endp, -NTTIME *ptwrp) +bool clistr_is_previous_version_path(const char *path) { const char *start = NULL; const char *next = NULL; @@ -271,30 +268,17 @@ bool clistr_is_previous_version_path(const char *path, bool ok; ok = find_snapshot_token(path, '\\', , , ); - if (!ok) { - return false; - } - - if (startp != NULL) { - *startp = start; - } - if (endp != NULL) { - *endp = next; - } - if (ptwrp != NULL) { - *ptwrp = twrp; - } - return true; + return ok; } -bool extract_snapshot_token(char *fname, NTTIME *twrp) +static bool extract_snapshot_token_internal(char *fname, NTTIME *twrp, char sep) { const char *start = NULL; const char *next = NULL; size_t remaining; bool found; - found = find_snapshot_token(fname, '/', , , twrp); + found = find_snapshot_token(fname, sep, , , twrp); if (!found) { return false
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5259926de71 s4/torture/smb2: avoid possibly closing undefined handle from 5d82af05f31 smbd: Remove a few "extern userdom_struct current_user_info" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5259926de71d9915f6152d99e20cce3920ba4aeb Author: Douglas Bagnall Date: Tue Dec 13 10:11:17 2022 +1300 s4/torture/smb2: avoid possibly closing undefined handle From OSS-Fuzz compilation: Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1456:2: error: variable 'dir_handle' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized] Step #3 - "compile-honggfuzz-address-x86_64": torture_assert_ntstatus_ok_goto(tctx, status, ret, done, Step #3 - "compile-honggfuzz-address-x86_64": ^~~~ Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:748:3: note: expanded from macro 'torture_assert_ntstatus_ok_goto' Step #3 - "compile-honggfuzz-address-x86_64": torture_assert_ntstatus_equal_goto(torture_ctx,expr,NT_STATUS_OK,ret,label,cmt) Step #3 - "compile-honggfuzz-address-x86_64": ^~~ Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:316:6: note: expanded from macro 'torture_assert_ntstatus_equal_goto' Step #3 - "compile-honggfuzz-address-x86_64": if (!NT_STATUS_EQUAL(__got, __expected)) { \ Step #3 - "compile-honggfuzz-address-x86_64": ^~~ Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1582:24: note: uninitialized use occurs here Step #3 - "compile-honggfuzz-address-x86_64": smb2_util_close(tree, dir_handle); Step #3 - "compile-honggfuzz-address-x86_64": ^~ Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1456:2: note: remove the 'if' if its condition is always false Step #3 - "compile-honggfuzz-address-x86_64": torture_assert_ntstatus_ok_goto(tctx, status, ret, done, Step #3 - "compile-honggfuzz-address-x86_64": ^ Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:748:3: note: expanded from macro 'torture_assert_ntstatus_ok_goto' Step #3 - "compile-honggfuzz-address-x86_64": torture_assert_ntstatus_equal_goto(torture_ctx,expr,NT_STATUS_OK,ret,label,cmt) Step #3 - "compile-honggfuzz-address-x86_64": ^ Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:316:2: note: expanded from macro 'torture_assert_ntstatus_equal_goto' Step #3 - "compile-honggfuzz-address-x86_64": if (!NT_STATUS_EQUAL(__got, __expected)) { \ Step #3 - "compile-honggfuzz-address-x86_64": ^ Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1434:2: note: variable 'dir_handle' is declared here Step #3 - "compile-honggfuzz-address-x86_64": struct smb2_handle dir_handle; Step #3 - "compile-honggfuzz-address-x86_64": ^ Signed-off-by: Douglas Bagnall Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Dec 13 07:45:20 UTC 2022 on sn-devel-184 --- Summary of changes: source4/torture/smb2/dir.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/smb2/dir.c b/source4/torture/smb2/dir.c index 3acd655e366..049e208f02a 100644 --- a/source4/torture/smb2/dir.c +++ b/source4/torture/smb2/dir.c @@ -1453,8 +1453,8 @@ static bool test_1k_files_rename(struct torture_context *tctx, }; status = smb2_create(tree, tree, ); - torture_assert_ntstatus_ok_goto(tctx, status, ret, done, - "Could not create test directory"); + torture_assert_ntstatus_ok(tctx, status, + "Could not create test directory"); dir_handle = dir.out.file.handle; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 70e8da42917 s3:libads: Fix debug message from 99480c50ca6 smbd: Close the opened file in smbd_smb2_create_after_exec() error case https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 70e8da4291727329ba239da48de6eec16217864e Author: Pavel Filipenský Date: Thu Dec 8 15:19:09 2022 +0100 s3:libads: Fix debug message 652c8ce1 has introduced talloc_move() which zeroes kdc_str Signed-off-by: Pavel Filipenský Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Dec 8 16:06:48 UTC 2022 on sn-devel-184 --- Summary of changes: source3/libads/kerberos.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 3fd86e87064..4accfdecb4a 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -592,7 +592,7 @@ static char *get_kdc_ip_string(char *mem_ctx, result = talloc_move(mem_ctx, _str); out: if (result != NULL) { - DBG_DEBUG("Returning\n%s\n", kdc_str); + DBG_DEBUG("Returning\n%s\n", result); } else { DBG_NOTICE("Failed to get KDC ip address\n"); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0c2146eb00c lib/compression: Include missing stat header file from f569f2c17f8 python/samba: use s3 param samba config parsing https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0c2146eb00c0e4fc4c933c3d5f2bf3469c3671ba Author: Anoop C S Date: Mon Dec 5 16:24:46 2022 +0530 lib/compression: Include missing stat header file was missing from compression library tests which resulted in the following compile time error: ../../lib/compression/tests/test_lzx_huffman.c: In function ‘datablob_from_file’: ../../lib/compression/tests/test_lzx_huffman.c:383:21: error: storage size of ‘s’ isn’t known 383 | struct stat s; | ^ ../../lib/compression/tests/test_lzx_huffman.c:389:15: warning: implicit declaration of function ‘fstat’ [-Wimplicit-function-declaration] 389 | ret = fstat(fileno(fh), ); | ^ Signed-off-by: Anoop C S Reviewed-by: Douglas Bagnall Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Dec 6 11:39:16 UTC 2022 on sn-devel-184 --- Summary of changes: lib/compression/tests/test_lzx_huffman.c| 1 + lib/compression/tests/test_lzxpress_plain.c | 1 + 2 files changed, 2 insertions(+) Changeset truncated at 500 lines: diff --git a/lib/compression/tests/test_lzx_huffman.c b/lib/compression/tests/test_lzx_huffman.c index da094555c2d..3a055183f7b 100644 --- a/lib/compression/tests/test_lzx_huffman.c +++ b/lib/compression/tests/test_lzx_huffman.c @@ -27,6 +27,7 @@ #include #include #include +#include #include "replace.h" #include #include "lzxpress_huffman.h" diff --git a/lib/compression/tests/test_lzxpress_plain.c b/lib/compression/tests/test_lzxpress_plain.c index 57130852fc9..17e5a26207b 100644 --- a/lib/compression/tests/test_lzxpress_plain.c +++ b/lib/compression/tests/test_lzxpress_plain.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include "includes.h" #include "talloc.h" -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6ea1af287ee smbd: Simplify symlink_target_below_conn() via f31fb6e1ad0 smbd: Simplify readlink_talloc() via 453f846e189 smbd: No dfs_filename_convert() in filename_convert_smb1_search_path() via 71772c48f24 libsmb: Remove sync cli_posix_readlink() wrapper via a7f4ed09084 smbclient: Use cli_readlink via f17131020ec libsmb: Make readlink issue posix_readlink via 4be2569c002 smbd: Fix a comment via a1a0a7119d7 smbd: Slightly simplify smb_posix_unlink() via 0996ccdb821 tests: Test error codes for SET_REPARSE_POINT via 96580c8e195 tests: Try setting a 0-sized reparse point via b58f5f3379a tests: Ignore symlink trusts flags in symlink error returns via ec86c377238 pylibsmb: Add symlink flags via 7239d756290 lib: Add symlink trust flags from dochelp via f10f259eaeb tests: Fix use of self.assertRaises() via 73233bc341e tests: Show that we can write to a reparse point file via 62302849dd9 tests: Show that a directory with a reparse point can't be populated via 7fe3fab655e tests: IO_REPARSE_TAG_NOT_HANDLED is acceptable for unlink from ef8c8ac54cd s3:utils: Fix stack smashing in net offlinejoin https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6ea1af287eef832641464c6f764ea84a484a06f7 Author: Volker Lendecke Date: Sun Dec 4 12:16:39 2022 +0100 smbd: Simplify symlink_target_below_conn() readlink_talloc() deals exactly the same way with a NULL relname Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Dec 5 16:06:51 UTC 2022 on sn-devel-184 commit f31fb6e1ad0664fdba351822ec754c0d1b771657 Author: Volker Lendecke Date: Sun Dec 4 12:14:12 2022 +0100 smbd: Simplify readlink_talloc() SMB_VFS_READLINKAT() just looks at the basename, we can avoid the relname being talloc'ed Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 453f846e1897f7cbcc454f3095eb21d7ffb32be8 Author: Volker Lendecke Date: Mon Oct 24 19:56:31 2022 +0200 smbd: No dfs_filename_convert() in filename_convert_smb1_search_path() We further down call filename_convert_dirfsp(), which also has this call. No need to copy that code here as well. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 71772c48f241bdc048f99f297b5e0a77fdfda253 Author: Volker Lendecke Date: Sun Dec 4 11:07:09 2022 +0100 libsmb: Remove sync cli_posix_readlink() wrapper cli_readlink() now covers smb1 posix extensions as well Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit a7f4ed090845023069693412033da803edc32a31 Author: Volker Lendecke Date: Wed Oct 12 20:38:14 2022 +0200 smbclient: Use cli_readlink Make smbclient's readlink command also work for SMB2 reparse style symlink. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit f17131020ec23c5b88f56b4c8f4dfd4d3e88d6a2 Author: Volker Lendecke Date: Wed Oct 12 20:35:10 2022 +0200 libsmb: Make readlink issue posix_readlink Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 4be2569c002a8d592e08b0f1fb8b85154082e4a5 Author: Volker Lendecke Date: Tue Oct 11 17:01:28 2022 +0200 smbd: Fix a comment Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit a1a0a7119d746b884de43db6466b9e064d124a87 Author: Volker Lendecke Date: Wed Oct 12 07:27:36 2022 +0200 smbd: Slightly simplify smb_posix_unlink() We did check VALID_STAT() above. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 0996ccdb821692f037eb1f6f2c01490aa7ab062e Author: Volker Lendecke Date: Fri Dec 2 10:34:55 2022 +0100 tests: Test error codes for SET_REPARSE_POINT Signed-off-by: Volker Lendecke Reviewed-by: David Mulder commit 96580c8e1957776a8564fc73363f30259827a686 Author: Volker Lendecke Date: Fri Dec 2 10:20:06 2022 +0100 tests: Try setting a 0-sized reparse point Signed-off-by: Volker Lendecke Reviewed-by: David Mulder commit b58f5f3379abac496d27f6afc0e31c8b874aa851 Author: Volker Lendecke Date: Fri Dec 2 10:17:15 2022 +0100 tests: Ignore symlink trusts flags in symlink error returns Signed-off-by: Volker Lendecke Reviewed-by: David Mulder commit ec86c377238ccc4e00b36ed3c9fe203a19a8139b Author: Volker Lendecke Date: Fri Dec 2 10:10:12 2022 +0100 pylibsmb: Add symlink flags Signed-off-by: Volker Lendecke Reviewed-by: David Mulder commit 7239d756290292f5056ea0235630e8413ef5960f Author: Volker Lendecke Date: Fri Dec 2 10:06:31 2022 +0100 lib: Add symlink
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b97d31abb44 nsswitch:tests: Use ldb(modify|search) from the system via 5ea3a15be68 manpages: samba-dcerpcd: fix typo (add missing space) from 5f2565f0a8e testprogs: Do not run tests if undump.sh is not available https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b97d31abb44717a35951a9fcbef0248a7fb150af Author: Andreas Schneider Date: Thu Dec 1 15:49:43 2022 +0100 nsswitch:tests: Use ldb(modify|search) from the system If Samba is built against the system libldb, use the system tools. Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Dec 5 09:36:40 UTC 2022 on sn-devel-184 commit 5ea3a15be6896a0520382610e5d4ce6ac207aeec Author: Mikhail Novosyolov Date: Fri Oct 21 12:08:39 2022 +0300 manpages: samba-dcerpcd: fix typo (add missing space) Signed-off-by: Mikhail Novosyolov Reviewed-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: docs-xml/manpages/samba-dcerpcd.8.xml | 2 +- nsswitch/tests/test_idmap_ad.sh | 11 +-- 2 files changed, 10 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/samba-dcerpcd.8.xml b/docs-xml/manpages/samba-dcerpcd.8.xml index da8b77c9517..1e6f1918a17 100644 --- a/docs-xml/manpages/samba-dcerpcd.8.xml +++ b/docs-xml/manpages/samba-dcerpcd.8.xml @@ -70,7 +70,7 @@ helpers">true is set (the default setting), it is invoked on demand from smbd or winbind with a command line - containing--np-helper to serve DCERPC over named pipes + containing --np-helper to serve DCERPC over named pipes (np). It can also be used in a standalone mode where it is started separately from smbd or winbind via system startup scripts. If diff --git a/nsswitch/tests/test_idmap_ad.sh b/nsswitch/tests/test_idmap_ad.sh index 323aa1728d0..aef74bead96 100755 --- a/nsswitch/tests/test_idmap_ad.sh +++ b/nsswitch/tests/test_idmap_ad.sh @@ -16,8 +16,15 @@ TRUST_SERVER="$5" TRUST_PASSWORD="$6" wbinfo="$VALGRIND $BINDIR/wbinfo" -ldbmodify="$VALGRIND $BINDIR/ldbmodify" -ldbsearch="$VALGRIND $BINDIR/ldbsearch" +ldbmodify="${VALGRIND} ldbmodify" +if [ -x "${BINDIR}/ldbmodify" ]; then + ldbmodify="${VALGRIND} ${BINDIR}/ldbmodify" +fi + +ldbsearch="${VALGRIND} ldbsearch" +if [ -x "${BINDIR}/ldbsearch" ]; then + ldbsearch="${VALGRIND} ${BINDIR}/ldbsearch" +fi failed=0 -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5f2565f0a8e testprogs: Do not run tests if undump.sh is not available via 7d8347e8900 testprogs: If built against system db use the system tools in ldapcmp_restoredc.sh via 9a97e54f35a testprogs: If built against system db use the system tools in test_net_ads_dns.sh via 4b9d1b36424 testprogs: If built against system db use the system tools in test_trust_token.sh via c0d7642a372 testprogs: If built against system db use the system tools in test_primary_group.sh from a451fa5ef93 lib:compression: Initialize variables https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5f2565f0a8e57d7afb3cc84157c9ed9c55e66e01 Author: Andreas Schneider Date: Sat Dec 3 18:06:43 2022 +0100 testprogs: Do not run tests if undump.sh is not available We don't include source4/selftest/provisions/ in source tarballs! Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Dec 5 08:22:29 UTC 2022 on sn-devel-184 commit 7d8347e8900ae01fc7073a8b9647c37959dfbe7c Author: Andreas Schneider Date: Sun Dec 4 19:46:36 2022 +0100 testprogs: If built against system db use the system tools in ldapcmp_restoredc.sh Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit 9a97e54f35af800c5ccb15e54399d8935bf4f70d Author: Andreas Schneider Date: Sun Dec 4 19:44:52 2022 +0100 testprogs: If built against system db use the system tools in test_net_ads_dns.sh Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit 4b9d1b3642428d8445ddfb46b47de394e80d5857 Author: Andreas Schneider Date: Sun Dec 4 19:34:35 2022 +0100 testprogs: If built against system db use the system tools in test_trust_token.sh Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit c0d7642a372de20aed498d4830a59a9a5af57020 Author: Andreas Schneider Date: Sat Dec 3 17:48:33 2022 +0100 testprogs: If built against system db use the system tools in test_primary_group.sh Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: testprogs/blackbox/ldapcmp_restoredc.sh | 7 ++- testprogs/blackbox/test_net_ads_dns.sh | 13 +++-- testprogs/blackbox/test_primary_group.sh | 22 -- testprogs/blackbox/test_special_group.sh | 7 +++ testprogs/blackbox/test_trust_token.sh | 7 --- 5 files changed, 44 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/testprogs/blackbox/ldapcmp_restoredc.sh b/testprogs/blackbox/ldapcmp_restoredc.sh index 831b992e960..bf3ba321d8f 100755 --- a/testprogs/blackbox/ldapcmp_restoredc.sh +++ b/testprogs/blackbox/ldapcmp_restoredc.sh @@ -15,10 +15,15 @@ shift 2 . $(dirname $0)/subunit.sh +ldbsearch="${VALGRIND} ldbsearch" +if [ -x "${BINDIR}/ldbsearch" ]; then + ldbsearch="${VALGRIND} ${BINDIR}/ldbsearch" +fi + basedn() { SAMDB_PATH=$1 - $BINDIR/ldbsearch -H $SAMDB_PATH --basedn='' --scope=base defaultNamingContext | grep defaultNamingContext | awk '{print $2}' + ${ldbsearch} -H $SAMDB_PATH --basedn='' --scope=base defaultNamingContext | grep defaultNamingContext | awk '{print $2}' } ldapcmp_with_orig() diff --git a/testprogs/blackbox/test_net_ads_dns.sh b/testprogs/blackbox/test_net_ads_dns.sh index 2409420f785..feb731ca1fe 100755 --- a/testprogs/blackbox/test_net_ads_dns.sh +++ b/testprogs/blackbox/test_net_ads_dns.sh @@ -25,8 +25,17 @@ samba_tool="$samba4bindir/samba-tool" net_tool="$samba4bindir/net" smbpasswd="$samba4bindir/smbpasswd" texpect="$samba4bindir/texpect" -ldbsearch="$samba4bindir/ldbsearch" -ldbmodify="$samba4bindir/ldbmodify" + +ldbsearch="${VALGRIND} ldbsearch" +if [ -x "${BINDIR}/ldbsearch" ]; then + ldbsearch="${VALGRIND} ${BINDIR}/ldbsearch" +fi + +ldbmodify="${VALGRIND} ldbmodify" +if [ -x "${BINDIR}/ldbmodify" ]; then + ldbmodify="${VALGRIND} ${BINDIR}/ldbmodify" +fi + newuser="$samba_tool user create" groupaddmem="$samba_tool group addmembers" diff --git a/testprogs/blackbox/test_primary_group.sh b/testprogs/blackbox/test_primary_group.sh index cd2d61495f2..e71504338e5 100755 --- a/testprogs/blackbox/test_primary_group.sh +++ b/testprogs/blackbox/test_primary_group.sh @@ -21,6 +21,16 @@ failed=0 . $(dirname $0)/subunit.sh . $(dirname $0)/common_test_fns.inc +ldbsearch="${VALGRIND} ldbsearch" +if [ -x "${BINDIR}/ldbsearch" ]; then + ldbsearch="${VALGRIND} ${BINDIR}/ldbsearch" +fi
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cffe96ef613 nfs4_acl: Add comment for setting ACL as root via 154a0613f89 posix_acls: Make try_chown and unpack_nt_owners static via bfb4b368e10 nfs4_acls: Call chown_if_needed function to remove duplicate code via eeb8a66bf76 posix_acl: Move chown checks to new function via 1f3826a7f65 posix_acls: Remove redundant call to save mode from d9c192546fa lib/compression/lzxpress: fix our slow compression https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cffe96ef6132966305c640a329ed91f0f9514452 Author: Christof Schmitt Date: Tue Nov 29 16:51:10 2022 -0700 nfs4_acl: Add comment for setting ACL as root Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Dec 2 08:02:13 UTC 2022 on sn-devel-184 commit 154a0613f89a84becd6461e36d61a80509b9a9ef Author: Christof Schmitt Date: Tue Jul 12 16:35:37 2022 -0700 posix_acls: Make try_chown and unpack_nt_owners static These functions are now only called from check_chown in posix_acls.c Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke commit bfb4b368e1031c9c61274572fe8a453c055267a7 Author: Christof Schmitt Date: Tue Jul 12 16:32:08 2022 -0700 nfs4_acls: Call chown_if_needed function to remove duplicate code Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke commit eeb8a66bf76e4cc095532887cf2532b10e31b23f Author: Christof Schmitt Date: Tue Nov 29 16:46:24 2022 -0700 posix_acl: Move chown checks to new function Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke commit 1f3826a7f65a9123be6ebe3f9cc234ca691b28ec Author: Christof Schmitt Date: Tue Jul 12 16:08:07 2022 -0700 posix_acls: Remove redundant call to save mode The same assignment is already done earlier, and nothing is changed in between. Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke --- Summary of changes: source3/modules/nfs4_acls.c | 51 source3/smbd/posix_acls.c | 111 +--- source3/smbd/proto.h| 5 +- 3 files changed, 77 insertions(+), 90 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index ff446bb1166..2daae990042 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -978,8 +978,6 @@ NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp, boolresult, is_directory; bool set_acl_as_root = false; - uid_t newUID = (uid_t)-1; - gid_t newGID = (gid_t)-1; int saved_errno; NTSTATUS status; TALLOC_CTX *frame = talloc_stackframe(); @@ -1019,49 +1017,20 @@ NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp, is_directory = S_ISDIR(fsp->fsp_name->st.st_ex_mode); if (pparams->do_chown) { - /* chown logic is a copy/paste from posix_acl.c:set_nt_acl */ - - uid_t old_uid = fsp->fsp_name->st.st_ex_uid; - gid_t old_gid = fsp->fsp_name->st.st_ex_gid; - status = unpack_nt_owners(fsp->conn, , , - security_info_sent, psd); + /* +* When the chown succeeds, the special entries in the +* file system ACL refer to the new owner. In order to +* apply the complete information from the DACL, +* setting the ACL then has to succeed. Track this +* case with set_acl_as_root and set the ACL as root +* accordingly. +*/ + status = chown_if_needed(fsp, security_info_sent, psd, +_acl_as_root); if (!NT_STATUS_IS_OK(status)) { - DEBUG(8, ("unpack_nt_owners failed")); TALLOC_FREE(frame); return status; } - if (((newUID != (uid_t)-1) && (old_uid != newUID)) || - ((newGID != (gid_t)-1) && (old_gid != newGID))) - { - status = try_chown(fsp, newUID, newGID); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(3,("chown %s, %u, %u failed. Error = " -"%s.\n", fsp_str_dbg(fsp), -(unsigned int)newUID, -(unsigned int)newGID, -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 357bafe6258 smbd: Allow POSIX getinfo levels for smb3 unix extensions via bbc82a5d425 s3: Test that store_smb2_posix_info hides info for '..' via d0ad452fc81 s3: smbd: store_smb2_posix_info hide info for '..' via bdb98c83974 smbd: Implement SMB2_FS_POSIX_INFORMATION_INTERNAL via a73d9032388 tests/s3: Test file/dir permissions with SMB3 posix via 09c8426b95a tests/s3: Test case sensitive open with SMB3 posix via 160173ee064 tests/s3: Test delete on close with SMB3 posix via f481cd4a60a libcli: Add client support for SMB2_FILE_POSIX_INFORMATION via f0e1137425f tests/s3: Test reserved chars in posix filename via 08226d6c2e8 smbd: Implement SMB2_FILE_POSIX_INFORMATION in smbd_marshall_dir_entry via 7c2f08d564f tests/s3: Test SMB2_FIND_POSIX_INFORMATION dir query via 284787996d4 libsmb: Allow listing with posix context via 99de8d7cfa3 libsmb: Make info_level configurable in dir listing via 2c1a02d622c smbd: Plumb SMB2_FIND_POSIX_INFORMATION through the directory reading code. via 72004f8f948 s3: smbd: Add SMB2_FILE_POSIX_INFORMATION getinfo info level (100 on the wire). from 535a08dfc4c smbd: reject FILE_ATTRIBUTE_TEMPORARY on directories https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 357bafe62584e2ca1bbf0dfaf6f949262daf59dc Author: Volker Lendecke Date: Tue Nov 22 16:00:53 2022 +0100 smbd: Allow POSIX getinfo levels for smb3 unix extensions Signed-off-by: Volker Lendecke Reviewed-by: David Mulder Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Nov 29 11:23:58 UTC 2022 on sn-devel-184 commit bbc82a5d425ad51a269e1ab8e4db859943fcc4ff Author: David Mulder Date: Thu Nov 3 10:28:58 2022 -0600 s3: Test that store_smb2_posix_info hides info for '..' Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit d0ad452fc81f65017d1f783e98a58117278d8289 Author: David Mulder Date: Tue Oct 18 07:37:47 2022 -0600 s3: smbd: store_smb2_posix_info hide info for '..' When receiving a query for '..', hide the owner and group sids, the inode, and the dev id. Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit bdb98c8397462805b4cdfaedeee24c5d2b294b86 Author: David Mulder Date: Mon Sep 12 16:09:50 2022 -0700 smbd: Implement SMB2_FS_POSIX_INFORMATION_INTERNAL Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit a73d903238807f0e53c70dc2ecb017093206b7e8 Author: David Mulder Date: Fri Aug 5 14:00:30 2022 -0600 tests/s3: Test file/dir permissions with SMB3 posix Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 09c8426b95a0f95e10e1c22a1f0a285ce81fb19f Author: David Mulder Date: Fri Aug 5 13:05:48 2022 -0600 tests/s3: Test case sensitive open with SMB3 posix Disabled because we don't handle posix paths correctly yet. Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 160173ee0641c871981868ee100d84b4046710a6 Author: David Mulder Date: Fri Aug 5 10:56:32 2022 -0600 tests/s3: Test delete on close with SMB3 posix Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit f481cd4a60a55a30e78fe6da4aa5f5fe90fa433e Author: David Mulder Date: Fri Jul 8 13:15:51 2022 -0600 libcli: Add client support for SMB2_FILE_POSIX_INFORMATION Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit f0e1137425f5ed1ff97c729e4b39be626602e6b7 Author: David Mulder Date: Thu Jul 7 12:57:01 2022 -0600 tests/s3: Test reserved chars in posix filename Disabled because we don't handle posix paths correctly yet. Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 08226d6c2e8ed1e1d8104afcfcea37a66de0a413 Author: David Mulder Date: Fri Jun 17 15:06:29 2022 -0600 smbd: Implement SMB2_FILE_POSIX_INFORMATION in smbd_marshall_dir_entry Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 7c2f08d564f74d8259d0ad8c3b25923eb3e5ece4 Author: David Mulder Date: Wed Jun 15 15:39:00 2022 -0600 tests/s3: Test SMB2_FIND_POSIX_INFORMATION dir query Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 284787996d45ee8e5848a5071b42f114c791a56a Author: David Mulder Date: Tue Sep 20 10:28:20 2022 -0600 libsmb: Allow listing with posix context Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 99de8d7cfa390a06a0a7e5ac14843a3bea3c9365 Author: David Mulder Date: Wed Jun 15 13:20:30 2022 -0600 libsmb: Make info_level configurable in dir listing This was hard coded to SMB2_FIND_ID_BOTH_DIRECTORY_INFO Signed-off-by: David Mulder Reviewed-by: Volker
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3b9ccfa4ac7 net: use correct printf format, fi3_id is an uint32_t from 95676825adb gitlab-ci: do some basic testing on ubuntu1804-32bit https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3b9ccfa4ac73332f324426dec940579e5eac96bc Author: Ralph Boehme Date: Tue Jan 10 12:22:28 2017 +0100 net: use correct printf format, fi3_id is an uint32_t Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Nov 24 16:39:12 UTC 2022 on sn-devel-184 --- Summary of changes: source3/utils/net_rpc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 1c89ffcd5e5..e1a0c491dd4 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -5644,7 +5644,7 @@ static int rpc_file_close(struct net_context *c, int argc, const char **argv) static void display_file_info_3(struct FILE_INFO_3 *r) { - d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n", + d_printf("%-7.1" PRIu32 " %-20.20s 0x%-4.2x %-6.1u %s\n", r->fi3_id, r->fi3_username, r->fi3_permissions, r->fi3_num_locks, r->fi3_pathname); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 09e9dd576da torture: Test the "server addresses" parameter via f9a3a6b434f testprogs: Fix testit_expect_failure_grep() via 55feb593012 testprogs: Add testit_grep_count() helper via e24481251dd srvsvc: Only list shares in "server addresses" via 23167a4dd7b smbd: Implement "server addresses" for tree connect via 9321a533cdc lib: Add lp_allow_local_address() via d9c4f94e4fd smbd: Add "server addresses" parameter via 12edd038cfa smbd: Some whitespace fixes from 4a68d43b7b0 third_party: Update nss_wrapper to version 1.1.13 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 09e9dd576dad5a38287b2241a965f769f1264292 Author: Volker Lendecke Date: Mon Nov 7 20:34:57 2022 +0100 torture: Test the "server addresses" parameter Thanks to Metze for the hint that all file servers already listen on 2 addressess -- V4 and V6 :-) Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Nov 10 08:23:14 UTC 2022 on sn-devel-184 commit f9a3a6b434f6b82303241a57beae3e1762a2c41d Author: Volker Lendecke Date: Wed Nov 9 14:09:34 2022 +0100 testprogs: Fix testit_expect_failure_grep() Callers expect success (i.e. retval==0) if grep failed with non-zero error status. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 55feb593012fc5b24e795a00081666fca740429c Author: Volker Lendecke Date: Wed Nov 9 14:04:23 2022 +0100 testprogs: Add testit_grep_count() helper Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit e24481251ddc64abfd51b9bd101833814defd8c4 Author: Volker Lendecke Date: Fri Oct 21 17:02:07 2022 +0200 srvsvc: Only list shares in "server addresses" Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 23167a4dd7be30123f66826999db559a4bc0db7d Author: Volker Lendecke Date: Fri Oct 21 16:58:36 2022 +0200 smbd: Implement "server addresses" for tree connect Only allow share connections if the server address matches Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 9321a533cdc3cbb81afa03bcf3cd5030b8b317ea Author: Volker Lendecke Date: Fri Oct 21 16:45:35 2022 +0200 lib: Add lp_allow_local_address() Helper function for listing and accessing shares Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit d9c4f94e4fde22a91c230d2ddb2eb3b9c56f88b0 Author: Volker Lendecke Date: Fri Oct 21 17:01:21 2022 +0200 smbd: Add "server addresses" parameter This is a per-share parameter to limit share visibility and accessibility to specific server IP addresses. This can be used to limit the visibility and accessibility of shares on different subnets offered by the server. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 12edd038cfa1326c517cb51e6b4c7bdf75f471fa Author: Volker Lendecke Date: Fri Oct 21 09:17:42 2022 +0200 smbd: Some whitespace fixes Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher --- Summary of changes: docs-xml/smbdotconf/browse/server_addresses.xml | 12 + selftest/target/Samba3.pm | 4 ++ source3/include/proto.h | 2 + source3/lib/util_sock.c | 1 + source3/param/service.c | 69 + source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 10 +++- source3/script/tests/test_server_addresses.sh | 32 source3/selftest/tests.py | 5 ++ source3/smbd/smb2_service.c | 35 +++-- testprogs/blackbox/subunit.sh | 31 ++- 10 files changed, 193 insertions(+), 8 deletions(-) create mode 100644 docs-xml/smbdotconf/browse/server_addresses.xml create mode 100755 source3/script/tests/test_server_addresses.sh Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/browse/server_addresses.xml b/docs-xml/smbdotconf/browse/server_addresses.xml new file mode 100644 index 000..e1dd6d60f8e --- /dev/null +++ b/docs-xml/smbdotconf/browse/server_addresses.xml @@ -0,0 +1,12 @@ +http://www.samba.org/samba/DTD/samba-doc;> + + This is a per-share parameter to limit share visibility and + accessibility to specific server IP addresses. Multi-homed servers + can offer a different set of shares per interface. + An empty list means to offer a share on all interfaces. + + + diff --git a/selftest/target/Samba3.pm b/selftest/target/Sa
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 76adda9d2fe lib/replace: fix memory leak in snprintf replacements from 3030813765f gp: Ignore crontab -l error, since it means empty https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 76adda9d2fea9f93f4cf97536db5c0be6deeb98c Author: Stefan Metzmacher Date: Mon Oct 31 13:16:25 2022 +0100 lib/replace: fix memory leak in snprintf replacements BUG: https://bugzilla.samba.org/show_bug.cgi?id=15230 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Nov 9 11:18:02 UTC 2022 on sn-devel-184 --- Summary of changes: lib/replace/snprintf.c | 2 ++ 1 file changed, 2 insertions(+) Changeset truncated at 500 lines: diff --git a/lib/replace/snprintf.c b/lib/replace/snprintf.c index 6e4424b0b31..de814af4164 100644 --- a/lib/replace/snprintf.c +++ b/lib/replace/snprintf.c @@ -751,6 +751,8 @@ done: while (chunks) { cnk = chunks->next; + if (chunks->min_star) free(chunks->min_star); + if (chunks->max_star) free(chunks->max_star); free(chunks); chunks = cnk; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ffc59fe0946 smbd: Correct store_smb2_posix_info size check from 69273c3a836 docs-xml: ea support option restricted to user ns https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ffc59fe094612ca2ed549a5a7c7bc7017401991c Author: David Mulder Date: Fri Sep 9 08:14:44 2022 -0600 smbd: Correct store_smb2_posix_info size check Signed-off-by: David Mulder Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Oct 28 13:43:59 UTC 2022 on sn-devel-184 --- Summary of changes: source3/smbd/smb2_posix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_posix.c b/source3/smbd/smb2_posix.c index 6f7f106726f..9dbe16be42e 100644 --- a/source3/smbd/smb2_posix.c +++ b/source3/smbd/smb2_posix.c @@ -111,7 +111,7 @@ ssize_t store_smb2_posix_info( return -1; } - if (cc_len + 68 < buflen) { + if (buflen < cc_len + 68) { return cc_len + 68; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 69273c3a836 docs-xml: ea support option restricted to user ns via 34c6db64c2f s3: smbd: Consistently map EAs to user namespace from 8c94bbba270 testprogs/blackbox: add 'net ads keytab delete' tests to test_net_ads.sh https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 69273c3a836ede97c7fde74e2f1fdc84e92ec86f Author: Daniel Kobras Date: Fri Oct 21 16:40:14 2022 +0200 docs-xml: ea support option restricted to user ns Update documentation to match current behavior. Signed-off-by: Daniel Kobras Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Oct 28 07:24:18 UTC 2022 on sn-devel-184 commit 34c6db64c2ff62673f8df218487cda4139c10843 Author: Daniel Kobras Date: Mon Sep 26 10:27:19 2022 +0200 s3: smbd: Consistently map EAs to user namespace Samba has always been mapping Windows EAs to the 'user' namespace on the POSIX side. However, in the opposite direction, the mapping would also map other user-readable POSIX EA namespaces to Windows EAs, only stripping the 'user' namespace prefix, and passing all other EA names verbatim. This means any POSIX EA 'other.foo' collides with 'user.other.foo' on the Windows side, hence the mapping of non-user namespaces is unreliable. Also, copy operations via Windows would rename an existing POSIX EA 'other.foo' in the source file to 'user.other.foo' in the destination. The 'user' namespace, however, may not be enabled on the underlying filesystem, leading to subtle failure modes like the ones reported in eg. <https://bugzilla.samba.org/show_bug.cgi?id=15186> Fix the issues by restricting the mapping to the 'user' POSIX EA namespace consistently for either direction. Link: https://lists.samba.org/archive/samba-technical/2022-September/137634.html BUG: https://bugzilla.samba.org/show_bug.cgi?id=15186 Signed-off-by: Daniel Kobras Reviewed-by: Michael Weiser Tested-by: Michael Weiser Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke --- Summary of changes: docs-xml/smbdotconf/protocol/easupport.xml | 9 + source3/smbd/smb2_trans2.c | 23 +-- 2 files changed, 30 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/protocol/easupport.xml b/docs-xml/smbdotconf/protocol/easupport.xml index fd425e8b514..f111a4c23be 100644 --- a/docs-xml/smbdotconf/protocol/easupport.xml +++ b/docs-xml/smbdotconf/protocol/easupport.xml @@ -14,8 +14,17 @@ attributes (e.g. the getfattr1 / setfattr1 utilities must work). + Access to extended user attributes must be allowed by the underlying +filesystem (e.g. when mounted with a system-dependent option like user_xattr on Linux). + +This option exposes the "user" attribute namespace from the underlying filesystem to +clients. In order to match Windows conventions, the namespace prefix ("user.") is +stripped from the attribute name on the client side. The handling of further attribute +namespaces (like "security", "system", or "trusted") is not affected by this option. + + Note that the SMB protocol allows setting attributes whose value is 64K bytes long, and that on NTFS, the maximum storage space for extended attributes per file is 64K. On some filesystem the limits may be lower. Filesystems with too limited EA diff --git a/source3/smbd/smb2_trans2.c b/source3/smbd/smb2_trans2.c index 95cecce96e1..69f6184bff1 100644 --- a/source3/smbd/smb2_trans2.c +++ b/source3/smbd/smb2_trans2.c @@ -454,7 +454,19 @@ static NTSTATUS get_ea_list_from_fsp(TALLOC_CTX *mem_ctx, struct ea_list *listp; fstring dos_ea_name; - if (strnequal(names[i], "system.", 7) + /* +* POSIX EA names are divided into several namespaces by +* means of string prefixes. Usually, the system controls +* semantics for each namespace, but the 'user' namespace is +* available for arbitrary use, which comes closest to +* Windows EA semantics. Hence, we map POSIX EAs from the +* 'user' namespace to Windows EAs, and just ignore all the +* other namespaces. Also, a few specific names in the 'user' +* namespace are used by Samba internally. Filter them out as +* well, and only present the EAs that are available for +* arbitrary use. +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 688be0177b0 ctdb: Fix a use-after-free in run_proc from 9a8bc67f4a5 vfs_glusterfs: Remove special handling of O_CREAT flag https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 688be0177b04d04709813a02ae6da1e983ac25dd Author: Volker Lendecke Date: Fri Sep 30 17:02:41 2022 +0200 ctdb: Fix a use-after-free in run_proc If you happen to talloc_free(run_ctx) before all the tevent_req's hanging off it, you run into the following: ==495196== Invalid read of size 8 ==495196==at 0x10D757: run_proc_state_destructor (run_proc.c:413) ==495196==by 0x488F736: _tc_free_internal (talloc.c:1158) ==495196==by 0x488FBDD: _talloc_free_internal (talloc.c:1248) ==495196==by 0x4890F41: _talloc_free (talloc.c:1792) ==495196==by 0x48538B1: tevent_req_received (tevent_req.c:293) ==495196==by 0x4853429: tevent_req_destructor (tevent_req.c:129) ==495196==by 0x488F736: _tc_free_internal (talloc.c:1158) ==495196==by 0x4890AF6: _tc_free_children_internal (talloc.c:1669) ==495196==by 0x488F967: _tc_free_internal (talloc.c:1184) ==495196==by 0x488FBDD: _talloc_free_internal (talloc.c:1248) ==495196==by 0x4890F41: _talloc_free (talloc.c:1792) ==495196==by 0x10DE62: main (run_proc_test.c:86) ==495196== Address 0x55b77f8 is 152 bytes inside a block of size 160 free'd ==495196==at 0x48399AB: free (vg_replace_malloc.c:538) ==495196==by 0x488FB25: _tc_free_internal (talloc.c:1222) ==495196==by 0x488FBDD: _talloc_free_internal (talloc.c:1248) ==495196==by 0x4890F41: _talloc_free (talloc.c:1792) ==495196==by 0x10D315: run_proc_context_destructor (run_proc.c:329) ==495196==by 0x488F736: _tc_free_internal (talloc.c:1158) ==495196==by 0x488FBDD: _talloc_free_internal (talloc.c:1248) ==495196==by 0x4890F41: _talloc_free (talloc.c:1792) ==495196==by 0x10DE62: main (run_proc_test.c:86) ==495196== Block was alloc'd at ==495196==at 0x483877F: malloc (vg_replace_malloc.c:307) ==495196==by 0x488EAD9: __talloc_with_prefix (talloc.c:783) ==495196==by 0x488EC73: __talloc (talloc.c:825) ==495196==by 0x488F0FC: _talloc_named_const (talloc.c:982) ==495196==by 0x48925B1: _talloc_zero (talloc.c:2421) ==495196==by 0x10C8F2: proc_new (run_proc.c:61) ==495196==by 0x10D4C9: run_proc_send (run_proc.c:381) ==495196==by 0x10DDF6: main (run_proc_test.c:79) This happens because run_proc_context_destructor() directly does a talloc_free() on the struct proc_context's and not the enclosing tevent_req's. run_proc_kill() makes sure that we don't follow proc->req, but it forgets the "state->proc", which is free()'ed, but later dereferenced in run_proc_state_destructor(). This is an attempt at a quick fix, I believe we should convert run_proc_context->plist into an array of tevent_req's, so that we can properly TALLOC_FREE() according to the "natural" hierarchy and not just pull an arbitrary thread out of that heap. Signed-off-by: Volker Lendecke Reviewed-by: Martin Schwenke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Oct 6 15:10:20 UTC 2022 on sn-devel-184 --- Summary of changes: ctdb/common/run_proc.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/common/run_proc.c b/ctdb/common/run_proc.c index d55af6c3a1e..84bc343ba1f 100644 --- a/ctdb/common/run_proc.c +++ b/ctdb/common/run_proc.c @@ -408,10 +408,10 @@ struct tevent_req *run_proc_send(TALLOC_CTX *mem_ctx, static int run_proc_state_destructor(struct run_proc_state *state) { /* Do not get rid of the child process if timeout has occurred */ - if (state->proc->req != NULL) { + if ((state->proc != NULL) && (state->proc->req != NULL)) { state->proc->req = NULL; DLIST_REMOVE(state->run_ctx->plist, state->proc); - talloc_free(state->proc); + TALLOC_FREE(state->proc); } return 0; @@ -439,6 +439,7 @@ static void run_proc_kill(struct tevent_req *req) req, struct run_proc_state); state->proc->req = NULL; + state->proc = NULL; state->result.sig = SIGKILL; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f6b391e04a4 vfs_gpfs: Protect against timestamps before the Unix epoch from d9dda4b7af2 ctdb-scripts: Add debugging variable CTDB_KILLTCP_DEBUGLEVEL https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f6b391e04a4d5974b908f4f375bd2876083aa7b2 Author: Volker Lendecke Date: Mon Aug 22 15:24:01 2022 +0200 vfs_gpfs: Protect against timestamps before the Unix epoch In addition to b954d181cd2 we should also protect against timestamps before the epoch. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15151 Signed-off-by: Volker Lendecke Reviewed-by: Christof Schmitt Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Sep 23 06:50:17 UTC 2022 on sn-devel-184 --- Summary of changes: source3/modules/vfs_gpfs.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 1f3d803e1c5..779627f8115 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1679,10 +1679,10 @@ static int timespec_to_gpfs_time( return 0; } - if (ts.tv_sec > UINT32_MAX) { - DBG_WARNING("GPFS uses 32-bit unsigned timestamps, " - "%ju is too large\n", - (uintmax_t)ts.tv_sec); + if (ts.tv_sec < 0 || ts.tv_sec > UINT32_MAX) { + DBG_NOTICE("GPFS uses 32-bit unsigned timestamps " + "and cannot handle %jd.\n", + (intmax_t)ts.tv_sec); errno = ERANGE; return -1; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1788b59bc0a s3/winbindd: Fix bad access to sid array (with debug level >= info) from e4929866610 s3: torture: Add a comprehensive SMB2 DFS path torture tester. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1788b59bc0aaa8f18186ad9b9945fbd634f02445 Author: Noel Power Date: Wed Aug 31 12:27:53 2022 +0100 s3/winbindd: Fix bad access to sid array (with debug level >= info) ==6436==at 0xA85F95B: dom_sid_string_buf (dom_sid.c:444) ==6436==by 0xA85FBF2: dom_sid_str_buf (dom_sid.c:515) ==6436==by 0x17EDF8: wb_lookupusergroups_recv (wb_lookupusergroups.c:115) ==6436==by 0x17F964: wb_gettoken_gotgroups (wb_gettoken.c:123) ==6436==by 0x56AD332: _tevent_req_notify_callback (tevent_req.c:141) ==6436==by 0x56AD493: tevent_req_finish (tevent_req.c:193) ==6436==by 0x56AD5C0: tevent_req_trigger (tevent_req.c:250) ==6436==by 0x56AC119: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) ==6436==by 0x56AC268: tevent_common_loop_immediate (tevent_immediate.c:236) ==6436==by 0x56B678A: epoll_event_loop_once (tevent_epoll.c:919) ==6436==by 0x56B31C3: std_event_loop_once (tevent_standard.c:110) ==6436==by 0x56AA621: _tevent_loop_once (tevent.c:825) ==6436== ==6436== Invalid read of size 1 ==6436==at 0xA85F95B: dom_sid_string_buf (dom_sid.c:444) ==6436==by 0xA85FBF2: dom_sid_str_buf (dom_sid.c:515) ==6436==by 0x17EDF8: wb_lookupusergroups_recv (wb_lookupusergroups.c:115) ==6436==by 0x17F964: wb_gettoken_gotgroups (wb_gettoken.c:123) ==6436==by 0x56AD332: _tevent_req_notify_callback (tevent_req.c:141) ==6436==by 0x56AD493: tevent_req_finish (tevent_req.c:193) ==6436==by 0x56AD5C0: tevent_req_trigger (tevent_req.c:250) ==6436==by 0x56AC119: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) ==6436==by 0x56AC268: tevent_common_loop_immediate (tevent_immediate.c:236) ==6436==by 0x56B678A: epoll_event_loop_once (tevent_epoll.c:919) ==6436==by 0x56B31C3: std_event_loop_once (tevent_standard.c:110) ==6436==by 0x56AA621: _tevent_loop_once (tevent.c:825) BUG: https://bugzilla.samba.org/show_bug.cgi?id=15160 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Aug 31 15:07:31 UTC 2022 on sn-devel-184 --- Summary of changes: source3/winbindd/wb_lookupusergroups.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/wb_lookupusergroups.c b/source3/winbindd/wb_lookupusergroups.c index 7ac1b6e03d2..7f359ee9316 100644 --- a/source3/winbindd/wb_lookupusergroups.c +++ b/source3/winbindd/wb_lookupusergroups.c @@ -113,7 +113,7 @@ NTSTATUS wb_lookupusergroups_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, for (i = 0; i < *num_sids; i++) { struct dom_sid_buf buf; D_INFO("%"PRIu32": %s\n", - i, dom_sid_str_buf(&*sids[i], )); + i, dom_sid_str_buf(&(*sids)[i], )); } } return NT_STATUS_OK; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 06f35edaf12 lib: Map ERANGE to NT_STATUS_INTEGER_OVERFLOW via b954d181cd2 vfs_gpfs: Prevent mangling of GPFS timestamps after 2106 from 96e2a82760e s3:smbd: only clear LEASE_READ if there's no read lease is left https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 06f35edaf129ce3195960905d38af73ec12fc716 Author: Volker Lendecke Date: Tue Sep 1 13:24:55 2020 +0200 lib: Map ERANGE to NT_STATUS_INTEGER_OVERFLOW Bug: https://bugzilla.samba.org/show_bug.cgi?id=15151 Signed-off-by: Volker Lendecke Reviewed-by: Christof Schmitt Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Aug 19 12:43:06 UTC 2022 on sn-devel-184 commit b954d181cd25d9029d3c222e8d97fe7a3b0b2400 Author: Volker Lendecke Date: Mon Aug 31 16:14:14 2020 +0200 vfs_gpfs: Prevent mangling of GPFS timestamps after 2106 gpfs_set_times as of August 2020 stores 32-bit unsigned tv_sec. We should not silently garble time stamps but reject the attempt to set an out-of-range timestamp. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15151 Signed-off-by: Volker Lendecke Reviewed-by: Christof Schmitt --- Summary of changes: source3/lib/errmap_unix.c | 3 +++ source3/modules/vfs_gpfs.c | 43 +-- 2 files changed, 36 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/errmap_unix.c b/source3/lib/errmap_unix.c index 73b2f532a06..029efae0f51 100644 --- a/source3/lib/errmap_unix.c +++ b/source3/lib/errmap_unix.c @@ -119,6 +119,9 @@ static const struct { { EOVERFLOW, NT_STATUS_ALLOTTED_SPACE_EXCEEDED }, #endif { EINPROGRESS, NT_STATUS_MORE_PROCESSING_REQUIRED }, +#ifdef ERANGE + { ERANGE, NT_STATUS_INTEGER_OVERFLOW }, +#endif }; /* diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index bb15ba630b9..1f3d803e1c5 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1672,15 +1672,27 @@ static int vfs_gpfs_lstat(struct vfs_handle_struct *handle, return ret; } -static void timespec_to_gpfs_time(struct timespec ts, gpfs_timestruc_t *gt, - int idx, int *flags) +static int timespec_to_gpfs_time( + struct timespec ts, gpfs_timestruc_t *gt, int idx, int *flags) { - if (!is_omit_timespec()) { - *flags |= 1 << idx; - gt[idx].tv_sec = ts.tv_sec; - gt[idx].tv_nsec = ts.tv_nsec; - DEBUG(10, ("Setting GPFS time %d, flags 0x%x\n", idx, *flags)); + if (is_omit_timespec()) { + return 0; } + + if (ts.tv_sec > UINT32_MAX) { + DBG_WARNING("GPFS uses 32-bit unsigned timestamps, " + "%ju is too large\n", + (uintmax_t)ts.tv_sec); + errno = ERANGE; + return -1; + } + + *flags |= 1 << idx; + gt[idx].tv_sec = ts.tv_sec; + gt[idx].tv_nsec = ts.tv_nsec; + DBG_DEBUG("Setting GPFS time %d, flags 0x%x\n", idx, *flags); + + return 0; } static int smbd_gpfs_set_times(struct files_struct *fsp, @@ -1691,10 +1703,21 @@ static int smbd_gpfs_set_times(struct files_struct *fsp, int rc; ZERO_ARRAY(gpfs_times); - timespec_to_gpfs_time(ft->atime, gpfs_times, 0, ); - timespec_to_gpfs_time(ft->mtime, gpfs_times, 1, ); + rc = timespec_to_gpfs_time(ft->atime, gpfs_times, 0, ); + if (rc != 0) { + return rc; + } + + rc = timespec_to_gpfs_time(ft->mtime, gpfs_times, 1, ); + if (rc != 0) { + return rc; + } + /* No good mapping from LastChangeTime to ctime, not storing */ - timespec_to_gpfs_time(ft->create_time, gpfs_times, 3, ); + rc = timespec_to_gpfs_time(ft->create_time, gpfs_times, 3, ); + if (rc != 0) { + return rc; + } if (!flags) { DBG_DEBUG("nothing to do, return to avoid EINVAL\n"); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 076c22fbd7e selftest/Samba3: let nt4_dc* use vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS=no via 4708ba2f013 vfs_default: Use openat2(RESOLVE_NO_SYMLINKS) if available via 8544f4490a0 vfs_default: prepare O_PATH usage with openat2() via d6653067b20 s3:smbd: let openat_pathref_dirfsp_nosymlink() try VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS first via 35b99c87ef9 s3:smbd: let openat_pathref_dirfsp_nosymlink() handle ELOOP similar to ENOTDIR via 17484d069b9 s3:smbd: let openat_pathref_dirfsp_nosymlink() do a verification loop against . and .. first via f7dc2755832 vfs: define VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS via ae1a84f7313 lib/replace: let DISABLE_OPATH also undef __NR_openat2 via f7618dd31a9 lib/replace: add fallback defines for __NR_openat2 via b89001e9226 lib/replace: use syscall(__NR_openat2) if available via 37ba6df174d lib/replace: always include in replace.c if available via ce804b78164 lib/replace: add a replacement for openat2() that returns ENOSYS via 2369d083336 vfs_btrfs: fix include order, includes.h or replace.h should be first via cea9451f780 vfs_io_uring: hide a possible definition of struct open_how in liburing/compat.h via 2b51bad7475 wafsamba: allow cflags for CHECK_TYPE[_IN]() via 085f1485753 s3:tests: add a lot more tests to test_symlink_traversal_smb2.sh from a38fad29803 s3:utils: Fix NULL check https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 076c22fbd7ecbf22dbfeb1711609f07fd42f88b0 Author: Stefan Metzmacher Date: Fri Aug 12 10:55:42 2022 +0200 selftest/Samba3: let nt4_dc* use vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS=no We should always test the code path without openat2 being available, even if the kernel supports it. Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Aug 15 16:00:26 UTC 2022 on sn-devel-184 commit 4708ba2f013c5f5ea5aa5dcf4873c2b4a86fb8ff Author: Volker Lendecke Date: Fri Jun 17 17:41:52 2022 +0200 vfs_default: Use openat2(RESOLVE_NO_SYMLINKS) if available This improves the following test: time smbtorture //127.0.0.1/m -Uroot%test \ smb2.create.bench-path-contention-shared \ --option='torture:bench_path=Apps\1\2\3\4\5\6\7\8\9\10' \ --option="torture:timelimit=600" \ --option="torture:nprocs=1" From: open[num/s=14186,avslat=0.44,minlat=0.42,maxlat=0.79] close[num/s=14185,avslat=0.27,minlat=0.25,maxlat=0.57] to: open[num/s=16917,avslat=0.38,minlat=0.35,maxlat=0.000340] close[num/s=16916,avslat=0.20,minlat=0.19,maxlat=0.000104] Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Volker Lendecke Signed-off-by: Stefan Metzmacher commit 8544f4490a0b5e54b807daedddb96778744b62ee Author: Stefan Metzmacher Date: Wed Jul 27 18:43:14 2022 + vfs_default: prepare O_PATH usage with openat2() When O_PATH is specified in flags, flag bits other than O_CLOEXEC, O_DIRECTORY, and O_NOFOLLOW are ignored. In preparation to use openat2(), which gives an error instead of ignoring flags, we better remove unexpected flags, callers typically pass O_RDONLY and O_NONBLOCK. Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit d6653067b20e61af1f05423764c8486a1a5445c8 Author: Volker Lendecke Date: Thu Jul 14 19:44:04 2022 +0200 s3:smbd: let openat_pathref_dirfsp_nosymlink() try VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS first This will reduce the amount of syscalls and the related cost drastically for long path names. Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Volker Lendecke Signed-off-by: Stefan Metzmacher commit 35b99c87ef92df006f8b0a41bbea051f0faeadb9 Author: Stefan Metzmacher Date: Fri Aug 12 19:12:44 2022 +0200 s3:smbd: let openat_pathref_dirfsp_nosymlink() handle ELOOP similar to ENOTDIR This is no likely to happen as we use O_NOFOLLOW with O_DIRECTORY, but it's better to be prepared... This will be more important in the upcoming openat2(RESOLVE_NO_SYMLINK) case, but we should be consitent... Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit 17484d069b92d08b0228fb509ea42ab4c3f496a8 Author: Stefan Metzmacher Date: Wed Aug 10 22:01:10 2022 +0200 s3:smbd: let openat_pathref_dirfsp_nosymlink() do a verification loop against . and .. first I guess we should catch NT_STATUS_OBJECT_NAME_INVALID first, currently the check is already done in check_path_syntax*, but we may
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fc45fcfde51 vfs_default: assert all passed in fsp's and names are non-stream type via 51243e38497 vfs_streams_xattr: restrict which fcntl's are allowed on streams via f0299abf1b2 smbd: skip access checks for stat-opens on streams in open_file() via 06555c6bcb5 smbd: use metadata_fsp() in get_acl_group_bits() via 3af8f8e8741 smbd: ignore request to set the SPARSE attribute on streams via 55e55804bb2 smbd: use metadata_fsp() with SMB_VFS_FSET_DOS_ATTRIBUTES() via 03b9ce84736 smbd: use metadata_fsp() with SMB_VFS_FGET_DOS_ATTRIBUTES() via 4ab29e2a345 smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL() via c949e4b2a42 smbd: use metadata_fsp() with SMB_VFS_FGET_NT_ACL() via 23bc760ec5d CI: add a test trying to delete a stream on a pathref ("stat open") handle via 92e0045d7ca vfs_xattr_tdb: add "xattr_tdb:ignore_user_xattr" option via 451ad315a9b vfs_xattr_tdb: add a module config via b26dc252aaf vfs_xattr_tdb: move close_xattr_db() via 0d3995cec10 smdb: use fsp_is_alternate_stream() in open_file() from 042141efdb5 third_party: Reformat shell scripts https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fc45fcfde51b0b0bdcd524c82a0f9eabf7273045 Author: Ralph Boehme Date: Wed Jul 27 18:40:21 2022 +0200 vfs_default: assert all passed in fsp's and names are non-stream type Enforce fsp is a non-stream one in as many VFS operations as possible in vfs_default. We really need an assert here instead of returning an error, as otherwise he can have very hard to diagnose bugs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Aug 10 16:32:35 UTC 2022 on sn-devel-184 commit 51243e3849736acbbf1d8f52cc02cdec5995fde4 Author: Ralph Boehme Date: Fri Jul 29 07:07:25 2022 +0200 vfs_streams_xattr: restrict which fcntl's are allowed on streams BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit f0299abf1b28a14518328710d9f84bef17fd2ecf Author: Ralph Boehme Date: Wed Jul 27 15:58:37 2022 +0200 smbd: skip access checks for stat-opens on streams in open_file() For streams, access is already checked in create_file_unixpath() by check_base_file_access(). We already skip the access check in this function when doing an IO open of a file, see above in open_file(), also skip it for "stat opens". BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 06555c6bcb5644fc9eea35b3cbae8d8801c65ab6 Author: Ralph Boehme Date: Wed Jul 27 19:05:26 2022 +0200 smbd: use metadata_fsp() in get_acl_group_bits() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 3af8f8e8741cc8c889bbf416ccd38a1b702917ec Author: Ralph Boehme Date: Fri Jul 29 14:56:41 2022 +0200 smbd: ignore request to set the SPARSE attribute on streams As per MS-FSA 2.1.1.5 this is a per stream attribute, but our backends don't support it in a consistent way, therefor just pretend success and ignore the request. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 55e55804bb2d0f21c1bbe207257bb40555f3b7a2 Author: Ralph Boehme Date: Fri Jul 29 14:56:21 2022 +0200 smbd: use metadata_fsp() with SMB_VFS_FSET_DOS_ATTRIBUTES() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 03b9ce84736d536ab2dd8a5ce1a2656e6a90c8c8 Author: Ralph Boehme Date: Fri Jul 29 14:55:08 2022 +0200 smbd: use metadata_fsp() with SMB_VFS_FGET_DOS_ATTRIBUTES() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 4ab29e2a345b48ebba652d5154e96adf954a6757 Author: Ralph Boehme Date: Fri Jul 29 14:54:07 2022 +0200 smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL() BUG: https://b
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 82d931d23d1 s3: smbd: Oops. DBG_ERR messages I used to debug parse_dfs_path(), should have been DBG_DEBUG. from fb937ddc838 lib/util/access: source3/auth/user_util: Check for INNETGR https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 82d931d23d14670c086082483943700d61d1b7a0 Author: Jeremy Allison Date: Fri Aug 5 11:06:13 2022 -0700 s3: smbd: Oops. DBG_ERR messages I used to debug parse_dfs_path(), should have been DBG_DEBUG. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Aug 8 09:07:24 UTC 2022 on sn-devel-184 --- Summary of changes: source3/smbd/msdfs.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c index 1f24c87ccbd..a52a2449965 100644 --- a/source3/smbd/msdfs.c +++ b/source3/smbd/msdfs.c @@ -121,7 +121,7 @@ static NTSTATUS parse_dfs_path(connection_struct *conn, */ trim_char(p, '/', '/'); - DBG_ERR("p = |%s| after trimming /'s\n", p); + DBG_DEBUG("p = |%s| after trimming /'s\n", p); /* Now tokenize. */ /* Parse out hostname. */ @@ -143,7 +143,7 @@ static NTSTATUS parse_dfs_path(connection_struct *conn, *p = '\0'; pdp->hostname = pathname_local; - DBG_ERR("hostname: %s\n",pdp->hostname); + DBG_DEBUG("hostname: %s\n",pdp->hostname); /* Parse out servicename. */ servicename = p+1; @@ -183,7 +183,7 @@ static NTSTATUS parse_dfs_path(connection_struct *conn, pdp->servicename = servicename; - DBG_ERR("servicename: %s\n", pdp->servicename); + DBG_DEBUG("servicename: %s\n", pdp->servicename); if(p == NULL) { /* Client sent self referral \server\share. */ @@ -202,7 +202,7 @@ static NTSTATUS parse_dfs_path(connection_struct *conn, */ pdp->reqpath = p; - DBG_ERR("rest of the path: %s\n", pdp->reqpath); + DBG_DEBUG("rest of the path: %s\n", pdp->reqpath); return NT_STATUS_OK; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fb937ddc838 lib/util/access: source3/auth/user_util: Check for INNETGR via e13875601ff nsswitch/wins: Define NETDB_* for other libc's from 7cd87156761 vfs: Add struct vfs_open_how.resolve https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fb937ddc838043deb82b6a557dce8f29001d0a19 Author: listout Date: Thu Jul 14 18:51:09 2022 +0530 lib/util/access: source3/auth/user_util: Check for INNETGR Checking for presence of both netgroup and innetgr. INNETGR is not defined on libc's such as musl so not checking results in a build error. Signed-off-by: listout Reviewed-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Aug 8 07:28:31 UTC 2022 on sn-devel-184 commit e13875601ff6f488b48e7de0f6838db3565401d4 Author: listout Date: Thu Jul 14 18:45:17 2022 +0530 nsswitch/wins: Define NETDB_* for other libc's Define NETDB_SUCCESS and NETDB_INTERNAL if they are not defined. On libc's such as musl NETDB_INTERNAL and NETDB_SUCCESS are not defined. Signed-off-by: listout Reviewed-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: lib/util/access.c| 2 +- nsswitch/wins.c | 8 source3/auth/user_util.c | 4 ++-- 3 files changed, 11 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/access.c b/lib/util/access.c index b1b4bffaeaa..f4b5ae79125 100644 --- a/lib/util/access.c +++ b/lib/util/access.c @@ -115,7 +115,7 @@ static bool string_match(const char *tok,const char *s) return true; } } else if (tok[0] == '@') { /* netgroup: look it up */ -#ifdef HAVE_NETGROUP +#if defined(HAVE_NETGROUP) && defined(HAVE_INNETGR) DATA_BLOB tmp; char *mydomain = NULL; char *hostname = NULL; diff --git a/nsswitch/wins.c b/nsswitch/wins.c index e202a45e26e..a310477cfad 100644 --- a/nsswitch/wins.c +++ b/nsswitch/wins.c @@ -40,6 +40,14 @@ static pthread_mutex_t wins_nss_mutex = PTHREAD_MUTEX_INITIALIZER; #define INADDRSZ 4 #endif +#ifndef NETDB_INTERNAL +#define NETDB_INTERNAL -1 +#endif + +#ifndef NETDB_SUCCESS +#define NETDB_SUCCESS 0 +#endif + _PUBLIC_ON_LINUX_ NSS_STATUS _nss_wins_gethostbyname_r(const char *hostname, struct hostent *he, diff --git a/source3/auth/user_util.c b/source3/auth/user_util.c index 805f3ada231..cd97d62af4b 100644 --- a/source3/auth/user_util.c +++ b/source3/auth/user_util.c @@ -135,7 +135,7 @@ static void store_map_in_gencache(TALLOC_CTX *ctx, const char *from, const char bool user_in_netgroup(TALLOC_CTX *ctx, const char *user, const char *ngname) { -#ifdef HAVE_NETGROUP +#if defined(HAVE_NETGROUP) && defined(HAVE_INNETGR) char nis_domain_buf[256]; const char *nis_domain = NULL; char *lowercase_user = NULL; @@ -183,7 +183,7 @@ bool user_in_netgroup(TALLOC_CTX *ctx, const char *user, const char *ngname) TALLOC_FREE(lowercase_user); return true; } -#endif /* HAVE_NETGROUP */ +#endif /* HAVE_NETGROUP and HAVE_INNETGR */ return false; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5075df4575d s3: smbd: Remove ugly SMB1-specific hack to filename_convert_dirfsp() via 5c9404f7531 s3: smbd: Remove the ucf_flags parameter from extract_snapshot_token(). via d21cf6bbb18 s3: smbd: Cleanup - integer align. consumedcnt should be a size_t. via 7ef1412f852 s3: smbd: Minor cleanup in parse_dfs_path(). via e5a49c310da s3: smbd: Remove 'bool posix_path' from struct dfs_path. via f24ef117cfa s3: smbd: Change srvstr_get_path_internal() to always call check_path_syntaxXXX(), even on DFS pathnames. from 972dd999b8d smbd: Fix a "set but not used" warning https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5075df4575d9250fa53dcef024589084ad56062d Author: Jeremy Allison Date: Thu Aug 4 11:32:05 2022 -0700 s3: smbd: Remove ugly SMB1-specific hack to filename_convert_dirfsp() This was added due to the error code check in test_symlink_traversal_smb1_posix.sh. After careful consideration I've realized the error code expected here is incorrect, and not providing any security benefit. We already check that trying to fetch a file/traverse through a symlink that points outside of a share returns NT_STATUS_OBJECT_PATH_NOT_FOUND, and this is enforced in the symlink checks already inside filename_convert_dirfsp(). If a symlink points to a directory within the share for which the user has no permissions (as is tested here), then there's no benefit in mapping the error code from NT_STATUS_ACCESS_DENIED to NT_STATUS_OBJECT_PATH_NOT_FOUND, as we are not providing any extra information about the filesystem state the user cannot already obtain by normal SMB1+POSIX calls. Change the error code expected in this single test from NT_STATUS_OBJECT_PATH_NOT_FOUND to NT_STATUS_ACCESS_DENIED. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Aug 5 10:24:23 UTC 2022 on sn-devel-184 commit 5c9404f753173465900c004e444174d247f692f6 Author: Jeremy Allison Date: Thu Aug 4 10:02:15 2022 -0700 s3: smbd: Remove the ucf_flags parameter from extract_snapshot_token(). Now we always call check_path_syntaxXXX(), even on DFS names we no longer need this. It was a BAD change, and I should feel BAD :-). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit d21cf6bbb18e6f83739caa457c983b361be789b4 Author: Jeremy Allison Date: Thu Aug 4 13:23:28 2022 -0700 s3: smbd: Cleanup - integer align. consumedcnt should be a size_t. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 7ef1412f85273d27edbe4f8a02121c2d5d7479ac Author: Jeremy Allison Date: Thu Aug 4 13:08:51 2022 -0700 s3: smbd: Minor cleanup in parse_dfs_path(). allow_wcards parameter is not used or looked at. Remove it. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit e5a49c310da4b18e366762e073fc9244b96d1b46 Author: Jeremy Allison Date: Thu Aug 4 19:09:39 2022 -0700 s3: smbd: Remove 'bool posix_path' from struct dfs_path. Nothing now sets or looks at it. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit f24ef117cfa195ef19b8130040555b75f42ae00b Author: Jeremy Allison Date: Thu Aug 4 09:52:17 2022 -0700 s3: smbd: Change srvstr_get_path_internal() to always call check_path_syntaxXXX(), even on DFS pathnames. The original design decision to just copy a DFS path and let parse_dfs_path() take care of it was a horrible mistake. Fix srvstr_get_path_internal() to always return a /server/share/path (i.e. a path separated with '/', not '\'). This is a more complex change than I like to allow DFS path procesing in srvstr_get_path_internal() but needed as clients (including Samba smbclient) have a rather "fuzzy" idea of what constitutes a valid DFS path. If we detect the DFS path isn't valid here we have to fall back to treating it as a local path. I also need to modify the DFS parsing in filename_convert_smb1_search_path() to cope with only '/' separators. This also means parse_dfs_path() needs changing to cope. The changes here are best reviewed by just applying the fix and looking at the modified functions: srvstr_get_path_internal() parse_dfs_path() For parse_dfs_path() it's mostly removing bad code and makes parse_dfs_path() much easier to read. These changes will enable me to remove some ugly mistakes made adding ucf_flags to extract_snapshot_token(), as we can now always assume canonicalized paths. This is a little messy, but has to be done in one
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 332338173ec s3: smbd: Convert reply_checkpath() to use filename_convert_dirfsp(). via a70a9c63df3 s3: smbd: Convert call_trans2mkdir() to use filename_convert_dirfsp(). via 12001941a4f s3: smbd: Convert call_trans2open() to use filename_convert_dirfsp(). via 34056ced099 s3: smbd: Convert reply_rmdir() to use filename_convert_dirfsp(). via f599e469066 s3: smbd: Convert reply_ctemp() to use filename_convert_dirfsp(). via 952f92ccb39 s3: smbd: Convert reply_mknew() to use filename_convert_dirfsp(). via 48be22d8cce s3: smbd: Convert reply_open_and_X() to use filename_convert_dirfsp(). via e82a37d42bb s3: smbd: Convert reply_open() to use filename_convert_dirfsp(). via 758ffebb8a8 s3: smbd: Fix the error processing in filename_convert_dirfsp_nosymlink() to match unix_convert() 100% via be8ac8df178 s3: smbd: In filename_split_lcomp() ensure we never return a streamname if posix is set. via 1a653fdc442 s3: smbd: Ensure we set fsp->file_id in openat_pathref_dirfsp_nosymlink(). from 3469895aca6 s3:winbind: Implement dcerpc_samr_chgpasswd_user4 for PamAuthChangePassword https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 332338173ec9df9628e29eef2eccff2226c01e9d Author: Jeremy Allison Date: Wed Jul 27 16:21:52 2022 -0700 s3: smbd: Convert reply_checkpath() to use filename_convert_dirfsp(). One less use of filename_convert(). This is the acid test of filename_convert_dirfsp() pathname error handling. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jul 28 16:34:54 UTC 2022 on sn-devel-184 commit a70a9c63df34467dfef57003cf9f156e9b8d7b03 Author: Jeremy Allison Date: Wed Jul 27 12:39:11 2022 -0700 s3: smbd: Convert call_trans2mkdir() to use filename_convert_dirfsp(). One less use of filename_convert(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 12001941a4f77b1595ff4f64c7377dbc64f2dead Author: Jeremy Allison Date: Wed Jul 27 12:36:23 2022 -0700 s3: smbd: Convert call_trans2open() to use filename_convert_dirfsp(). One less use of filename_convert(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 34056ced09962c9733e338b9d60559a297acbd9e Author: Jeremy Allison Date: Wed Jul 27 12:29:18 2022 -0700 s3: smbd: Convert reply_rmdir() to use filename_convert_dirfsp(). One less use of filename_convert(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit f599e469066cd8048498067e083747a611f16342 Author: Jeremy Allison Date: Wed Jul 27 12:23:42 2022 -0700 s3: smbd: Convert reply_ctemp() to use filename_convert_dirfsp(). One less use of filename_convert(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 952f92ccb39edf18e1a2d4e3df4b1781b37c7206 Author: Jeremy Allison Date: Wed Jul 27 12:09:48 2022 -0700 s3: smbd: Convert reply_mknew() to use filename_convert_dirfsp(). One less use of filename_convert(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 48be22d8cce4c3508e145d727a378c4a6d3a4c3a Author: Jeremy Allison Date: Wed Jul 27 12:00:32 2022 -0700 s3: smbd: Convert reply_open_and_X() to use filename_convert_dirfsp(). One less use of filename_convert(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit e82a37d42bb67fbf351f7d1fd82e8c200414780d Author: Jeremy Allison Date: Wed Jul 27 12:05:17 2022 -0700 s3: smbd: Convert reply_open() to use filename_convert_dirfsp(). One less use of filename_convert(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 758ffebb8a8ce6b92598137f927a67961690bb69 Author: Jeremy Allison Date: Wed Jul 27 15:28:13 2022 -0700 s3: smbd: Fix the error processing in filename_convert_dirfsp_nosymlink() to match unix_convert() 100% We need this in order to pass: samba3.raw.samba3badpath raw.chkpath samba3.base.chkpath Now we can convert all the SMB1 reply_openXXX functions, and reply_checkpath(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit be8ac8df178556957d3d20d309b0f79cb1df6b34 Author: Jeremy Allison Date: Wed Jul 27 16:52:40 2022 -0700 s3: smbd: In filename_split_lcomp() ensure we never return a streamname if posix is set. POSIX has no streams, even on the root of a directory. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 1a653fdc4422450737ab885d2531db8bed9fcf03 Author: Jeremy Allison Date: Wed Jul 27 14:36:33 2022 -0700 s3: smbd: Ensure we set fsp->f
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b8f3d8d052c smbd: if close fails just log it, don't crash from 4f5faa806e8 docs-xml:manpages: update vfs_fileid.8.xml for the recent changes https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b8f3d8d052c38a273599d839d753840a07b3f5cd Author: Ralph Boehme Date: Thu Jul 7 14:40:28 2022 +0200 smbd: if close fails just log it, don't crash Originally I added the assert here as we can't return the error being in a talloc destructor. But OEMs prefer error log messages over crashes. Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Jul 8 09:04:28 UTC 2022 on sn-devel-184 --- Summary of changes: source3/smbd/files.c | 12 ++-- 1 file changed, 10 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/files.c b/source3/smbd/files.c index f4737278dd0..45cc7ffd79f 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -424,12 +424,20 @@ static int smb_fname_fsp_destructor(struct smb_filename *smb_fname) fsp_set_base_fsp(fsp, NULL); status = fd_close(tmp_base_fsp); - SMB_ASSERT(NT_STATUS_IS_OK(status)); + if (NT_STATUS_IS_OK(status)) { + DBG_ERR("Closing fd for fsp [%s] failed: %s. " + "Please check your filesystem!!!\n", + fsp_str_dbg(fsp), nt_errstr(status)); + } file_free(NULL, tmp_base_fsp); } status = fd_close(fsp); - SMB_ASSERT(NT_STATUS_IS_OK(status)); + if (NT_STATUS_IS_OK(status)) { + DBG_ERR("Closing fd for fsp [%s] failed: %s. " + "Please check your filesystem!!!\n", + fsp_str_dbg(fsp), nt_errstr(status)); + } file_free(NULL, fsp); smb_fname->fsp = NULL; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e752f841e68 ctdb-daemon: Use DEBUG() macro for child logging via 88f35cf8628 ctdb-daemon: Drop unused prefix, logfn, logfn_private via 1596a3e84ba ctdb-common: Tell file logging not to redirect stderr via a8091bd0c56 util: Add new debug setting debug_no_stderr_redirect from d9e561a89a2 s3:tests: Reformat test_smbclient_s3.sh https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e752f841e682cc571006c09249b03d82aea5f8cd Author: Martin Schwenke Date: Mon Jun 6 18:02:31 2022 +1000 ctdb-daemon: Use DEBUG() macro for child logging Directly using dbgtext() with file logging results in a log entry with no header, which is wrong. This is a regression, introduced in commit 10d15c9e5dfe4e8595d0b322c96f474fc7078f46. Prior to this, CTDB's callback for file logging would always add a header. Use DEBUG() instead dbgtext(). Note that DEBUG() effectively compares the passed script_log_level with DEBUGLEVEL, so an explicit check is no longer necessary. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15090 Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jun 16 13:33:10 UTC 2022 on sn-devel-184 commit 88f35cf86285b7a818282d5f465711de66dfad59 Author: Martin Schwenke Date: Mon Jun 6 17:57:51 2022 +1000 ctdb-daemon: Drop unused prefix, logfn, logfn_private These aren't set anywhere in the code. Drop the log argument because it is also no longer used. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15090 Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 1596a3e84babb8fdd86af0c4b98906b309be7907 Author: Martin Schwenke Date: Tue Jun 7 14:00:49 2022 +1000 ctdb-common: Tell file logging not to redirect stderr This allows ctdb_set_child_logging() to work. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15090 Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit a8091bd0c565a3f14542731e642319dbb68b4786 Author: Martin Schwenke Date: Tue Jun 7 13:54:20 2022 +1000 util: Add new debug setting debug_no_stderr_redirect CTDB doesn't want this redirection of stderr to the log file. It expects to be able to capture stderr of subprocesses and log them with a header. This redirection stops that from happening. Unfortunately this has to be a negative option (i.e. "no" in the name) so that the default of 0/false maintains existing behaviour. Note that the default behaviour is sub-optimal because it causes raw data (i.e. debug data without a header) to appear in the log. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15090 Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke --- Summary of changes: ctdb/common/logging.c | 1 + ctdb/server/ctdb_logging.c | 23 --- lib/util/debug.c | 3 ++- lib/util/debug.h | 1 + 4 files changed, 8 insertions(+), 20 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/common/logging.c b/ctdb/common/logging.c index 1b91cdcc92b..3aa5ca996ee 100644 --- a/ctdb/common/logging.c +++ b/ctdb/common/logging.c @@ -148,6 +148,7 @@ static int file_log_setup(TALLOC_CTX *mem_ctx, struct debug_settings settings = { .debug_syslog_format = true, .debug_hires_timestamp = true, + .debug_no_stderr_redirect = true, }; const char *t = NULL; diff --git a/ctdb/server/ctdb_logging.c b/ctdb/server/ctdb_logging.c index 8af787c189f..1da26b5534c 100644 --- a/ctdb/server/ctdb_logging.c +++ b/ctdb/server/ctdb_logging.c @@ -38,12 +38,9 @@ #include "common/logging.h" struct ctdb_log_state { - const char *prefix; int fd, pfd; char buf[1024]; uint16_t buf_used; - void (*logfn)(const char *, uint16_t, void *); - void *logfn_private; }; /* Used by ctdb_set_child_logging() */ @@ -68,21 +65,9 @@ bool ctdb_logging_init(TALLOC_CTX *mem_ctx, const char *logging, return true; } -/* Note that do_debug always uses the global log state. */ -static void write_to_log(struct ctdb_log_state *log, -const char *buf, unsigned int len) +static void write_to_log(const char *buf, unsigned int len) { - if (script_log_level <= DEBUGLEVEL) { - if (log != NULL && log->prefix != NULL) { - dbgtext("%s: %*.*s\n", log->prefix, len, len, buf); - } else { - dbgtext("%*.*s\n", len, len, buf); - } - /* log
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c285bcfbdad lib/cmdline: fix a typo via 9332606a172 s3:utils:smbcacls fix a typo from 9ad03f51a34 s4:kdc: Add asserted identity SID to identify whether S4U2Self has occurred https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c285bcfbdad66fb7f076b6a106a6b113413dc486 Author: Christian Ambach Date: Wed Apr 20 22:46:52 2022 +0200 lib/cmdline: fix a typo Signed-off-by: Christian Ambach Reviewed-by: Volker Lendecke Reviewed-by: Christof Schmitt Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Apr 21 06:59:12 UTC 2022 on sn-devel-184 commit 9332606a172a5a60169de3a39bf00619c4fc2500 Author: Christian Ambach Date: Wed Oct 23 09:56:51 2019 +0200 s3:utils:smbcacls fix a typo Signed-off-by: Christian Ambach Reviewed-by: Volker Lendecke Reviewed-by: Christof Schmitt --- Summary of changes: lib/cmdline/cmdline.h| 4 ++-- source3/utils/smbcacls.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/cmdline/cmdline.h b/lib/cmdline/cmdline.h index 5cd58c3ddbb..e254a1db5c3 100644 --- a/lib/cmdline/cmdline.h +++ b/lib/cmdline/cmdline.h @@ -301,7 +301,7 @@ poptContext samba_popt_get_context(const char * name, .argInfo= POPT_ARG_INCLUDE_TABLE, \ .arg= samba_cmdline_get_popt(SAMBA_CMDLINE_POPT_OPT_LEGACY_S3), \ .val= 0, \ - .descrip= "Deprecated legcacy options:", \ + .descrip= "Deprecated legacy options:", \ .argDescrip = NULL }, /* TODO Get rid of me! */ @@ -311,7 +311,7 @@ poptContext samba_popt_get_context(const char * name, .argInfo= POPT_ARG_INCLUDE_TABLE, \ .arg= samba_cmdline_get_popt(SAMBA_CMDLINE_POPT_OPT_LEGACY_S4), \ .val= 0, \ - .descrip= "Deprecated legcacy options:", \ + .descrip= "Deprecated legacy options:", \ .argDescrip = NULL }, #endif /* _CMDLINE_H */ diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 661d4eacf3e..004f2ff1266 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -1700,7 +1700,7 @@ int main(int argc, char *argv[]) .argInfo= POPT_ARG_NONE, .arg= NULL, .val= 'x', - .descrip= "Query maximum persmissions", + .descrip= "Query maximum permissions", }, POPT_COMMON_SAMBA POPT_COMMON_CONNECTION -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4171736339b lib: Stay ASCII-compatible for toupper_m/tolower_m from 79132b333d7 script: Fix check_symbols() with gcov build https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4171736339bdff4a18b2be016415b8f87b6f383d Author: Volker Lendecke Date: Fri Feb 18 17:36:08 2022 +0100 lib: Stay ASCII-compatible for toupper_m/tolower_m This is an alternative patch for MR2339: It seems that Windows AD in turkish locale is ASCII-compatible with 'i'. Björn tells me that the turkish locale is the only one where upper/lower casing letters in the ASCII range is not compatible to ASCII. Simplify our code by not calling the locale-specific standard toupper/tolower for the ASCII range but rely on our tables. Signed-off-by: Volker Lendecke Reviewed-by: Alexander Bokovoy Reviewed-by: Andreas Schneider Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Apr 4 11:45:24 UTC 2022 on sn-devel-184 --- Summary of changes: lib/util/charset/codepoints.c | 6 -- 1 file changed, 6 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/charset/codepoints.c b/lib/util/charset/codepoints.c index 3f380b9fed6..c35241e2983 100644 --- a/lib/util/charset/codepoints.c +++ b/lib/util/charset/codepoints.c @@ -16441,9 +16441,6 @@ void smb_init_locale(void) **/ _PUBLIC_ codepoint_t toupper_m(codepoint_t val) { - if (val < 128) { - return toupper(val); - } if (val >= ARRAY_SIZE(upcase_table)) { return val; } @@ -16455,9 +16452,6 @@ _PUBLIC_ codepoint_t toupper_m(codepoint_t val) **/ _PUBLIC_ codepoint_t tolower_m(codepoint_t val) { - if (val < 128) { - return tolower(val); - } if (val >= ARRAY_SIZE(lowcase_table)) { return val; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7debfe7a231 ctdb-tools: Remove deprecated networking commands and replace with new commands via e16cd0316f6 ctdb-packaging: Remove deprecated networking command netstat and replace with "ss" command from 9e9e6955ba9 s3:utils: assign ids to struct to list shares correctly https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7debfe7a23114d3831ee6346a988f79dc93b7a55 Author: Archana Date: Wed Jan 5 10:08:06 2022 +0530 ctdb-tools: Remove deprecated networking commands and replace with new commands The changes are made to replace the deprecated network commands (ifconfig,netstat) with the new commands (ip addr,ss) respectively Signed-off-by: Archana Chidirala Reviewed-by: Volker Lendecke Reviewed-by: Martin Schwenke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Mar 8 12:30:53 UTC 2022 on sn-devel-184 commit e16cd0316f60330898f14042a79ab8abb01b46b7 Author: Archana Date: Tue Jan 4 10:01:55 2022 +0530 ctdb-packaging: Remove deprecated networking command netstat and replace with "ss" command Signed-off-by: Archana Chidirala Reviewed-by: Volker Lendecke Reviewed-by: Martin Schwenke --- Summary of changes: ctdb/packaging/RPM/ctdb.spec.in | 2 +- ctdb/tools/ctdb_diagnostics | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/packaging/RPM/ctdb.spec.in b/ctdb/packaging/RPM/ctdb.spec.in index 80eb2945e41..8fea8911ad2 100644 --- a/ctdb/packaging/RPM/ctdb.spec.in +++ b/ctdb/packaging/RPM/ctdb.spec.in @@ -16,7 +16,7 @@ Source: ctdb-%{version}.tar.gz # Packages Requires: coreutils, sed, gawk, iptables, iproute, procps, ethtool, sudo # Commands - package name might vary -Requires: /usr/bin/killall, /bin/kill, /bin/netstat +Requires: /usr/bin/killall, /bin/kill, /bin/ss Provides: ctdb = %{version} diff --git a/ctdb/tools/ctdb_diagnostics b/ctdb/tools/ctdb_diagnostics index f86d14d389e..80a56575896 100755 --- a/ctdb/tools/ctdb_diagnostics +++ b/ctdb/tools/ctdb_diagnostics @@ -273,9 +273,10 @@ show_all "cat /proc/cpuinfo" show_all "cat /proc/scsi/scsi" show_all "/sbin/ifconfig -a" show_all "/sbin/ifconfig -a" +show_all "cat /proc/net/dev" show_all "/sbin/ip addr list" show_all "/sbin/route -n" -show_all "netstat -s" +show_all "ss -s" show_all "free" show_all "crontab -l" show_all "sysctl -a" -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0c113e652fe s3: smbd: Rename OpenDir_ntstatus() -> OpenDir(). via c0bbf6f4119 s3: smbd: Remove now unused OpenDir(). via b331082b01a s3: torture: In cmd_vfs, Move two more uses of OpenDir() -> OpenDir_nstatus(). via e66be49a52e s3: smbd: In form_junctions(), Move one more use of OpenDir() -> OpenDir_nstatus() via 2aff668e1c5 s3: smbd: In count_dfs_links(), Move one more use of OpenDir() -> OpenDir_nstatus() via 535b29afdeb s3: smbd: In rmdir_internals(), Move one more use of OpenDir() -> OpenDir_nstatus() via 51b7475d394 s3: smbd: In recursive_rmdir(), Move one more use of OpenDir() -> OpenDir_nstatus() via bc9439a41ee s3: VFS: syncops: Move one more use of OpenDir() -> OpenDir_nstatus(). via a138d0f2d98 s3: VFS: shadow_copy: Move one more use of OpenDir() -> OpenDir_nstatus(). via a1f4d74a1a0 s3: VFS: fruit: Move two more uses of OpenDir() -> OpenDir_nstatus(). via 751237a28c3 s3: VFS: ceph_snapshots: Move two more uses of OpenDir() -> OpenDir_nstatus(). from 791be84c3ee s4:kdc: hdb_samba4_audit() is only called once per request https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0c113e652fea17cbbf7644e469abe0980789cf9c Author: Jeremy Allison Date: Mon Feb 28 14:34:48 2022 -0800 s3: smbd: Rename OpenDir_ntstatus() -> OpenDir(). We now have a single OpenDir() function that returns an NTSTATUS. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Mar 2 21:58:32 UTC 2022 on sn-devel-184 commit c0bbf6f41195dd2af08f303ce3feef3becd79af1 Author: Jeremy Allison Date: Mon Feb 28 14:30:27 2022 -0800 s3: smbd: Remove now unused OpenDir(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit b331082b01a51d57a52b9c2e994724def528c8b4 Author: Jeremy Allison Date: Mon Feb 28 14:28:19 2022 -0800 s3: torture: In cmd_vfs, Move two more uses of OpenDir() -> OpenDir_nstatus(). Now we can replace OpenDir() with OpenDir_ntatatus(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit e66be49a52e19551edea6b336fbbb46f6a97f3c7 Author: Jeremy Allison Date: Mon Feb 28 14:25:25 2022 -0800 s3: smbd: In form_junctions(), Move one more use of OpenDir() -> OpenDir_nstatus() Eventually we can replace OpenDir() with OpenDir_ntatatus(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 2aff668e1c5f31d950e30d175b9affe36bb4766f Author: Jeremy Allison Date: Mon Feb 28 14:24:19 2022 -0800 s3: smbd: In count_dfs_links(), Move one more use of OpenDir() -> OpenDir_nstatus() Eventually we can replace OpenDir() with OpenDir_ntatatus(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 535b29afdebc2bff1a587a1d5966c789fb6aab42 Author: Jeremy Allison Date: Mon Feb 28 14:22:03 2022 -0800 s3: smbd: In rmdir_internals(), Move one more use of OpenDir() -> OpenDir_nstatus() Eventually we can replace OpenDir() with OpenDir_ntatatus(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 51b7475d394ab04f73bdc054382f0814a41aaa74 Author: Jeremy Allison Date: Mon Feb 28 14:20:37 2022 -0800 s3: smbd: In recursive_rmdir(), Move one more use of OpenDir() -> OpenDir_nstatus() Eventually we can replace OpenDir() with OpenDir_ntatatus(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit bc9439a41eea66e50ea76275c324596e26999888 Author: Jeremy Allison Date: Mon Feb 28 14:13:04 2022 -0800 s3: VFS: syncops: Move one more use of OpenDir() -> OpenDir_nstatus(). Eventually we can replace OpenDir() with OpenDir_ntatatus(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit a138d0f2d986a8d05ea2e4172871701bdb187770 Author: Jeremy Allison Date: Mon Feb 28 14:11:04 2022 -0800 s3: VFS: shadow_copy: Move one more use of OpenDir() -> OpenDir_nstatus(). Eventually we can replace OpenDir() with OpenDir_ntatatus(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit a1f4d74a1a00aa9d91393b0c6f975ffb3db03d55 Author: Jeremy Allison Date: Mon Feb 28 14:08:40 2022 -0800 s3: VFS: fruit: Move two more uses of OpenDir() -> OpenDir_nstatus(). Eventually we can replace OpenDir() with OpenDir_ntatatus(). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 751237a28c3c8feee24818dea0525771e70dd08b Author: Jeremy Allison Date: Mon Feb 28 13:28:30 2022 -0800 s3: VFS: ceph_snapshots: Move two more uses of OpenDir() -> OpenDir_nstatus(). Eventually we can re
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a7c3213523d source4/torture: Drop unused variable attribute via 2b649604aee source4/torture: Drop unused variable mask via 1ccb187408b source4/torture: Drop unused variable tdif via 7471afaa1ff source4/torture: Avoid unused variable via ad9a414147a vfs_not_implemented: do not mark structs with _PUBLIC_ via 98594d33284 util: Drop unused variable mask_perms via 32d2584c238 util: Drop unused variable num_received via fb55d84ebb2 util: Drop unused variable num_chars from 2649d654cfb smbd: Make strnorm() static to filename.c https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a7c3213523d6eaf2f6945dfe48c83cea2df9ca0c Author: Martin Schwenke Date: Wed Feb 16 09:11:43 2022 +1100 source4/torture: Drop unused variable attribute clang complains: ../../source4/client/client.c:1569:11: error: variable 'attribute' set but not used [-Werror,-Wunused-but-set-variable] uint16_t attribute = FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN; ^ That is, the variable is initialised and updated but the value is never used. Commit 2f377d5101783ed4d8c96a46aaec61895cc7b6ad from 2004 dropped the use of this variable. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Feb 17 19:06:25 UTC 2022 on sn-devel-184 commit 2b649604aee683a48c520a5c46d6c3032b268d6c Author: Martin Schwenke Date: Wed Feb 16 09:05:31 2022 +1100 source4/torture: Drop unused variable mask clang complains: ../../source4/torture/smb2/notify.c:871:11: error: variable 'mask' set but not used [-Werror,-Wunused-but-set-variable] uint32_t mask; ^ That is, the variable is initialised and updated but the value is never used. Looks to have been this way since commit 15d93a5d8e21893e1cca5c989dbf97010aae1622 from 2009. Just drop it. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 1ccb187408b3055210c4bb19f1e21eb0438eb2ff Author: Martin Schwenke Date: Wed Feb 16 08:56:10 2022 +1100 source4/torture: Drop unused variable tdif clang complains: ../../source4/torture/basic/denytest.c:1805:11: error: variable 'tdif' set but not used [-Werror,-Wunused-but-set-variable] int64_t tdif; ^ That is, the variable is initialised and updated but the value is never used. Perhaps it is meant to be used in the nearby torture_comment() call, but it has been this was since commit cb1cff90f165d82cbbf1dd87e475a1b13984d45e from 2004. Just drop it. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 7471afaa1ffcf8291c7d13cf41eec451dde37a42 Author: Martin Schwenke Date: Wed Feb 16 08:50:24 2022 +1100 source4/torture: Avoid unused variable clang complains: ../../source4/torture/basic/delete.c:2342:7: error: variable 'correct' set but not used [-Werror,-Wunused-but-set-variable] bool correct = true; ^ That is, the variable is initialised and updated but the value is never used. Similar functions return this variable, so try that. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit ad9a414147aa8699a84d930fb322b2a6b4f32e78 Author: Martin Schwenke Date: Wed Feb 16 08:44:40 2022 +1100 vfs_not_implemented: do not mark structs with _PUBLIC_ Commit 5d295e41af4e9316aee1b4cf1c3087663b7c06a4 accidentally marked some structs with _PUBLIC_, which causes clang to complain: ../../source3/modules/vfs_not_implemented.c:594:1: error: attribute 'visibility' is ignored, place it after "struct" to apply attribute to type declaration [-Werror,-Wignored-attributes] _PUBLIC_ ^ ../../lib/replace/replace.h:917:33: note: expanded from macro '_PUBLIC_' ^ ../../source3/modules/vfs_not_implemented.c:642:1: error: attribute 'visibility' is ignored, place it after "struct" to apply attribute to type declaration [-Werror,-Wignored-attributes] _PUBLIC_ ^ ../../lib/replace/replace.h:917:33: note: expanded from macro '_PUBLIC_' ^ Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 98594d3328422a17b8d7b8639029910f21573cc5 Author: Martin Schwenke Date: Tue Feb 15 20:27:24 2022 +1100 util: Drop unused variable mask_perms clang complains: ../../source3/smbd/posix_acls.c:2783:9: error: variable 'mask_perms' set but not used [-Werror,-Wunused-but-set-variable] m
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6509715c037 tevent: add missing `#include ` from ca60f6350d5 lib: libsmbclient: Ensure cli_rename() always sets cli->raw_status. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6509715c037bd63fad77eb8e96647d89e61bc44c Author: David Seifert Date: Sun Jan 23 15:34:57 2022 +0100 tevent: add missing `#include ` The following functions use `pid_t` in their interface: * `tevent_req_profile_get_status` * `tevent_req_profile_set_status` BUG: https://bugs.gentoo.org/828720 Signed-off-by: David Seifert Reviewed-by: Volker Lendecke Reviewed-by: Andreas Schneider Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Feb 3 13:18:29 UTC 2022 on sn-devel-184 --- Summary of changes: lib/tevent/tevent.h | 1 + 1 file changed, 1 insertion(+) Changeset truncated at 500 lines: diff --git a/lib/tevent/tevent.h b/lib/tevent/tevent.h index aaa5a068c55..2d1863d7c6e 100644 --- a/lib/tevent/tevent.h +++ b/lib/tevent/tevent.h @@ -31,6 +31,7 @@ #include #include #include +#include #include /* for old gcc releases that don't have the feature test macro __has_attribute */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 309f1982263 s4/auth/simple_bind: correctly report TLS state via f3768274789 pytest:auth_log: expect TLS connections when using ldaps via 891201f154a s3/torture/pdbtest: fix always false condition via 851fc9d60d0 s4:libnet: Fix uninitialized value "seq_num" via dbbad4b500a s4:libnet: Fix trailing whitespace in libnet_vampire.c from d85461c4f5e s3: smbd: Rename "unix extensions" -> "smb1 unix extensions". https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 309f1982263677045d407463eb19a2444c165a63 Author: Douglas Bagnall Date: Thu Dec 23 14:37:29 2021 +1300 s4/auth/simple_bind: correctly report TLS state It went wrong in 366f8cf0903e3583fda42696df62a5337f22131f Signed-off-by: Douglas Bagnall Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jan 26 12:39:52 UTC 2022 on sn-devel-184 commit f37682747898591b37405f9e96a8135c15638637 Author: Douglas Bagnall Date: Wed Jan 26 15:53:45 2022 +1300 pytest:auth_log: expect TLS connections when using ldaps Signed-off-by: Douglas Bagnall Reviewed-by: Volker Lendecke commit 891201f154a2ca05b7fc8ec78492a79ee0bddafe Author: Douglas Bagnall Date: Thu Dec 9 18:06:15 2021 +1300 s3/torture/pdbtest: fix always false condition BUG: https://bugzilla.samba.org/show_bug.cgi?id=9320 Signed-off-by: Douglas Bagnall Reviewed-by: Volker Lendecke commit 851fc9d60d0e5ae3fe68fb22aa755acb3b926d32 Author: Pavel Filipenský Date: Tue Jan 25 21:05:26 2022 +0100 s4:libnet: Fix uninitialized value "seq_num" Found by covscan. Signed-off-by: Pavel Filipenský Reviewed-by: Volker Lendecke Reviewed-by: Andreas Schneider commit dbbad4b500acbd684b350ba7065d602acf28a66a Author: Pavel Filipenský Date: Tue Jan 25 21:09:54 2022 +0100 s4:libnet: Fix trailing whitespace in libnet_vampire.c Signed-off-by: Pavel Filipenský Reviewed-by: Volker Lendecke Reviewed-by: Andreas Schneider --- Summary of changes: python/samba/tests/auth_log.py | 8 source3/torture/pdbtest.c | 2 +- source4/auth/ntlm/auth_simple.c | 4 ++-- source4/libnet/libnet_vampire.c | 22 +++--- 4 files changed, 18 insertions(+), 18 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/auth_log.py b/python/samba/tests/auth_log.py index d1e102bdcab..9949b0abe4d 100644 --- a/python/samba/tests/auth_log.py +++ b/python/samba/tests/auth_log.py @@ -565,7 +565,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase): self.assertEqual("NT_STATUS_OK", msg["Authentication"]["status"]) self.assertEqual("LDAP", msg["Authentication"]["serviceDescription"]) -self.assertEqual("simple bind", +self.assertEqual("simple bind/TLS", msg["Authentication"]["authDescription"]) self.assertEqual( EVT_ID_SUCCESSFUL_LOGON, msg["Authentication"]["eventId"]) @@ -579,7 +579,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase): (msg["Authentication"]["status"] == "NT_STATUS_WRONG_PASSWORD") and (msg["Authentication"]["authDescription"] == -"simple bind") and +"simple bind/TLS") and (msg["Authentication"]["eventId"] == EVT_ID_UNSUCCESSFUL_LOGON) and (msg["Authentication"]["logonType"] == @@ -611,7 +611,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase): (msg["Authentication"]["status"] == "NT_STATUS_NO_SUCH_USER") and (msg["Authentication"]["authDescription"] == -"simple bind") and +"simple bind/TLS") and (msg["Authentication"]["eventId"] == EVT_ID_UNSUCCESSFUL_LOGON) and (msg["Authentication"]["logonType"] == @@ -641,7 +641,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase): (msg["Authentication"]["status"] == "NT_STATUS_NO_SUCH_USER") and (msg["Authenticatio
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7163846a491 ctdb-protocol: Print IPv6 sockets with RFC5952 "[2001:db8::1]:80" notation via 255fe69c90f ctdb-tests: Add extra IPv6 socket parsing tests via 224e99804ef ctdb-protocol: Allow rfc5952 "[2001:db8::1]:80" ipv6 notation via 820b0a63cca ctdb-protocol: Save 50 bytes .text segment via baaedd69b3e ctdb-protocol: rindex->strrchr from 8c0391d38e5 dsdb/schema: let dsdb_syntax_DN_BINARY_drsuapi_to_ldb return WERR_DS_INVALID_ATTRIBUTE_SYNTAX https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7163846a49165cc3d70b2b20909af2ed19778e7a Author: Martin Schwenke Date: Thu Dec 30 12:29:58 2021 +1100 ctdb-protocol: Print IPv6 sockets with RFC5952 "[2001:db8::1]:80" notation RFC5952 says the existing style is not recommended and the [] style should be employed. There are more optimised ways of adding the square brackets but they tend to be uglier. Parsing IPv6 sockets without [] is now tested indirectly by parsing examples in both styles and comparing the results. Signed-off-by: Martin Schwenke Signed-off-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jan 13 17:02:21 UTC 2022 on sn-devel-184 commit 255fe69c90fb0d437d26ce0a6966841b3663aa05 Author: Martin Schwenke Date: Wed Jan 5 12:09:45 2022 +1100 ctdb-tests: Add extra IPv6 socket parsing tests Add tests to confirm that square brackets are handled and that IPv4-mapped IPv6 addresses are parsed as expected. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 224e99804efef960ef4ce2ff2f4f6dced1e74146 Author: Volker Lendecke Date: Thu Dec 23 11:52:38 2021 +0100 ctdb-protocol: Allow rfc5952 "[2001:db8::1]:80" ipv6 notation Bug: https://bugzilla.samba.org/show_bug.cgi?id=14934 Signed-off-by: Volker Lendecke Reviewed-by: Martin Schwenke commit 820b0a63ccaceb4d66b18e3bcd585400a0b99ed2 Author: Volker Lendecke Date: Wed Dec 29 14:46:14 2021 +0100 ctdb-protocol: Save 50 bytes .text segment Having this as a small static .text is simpler than having to create this on the stack. Signed-off-by: Volker Lendecke Reviewed-by: Martin Schwenke commit baaedd69b3e02cdef06353bd5a21a5c5e6079604 Author: Volker Lendecke Date: Wed Dec 29 15:10:28 2021 +0100 ctdb-protocol: rindex->strrchr According to "man rindex" on debian bullseye rindex() was deprecated in Posix.1-2001 and removed from Posix.1-2008. Signed-off-by: Volker Lendecke Reviewed-by: Martin Schwenke --- Summary of changes: ctdb/protocol/protocol_util.c | 52 - ctdb/tests/UNIT/cunit/system_socket_test_002.sh | 10 +++-- ctdb/tests/src/protocol_util_test.c | 49 --- 3 files changed, 83 insertions(+), 28 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/protocol/protocol_util.c b/ctdb/protocol/protocol_util.c index 2d0a6f33038..28631c8de61 100644 --- a/ctdb/protocol/protocol_util.c +++ b/ctdb/protocol/protocol_util.c @@ -119,6 +119,7 @@ int ctdb_sock_addr_to_buf(char *buf, socklen_t buflen, ctdb_sock_addr *addr, bool with_port) { const char *t; + size_t len = 0; switch (addr->sa.sa_family) { case AF_INET: @@ -127,15 +128,36 @@ int ctdb_sock_addr_to_buf(char *buf, socklen_t buflen, if (t == NULL) { return errno; } + if (with_port) { + len = strlen(buf); + } break; - case AF_INET6: - t = inet_ntop(addr->ip6.sin6_family, >ip6.sin6_addr, - buf, buflen); + case AF_INET6: { + char tmp[INET6_ADDRSTRLEN]; + + t = inet_ntop(addr->ip6.sin6_family, + >ip6.sin6_addr, + tmp, + sizeof(tmp)); if (t == NULL) { return errno; } + + if (with_port) { + int ret = snprintf(buf, buflen, "[%s]", tmp); + if (ret < 0) { + return ENOSPC; + } + len = (size_t)ret; + } else { + len = strlcpy(buf, tmp, buflen); + } + if (len >= buflen){ + return ENOSPC; + } break; + } default: return
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b5e56a30dfd rpcclient: Fix ncacn_ip_tcp: via 03734be1d62 test: Test rpcclient ncacn_ip_tcp: from 23fbf0bad03 s3: smbd: Create and use a common function for generating a fileid - create_clock_itime(). https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b5e56a30dfd33e89cfb602b1e7480e210434d600 Author: Volker Lendecke Date: Sun Jan 9 13:38:37 2022 +0100 rpcclient: Fix ncacn_ip_tcp: inet_pton expects "struct in_addr" or "struct in6_addr" as destination pointer. It does not fill in a struct sockaddr_storage. interpret_string_addr() takes care of this. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Jan 10 11:47:34 UTC 2022 on sn-devel-184 commit 03734be1d62b8860a6ccaae3801d89b7129729df Author: Volker Lendecke Date: Sun Jan 9 13:39:12 2022 +0100 test: Test rpcclient ncacn_ip_tcp: Right now connecting to an IP address is broken. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider --- Summary of changes: source3/rpcclient/rpcclient.c | 21 - source3/selftest/tests.py | 8 2 files changed, 12 insertions(+), 17 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index b89534f2225..4042d0d60be 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -897,23 +897,10 @@ static NTSTATUS do_cmd(struct cli_state *cli, binding, "target_hostname"); if (remote_host != NULL) { - int af = AF_UNSPEC; - - if (remote_name == NULL) { - remote_name = dcerpc_binding_get_string_option( - binding, "host"); - } - - if (is_ipaddress_v4(remote_host)) { - af = AF_INET; - } else if (is_ipaddress_v6(remote_host)) { - af = AF_INET6; - } - if (af != AF_UNSPEC) { - int ok = inet_pton(af, remote_host, _ss); - if (ok) { - remote_sockaddr = _ss; - } + bool ok = interpret_string_addr( + _ss, remote_host, 0); + if (ok) { + remote_sockaddr = _ss; } } } diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 69cdc5b7f85..4a09a92bf24 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -1054,6 +1054,14 @@ for s in signseal_options: "none", f'ncalrpc:[{a}{s}{e}] -c epmmap', configuration]) +if s != ",connect": +plantestsuite( +f'samba3.blackbox.rpcclient over ncacn_ip_tcp with [{a}{s}{e}] ', +"nt4_dc:local", +[os.path.join(samba3srcdir, "script/tests/test_rpcclient.sh"), + "none", + f'ncacn_ip_tcp:"$SERVER_IP"[{a}{s}{e}] -c epmmap -U"$USERNAME"%"$PASSWORD"', + configuration]) # We should try more combinations in future, but this is all # the pre-calculated credentials cache supports at the moment -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1dc803048f8 lib/util: Add signal.h include from b5e7e7b65ae s3: smbtorture3: Fix POSIX-BLOCKING-LOCK to actually negotiate SMB1+POSIX before using POSIX calls. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1dc803048f8f0069079142245ec5ac4c11933bff Author: Bernd Kuhls Date: Sun Dec 12 10:27:42 2021 +0100 lib/util: Add signal.h include Fixes build error with samba-4.15.3 and uClibc: ../../source3/printing/samba-bgqd.c: In function ‘main’: ../../source3/printing/samba-bgqd.c:340:21: error: ‘SIGPIPE’ undeclared (first use in this function); did you mean ‘EPIPE’? ../../source3/printing/samba-bgqd.c:384:14: error: ‘SIGTERM’ undeclared (first use in this function) Signed-off-by: Bernd Kuhls Reviewed-by: Volker Lendecke Reviewed-by: Andreas Schneider Reviewed-by: Günther Deschner Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Dec 13 16:22:28 UTC 2021 on sn-devel-184 --- Summary of changes: lib/util/signal.h | 1 + 1 file changed, 1 insertion(+) Changeset truncated at 500 lines: diff --git a/lib/util/signal.h b/lib/util/signal.h index 0663af6ab94..f662ee110d6 100644 --- a/lib/util/signal.h +++ b/lib/util/signal.h @@ -21,6 +21,7 @@ #ifndef _SAMBA_UTIL_SIGNAL_H_ #define _SAMBA_UTIL_SIGNAL_H_ +#include #include /** -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ea2ec7ea5e8 WHATSNEW. Added section about samba-dcerpcd. via 7b62fa967d0 dcesrv_core: Remove unused dcesrv_reinit_context() via 730f7dfd615 s3:rpc_server: Delete unused code and doc references via 9e3ee8c40c0 printing: Remove "start_daemons" from printing_subsystem_init() via a7c65958a15 s3:rpc_server: Activate samba-dcerpcd via d522a8cce12 s3:rpc_server: Add samba-dcerpcd helper programs via 3fb2fd49445 s3:winbind: Close internal RPC pipes after 5 idle seconds via a350a000f10 s3:rpc_server: Make npa_state_init() public via a0075a1fd0e unittest: Remove test_sambafs_srv_pipe via c2b8cf05c37 s3:printing: Move pcap_cache_loaded() to load.c via 3aee4c171c2 smbcontrol: Add rpc-dump-status via 188586e s3:rpc_client: Add rpc_pipe_open_local_np() via d3e1ece1a45 s3:rpc_server: Implement the rpcd_* helper-end of the samba-dcerpc protocol via 4d75f08fd22 s3:rpc_client: Add local_np_connect() via 3ca7c640da0 s3:rpc_server: Add samba-dcerpcd via 8ffeb18b9a1 docs-xml: Add "rpc start on demand helpers", true by default. via a697814eba9 idl: Define messages sent between samba-dcerpcd and rpcd's via da90c02b168 dcesrv_core: Add dcesrv_loop_next_packet() via 95659031e45 backupkey.idl: Don't listen on \pipe tsvcs via 3284ee9985d dcesrv_core: Add dcesrv_context_set_callbacks() via ebc3918f7d0 s3:rpc_client: Bump debug level for ncalrpc connect error via f83f7bd6bdd s3:rpc_server: Remove direct registry access from svcctl_init_winreg via a60c7b4ff29 s3:services: Disable rcinit-based service control code via afd014245a9 test: Prime the kpasswd server via d5fa6263948 rpc_server: Check info5->transport via 00e41d198d2 librpc: Get transport out of tstream_npa_accept_existing_recv() via fa445f15318 auth: Fix a typo in auth/gensec/ncalrpc.c via 1bab76223cd librpc: Add named_pipe_auth_req_info5->transport via 530fb4fdfb3 named_pipe_auth.idl: Add "need_idle_server" via d1934e2331f named_pipe_auth: Bump info4 to info5 from bd98e040d4a Update WHATSNEW.txt with removal of wildcard copy, rename and unlink. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ea2ec7ea5e891f662278dc0fae9f87b426196f2e Author: Jeremy Allison Date: Thu Sep 30 16:05:49 2021 -0700 WHATSNEW. Added section about samba-dcerpcd. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Dec 10 14:52:54 UTC 2021 on sn-devel-184 commit 7b62fa967d02f771d4afa9eaeef2f6b2d9f6ccd0 Author: Volker Lendecke Date: Mon Sep 27 13:13:11 2021 +0200 dcesrv_core: Remove unused dcesrv_reinit_context() This was only used in the prefork source3 rpc servers Signed-off-by: Volker Lendecke Reviewed-by: Samuel Cabrero Reviewed-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit 730f7dfd615ed9997cdf2e7e418605b28826e310 Author: Volker Lendecke Date: Tue Jun 8 09:10:05 2021 +0200 s3:rpc_server: Delete unused code and doc references Signed-off-by: Volker Lendecke Reviewed-by: Samuel Cabrero Reviewed-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit 9e3ee8c40c012ef6febe1737d952a744b0b14861 Author: Volker Lendecke Date: Sun Nov 28 20:29:26 2021 +0100 printing: Remove "start_daemons" from printing_subsystem_init() Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit a7c65958a15149918415b7456d6f20ee8c9669d2 Author: Volker Lendecke Date: Fri Jun 18 19:11:19 2021 +0200 s3:rpc_server: Activate samba-dcerpcd This is the big switch to use samba-dcerpcd for the RPC services in source3/. It is a pretty big and unordered patch, but I don't see a good way to split this up into more manageable pieces without sacrificing bisectability even more. Probably I could cut out a few small ones, but a major architechtural switch like this will always be messy. Signed-off-by: Volker Lendecke Reviewed-by: Samuel Cabrero Reviewed-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit d522a8cce12043903ecf4f66835eb69367cdde17 Author: Volker Lendecke Date: Wed Apr 7 07:13:25 2021 + s3:rpc_server: Add samba-dcerpcd helper programs These are rpcd_* binaries. rpcd_classic collects everything that's not specific Changes the epmapper to read the epmdb.tdb, which will make the epmapper tests non-bisectable until the switch is done. Signed-off-by: Volker Lendecke Reviewed-by: Samuel Cabrero Reviewed-by: Jere
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 57c1e115ece smbd: reopen logs on SIGHUP for notifyd and cleanupd from 06ed4ccba6c lib/cmdline: setup default file logging for servers https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 57c1e115ecef41ef18599e5233079ccd83d13bfc Author: Volker Lendecke Date: Tue Jul 7 11:32:46 2020 +0200 smbd: reopen logs on SIGHUP for notifyd and cleanupd Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Nov 11 15:34:28 UTC 2021 on sn-devel-184 --- Summary of changes: source3/smbd/server.c | 26 +- 1 file changed, 25 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/server.c b/source3/smbd/server.c index d02ff1bd883..05592d0ef41 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -403,6 +403,7 @@ static void notifyd_sig_hup_handler(struct tevent_context *ev, { DBG_NOTICE("notifyd: Reloading services after SIGHUP\n"); reload_services(NULL, NULL, false); + reopen_logs(); } static bool smbd_notifyd_init(struct messaging_context *msg, bool interactive, @@ -410,10 +411,10 @@ static bool smbd_notifyd_init(struct messaging_context *msg, bool interactive, { struct tevent_context *ev = messaging_tevent_context(msg); struct tevent_req *req; + struct tevent_signal *se = NULL; pid_t pid; NTSTATUS status; bool ok; - struct tevent_signal *se; if (interactive) { req = notifyd_req(msg, ev); @@ -570,6 +571,17 @@ static void notifyd_started(struct tevent_req *req) } } +static void cleanupd_sig_hup_handler(struct tevent_context *ev, +struct tevent_signal *se, +int signum, +int count, +void *siginfo, +void *pvt) +{ + DBG_NOTICE("cleanupd: Reloading services after SIGHUP\n"); + reopen_logs(); +} + static void cleanupd_stopped(struct tevent_req *req); static bool cleanupd_init(struct messaging_context *msg, bool interactive, @@ -577,6 +589,7 @@ static bool cleanupd_init(struct messaging_context *msg, bool interactive, { struct tevent_context *ev = messaging_tevent_context(msg); struct server_id parent_id = messaging_server_id(msg); + struct tevent_signal *se = NULL; struct tevent_req *req; pid_t pid; NTSTATUS status; @@ -647,6 +660,17 @@ static bool cleanupd_init(struct messaging_context *msg, bool interactive, exit(1); } + se = tevent_add_signal(ev, + ev, + SIGHUP, + 0, + cleanupd_sig_hup_handler, + NULL); + if (se == NULL) { + DBG_ERR("Could not add SIGHUP handler\n"); + exit(1); + } + req = smbd_cleanupd_send(msg, ev, msg, parent_id.pid); if (req == NULL) { DBG_WARNING("smbd_cleanupd_send failed\n"); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a9a3555b430 debug: Optimise construction of msg_no_nl via 62fd771aea4 debug: Move msg_no_nl to state via cb70eea0536 debug: Optimise early return when header string buffer is full via c5061ebe214 debug: Optimise to avoid walking the header string via ee17f5306c3 debug: Optimise construction of header_str_no_nl via 8cdd20c70a1 debug: Rename variable for consistency via 24dc8c5d2b8 debug: Push message length argument down to backend log functions via 3085a7d317d debug: Add length argument to Debug1() via 9f8be709c49 debug: Avoid debug header being separated from debug text via 10f68148a97 debug: Factor out function copy_no_nl() via 0e59375ac5b debug: Add a level of indirection to ring buffer logging via fb29a8ebcd0 debug: Move header_str and hs_len to state from 71cef2fa1dd docs: document new Spotlight Elasticsearch options https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a9a3555b43075c46e2051e6c1ef80762a0a19120 Author: Martin Schwenke Date: Thu Oct 14 11:08:38 2021 +1100 debug: Optimise construction of msg_no_nl If it isn't used then it isn't copied. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Oct 14 11:10:40 UTC 2021 on sn-devel-184 commit 62fd771aea4bfb9f3042c80207e9800b74a43f75 Author: Martin Schwenke Date: Thu Oct 14 11:00:20 2021 +1100 debug: Move msg_no_nl to state This enables an optimisation. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit cb70eea0536a33583cd57e8dd416bfc2e37fe9d2 Author: Martin Schwenke Date: Wed Oct 13 20:40:34 2021 +1100 debug: Optimise early return when header string buffer is full The existing check is for truncation, not whether the buffer is full. However, if the buffer is full (i.e. hs_len == sizeof(header_str) - 1) then there's no use trying subsequent snprintf() calls because there will be one byte available that already contains the NUL-terminator. A subsequent call will just do a no-op truncation. Check for full buffer instead. This might be confusing because it isn't the standard check that is done after snprintf() calls. Is it worth it for a rare corner case? Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit c5061ebe2146b6e8257205a4ad9ba69d1caa4c7d Author: Martin Schwenke Date: Wed Oct 13 12:06:13 2021 +1100 debug: Optimise to avoid walking the header string strlcat() needs to walk to the end of its first argument. However, but the length of state.header_str is already known, so optimise by manually appending the extra characters if they will fit. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit ee17f5306c3db1b6d950a9ea7d1787cac96a6d9d Author: Martin Schwenke Date: Thu Sep 23 18:13:30 2021 +1000 debug: Optimise construction of header_str_no_nl If it isn't used then it isn't copied. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 8cdd20c70a17e6ee8e7ca41e4c38763f41d158b4 Author: Martin Schwenke Date: Wed Oct 6 23:02:10 2021 +1100 debug: Rename variable for consistency Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 24dc8c5d2b809fefcb27abcb0aba7a1de5a55630 Author: Martin Schwenke Date: Fri Dec 2 16:37:47 2016 +1100 debug: Push message length argument down to backend log functions Optimise because length is now available. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 3085a7d317dd4ce338a5265312c57ed389391786 Author: Martin Schwenke Date: Fri Dec 2 16:29:56 2016 +1100 debug: Add length argument to Debug1() This the first step in avoiding potentially repeated length calculations in the backends. The length is known at call time for most usual callers, so pass it down. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 9f8be709c4951f2af8797f17c6b861ea6fa4 Author: Martin Schwenke Date: Sat Dec 3 12:27:47 2016 +1100 debug: Avoid debug header being separated from debug text Currently the file backend can produce something like: HEADER1 HEADER2 TEXT2 TEXT1 when different processes try to log at the same time. Avoid this by writing the header and text at the same time using writev(). This means that the header always has to be written by the backend, so update all backends to do this. The non-file backends should behave as before when they were invoked separately to render the header. It might be possible to optimise some of them (e.g. via
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via af06d73a756 s3:rpc_server: Do not use the default ncalrpc endpoint for external services via 9c8521848bb librpc:core: Add a function to register an interface passing the binding handle via 99bf0c1b264 pidl:NDR/ServerCompat.pm: Do not register disabled services from b09efc8b8b9 lib: Move closefrom_except*() to a separate file https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit af06d73a7563f6a7dec7653b7de1748de099b051 Author: Samuel Cabrero Date: Mon Aug 23 14:27:49 2021 +0200 s3:rpc_server: Do not use the default ncalrpc endpoint for external services In samba3 it is possible to run some services externally, for example: rpc_daemon:lsasd = fork rpc_server:netlogon = disabled rpc_server:samr = external rpc_server:lsarpc = external The external services running in separate processes have to use its own dedicated ncalrpc endpoint, otherwise will race with main smbd serving the embedded services to accept connections on ncalrpc default socket. If the connection ends in an external process and the client tries to bind to an interface not registered there (like winreg for example) the bind will fail. Signed-off-by: Samuel Cabrero Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Sep 21 11:00:01 UTC 2021 on sn-devel-184 commit 9c8521848bb5fedb3501d03e564a759d8709f418 Author: Samuel Cabrero Date: Thu Aug 19 12:52:04 2021 +0200 librpc:core: Add a function to register an interface passing the binding handle Signed-off-by: Samuel Cabrero Reviewed-by: Volker Lendecke commit 99bf0c1b2649f74a3199c59bbc16c6e604ff4e79 Author: Samuel Cabrero Date: Mon Aug 23 14:23:58 2021 +0200 pidl:NDR/ServerCompat.pm: Do not register disabled services In samba3 it is possible to disable RPC services, for exapmle: rpc_server:netlogon = disabled If a service is disabled do not register the interface neither create its endpoint. Signed-off-by: Samuel Cabrero Reviewed-by: Volker Lendecke --- Summary of changes: librpc/rpc/dcesrv_core.c | 80 +- librpc/rpc/dcesrv_core.h | 5 ++ pidl/lib/Parse/Pidl/Samba4/NDR/ServerCompat.pm | 62 +++- selftest/knownfail | 19 +- source3/rpc_server/rpc_ncacn_np.c | 24 +++- source3/winbindd/winbindd_dual_ndr.c | 10 6 files changed, 169 insertions(+), 31 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/rpc/dcesrv_core.c b/librpc/rpc/dcesrv_core.c index b75336d0a85..6a2e0c25e7f 100644 --- a/librpc/rpc/dcesrv_core.c +++ b/librpc/rpc/dcesrv_core.c @@ -176,11 +176,47 @@ _PUBLIC_ NTSTATUS dcesrv_interface_register(struct dcesrv_context *dce_ctx, const char *ncacn_np_secondary_endpoint, const struct dcesrv_interface *iface, const struct security_descriptor *sd) +{ + struct dcerpc_binding *binding = NULL; + struct dcerpc_binding *binding2 = NULL; + NTSTATUS ret; + + ret = dcerpc_parse_binding(dce_ctx, ep_name, ); + if (NT_STATUS_IS_ERR(ret)) { + DBG_ERR("Trouble parsing binding string '%s'\n", ep_name); + goto out; + } + + if (ncacn_np_secondary_endpoint != NULL) { + ret = dcerpc_parse_binding(dce_ctx, + ncacn_np_secondary_endpoint, + ); + if (NT_STATUS_IS_ERR(ret)) { + DBG_ERR("Trouble parsing 2nd binding string '%s'\n", + ncacn_np_secondary_endpoint); + goto out; + } + } + + ret = dcesrv_interface_register_b(dce_ctx, + binding, + binding2, + iface, + sd); +out: + TALLOC_FREE(binding); + TALLOC_FREE(binding2); + return ret; +} + +_PUBLIC_ NTSTATUS dcesrv_interface_register_b(struct dcesrv_context *dce_ctx, + struct dcerpc_binding *binding, + struct dcerpc_binding *binding2, + const struct dcesrv_interface *iface, + const struct security_descriptor *sd) { struct dcesrv_endpoint *ep; struct dcesrv_if_list *ifl; - struct dcerpc_binding *binding; - struct dcer
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8a93ef625fd s3: rpc_server: Avoid creating new handles when received an empty policy_handle from cf4a868be50 debug: Remove "override_logfile" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8a93ef625fd348c1473c7a55bff480de05bdaf77 Author: Samuel Cabrero Date: Thu Sep 16 14:08:28 2021 +0200 s3: rpc_server: Avoid creating new handles when received an empty policy_handle After merging s3 and s4 RPC handles implementations in commit 70fa7e817e48c9faa3c6c7ae3749e4a8ebf3e6c2 a new empty handle is allocated when find_policy_by_hnd() or close_policy_hnd() is called with an empty policy_handle (see dcesrv_handle_lookup() implementation). This new behavior was causing a crash when running samba3.rpc.mdssvc test with log level >= 10, because a debug message in _mdssvc_close() was dereferencing the handle's associated data when called from test_mdssvc_close() with an empty policy_handle. Signed-off-by: Samuel Cabrero Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Sep 20 14:31:33 UTC 2021 on sn-devel-184 --- Summary of changes: source3/rpc_server/rpc_handles.c | 9 + 1 file changed, 9 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/rpc_handles.c b/source3/rpc_server/rpc_handles.c index 745ea4dd6ef..fea7454874c 100644 --- a/source3/rpc_server/rpc_handles.c +++ b/source3/rpc_server/rpc_handles.c @@ -160,6 +160,15 @@ static struct dcesrv_handle *find_policy_by_hnd_internal( *data_p = NULL; } + /* +* Do not pass an empty policy_handle to dcesrv_handle_lookup() or +* it will create a new empty handle +*/ + if (ndr_policy_handle_empty(hnd)) { + p->fault_state = DCERPC_FAULT_CONTEXT_MISMATCH; + return NULL; + } + /* * Do not pass handle_type to avoid setting the fault_state in the * pipes_struct if the handle type does not match -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 91c024dfd8e s3: auth: Andrew noticed f585f01148ab2d8f84c96b12e018742f5f17bcb0 doesn't keep the same logic. from 2b86cff4a4d lib/replace: drop runtime copy_file_range() check https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 91c024dfd8ecf909f23ab8ee3816ae6a4c9b881c Author: Jeremy Allison Date: Tue Sep 7 17:39:38 2021 -0700 s3: auth: Andrew noticed f585f01148ab2d8f84c96b12e018742f5f17bcb0 doesn't keep the same logic. This should make it identical. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Sep 8 06:38:21 UTC 2021 on sn-devel-184 --- Summary of changes: source3/auth/server_info_sam.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/auth/server_info_sam.c b/source3/auth/server_info_sam.c index b9c8b0a0959..71a52f812a5 100644 --- a/source3/auth/server_info_sam.c +++ b/source3/auth/server_info_sam.c @@ -39,11 +39,16 @@ static bool is_our_machine_account(const char *username) { bool ret; size_t ulen = strlen(username); + const char *nb_name = lp_netbios_name(); + size_t nb_namelen = strlen(nb_name); if (ulen == 0 || username[ulen-1] != '$') { return false; } - ret = strnequal(username, lp_netbios_name(), ulen-1); + if (nb_namelen != ulen-1) { + return false; + } + ret = strnequal(username, nb_name, ulen-1); return ret; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d0f6d54354b winbind: ensure wb_parent_idmap_setup_send() gets called in winbindd_allocate_uid_send() via 39c2ec72cb7 winbindd: call wb_parent_idmap_setup_send() in wb_queryuser_send() from 10baaf08523 tests/krb5: Allow KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN for a missing sname https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d0f6d54354b02f5591706814fbd1e4844788fdfa Author: Ralph Boehme Date: Fri Aug 20 15:04:49 2021 +0200 winbind: ensure wb_parent_idmap_setup_send() gets called in winbindd_allocate_uid_send() BUG: https://bugzilla.samba.org/show_bug.cgi?id=14804 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Sep 2 15:20:06 UTC 2021 on sn-devel-184 commit 39c2ec72cb77945c3eb611fb1d7d7e9aad52bdfd Author: Ralph Boehme Date: Tue Aug 31 17:04:56 2021 +0200 winbindd: call wb_parent_idmap_setup_send() in wb_queryuser_send() BUG: https://bugzilla.samba.org/show_bug.cgi?id=14804 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke --- Summary of changes: source3/winbindd/wb_queryuser.c | 30 +++--- source3/winbindd/winbindd_allocate_uid.c | 44 2 files changed, 66 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/wb_queryuser.c b/source3/winbindd/wb_queryuser.c index 9db51909c02..f5bc96f03f6 100644 --- a/source3/winbindd/wb_queryuser.c +++ b/source3/winbindd/wb_queryuser.c @@ -25,10 +25,12 @@ struct wb_queryuser_state { struct tevent_context *ev; - struct wbint_userinfo *info; +struct wbint_userinfo *info; + const struct wb_parent_idmap_config *idmap_cfg; bool tried_dclookup; }; +static void wb_queryuser_idmap_setup_done(struct tevent_req *subreq); static void wb_queryuser_got_uid(struct tevent_req *subreq); static void wb_queryuser_got_domain(struct tevent_req *subreq); static void wb_queryuser_got_dc(struct tevent_req *subreq); @@ -60,13 +62,35 @@ struct tevent_req *wb_queryuser_send(TALLOC_CTX *mem_ctx, sid_copy(>user_sid, user_sid); + subreq = wb_parent_idmap_setup_send(state, state->ev); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, wb_queryuser_idmap_setup_done, req); +return req; +} + +static void wb_queryuser_idmap_setup_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct wb_queryuser_state *state = tevent_req_data( + req, struct wb_queryuser_state); + NTSTATUS status; + + status = wb_parent_idmap_setup_recv(subreq, >idmap_cfg); + TALLOC_FREE(subreq); + if (tevent_req_nterror(req, status)) { + return; + } + subreq = wb_sids2xids_send( state, state->ev, >info->user_sid, 1); if (tevent_req_nomem(subreq, req)) { - return tevent_req_post(req, ev); + return; } tevent_req_set_callback(subreq, wb_queryuser_got_uid, req); - return req; + return; } static void wb_queryuser_got_uid(struct tevent_req *subreq) diff --git a/source3/winbindd/winbindd_allocate_uid.c b/source3/winbindd/winbindd_allocate_uid.c index 69ce61c872e..64711f1b661 100644 --- a/source3/winbindd/winbindd_allocate_uid.c +++ b/source3/winbindd/winbindd_allocate_uid.c @@ -22,9 +22,11 @@ #include "librpc/gen_ndr/ndr_winbind_c.h" struct winbindd_allocate_uid_state { + struct tevent_context *ev; uint64_t uid; }; +static void winbindd_allocate_uid_initialized(struct tevent_req *subreq); static void winbindd_allocate_uid_done(struct tevent_req *subreq); struct tevent_req *winbindd_allocate_uid_send(TALLOC_CTX *mem_ctx, @@ -34,25 +36,57 @@ struct tevent_req *winbindd_allocate_uid_send(TALLOC_CTX *mem_ctx, { struct tevent_req *req, *subreq; struct winbindd_allocate_uid_state *state; - struct dcerpc_binding_handle *child_binding_handle = NULL; req = tevent_req_create(mem_ctx, , struct winbindd_allocate_uid_state); if (req == NULL) { return NULL; } +state->ev = ev; DEBUG(3, ("allocate_uid\n")); - child_binding_handle = idmap_child_handle(); + subreq = wb_parent_idmap_setup_send(state, ev); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, winbindd_allocate_uid_initialized, re
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7fb741b3b1a krb5_wrap: remove unused code from 7b796b5bb73 lib:cmdline: Use lp_load_global() for servers https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7fb741b3b1ac7c2bac355b77cf71cd8881d58d5b Author: Pavel Filipenský Date: Thu Jul 22 14:11:51 2021 +0200 krb5_wrap: remove unused code Signed-off-by: Pavel Filipenský Reviewed-by: Andrew Bartlett Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Jul 27 10:09:03 UTC 2021 on sn-devel-184 --- Summary of changes: lib/krb5_wrap/keytab_util.c | 197 lib/krb5_wrap/krb5_samba.h | 10 --- 2 files changed, 207 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/krb5_wrap/keytab_util.c b/lib/krb5_wrap/keytab_util.c index 5fe9216470a..ba8a79cea0a 100644 --- a/lib/krb5_wrap/keytab_util.c +++ b/lib/krb5_wrap/keytab_util.c @@ -36,202 +36,6 @@ #include "includes.h" #include "krb5_samba.h" -static krb5_boolean -compare_keyblock(const krb5_keyblock *a, const krb5_keyblock *b) -{ -if (KRB5_KEY_TYPE(a) != KRB5_KEY_TYPE(b) || -KRB5_KEY_LENGTH(a) != KRB5_KEY_LENGTH(b) || -memcmp(KRB5_KEY_DATA(a), KRB5_KEY_DATA(b), KRB5_KEY_LENGTH(a)) != 0) - return false; -return true; -} - -static krb5_error_code copy_one_entry(krb5_context context, - krb5_keytab src_keytab, - krb5_keytab dst_keytab, - krb5_keytab_entry entry) -{ -krb5_error_code ret; -krb5_keytab_entry dummy; - -char *name_str; -char *etype_str; -ret = krb5_unparse_name (context, entry.principal, _str); -if(ret) { - krb5_set_error_message(context, ret, "krb5_unparse_name"); - name_str = NULL; /* XXX */ - return ret; -} -ret = smb_krb5_enctype_to_string(context, - KRB5_KEY_TYPE(KRB5_KT_KEY()), - _str); -if(ret) { -krb5_free_unparsed_name(context, name_str); - krb5_set_error_message(context, ret, "krb5_enctype_to_string"); - etype_str = NULL; /* XXX */ - return ret; -} -ret = krb5_kt_get_entry(context, dst_keytab, - entry.principal, - entry.vno, - KRB5_KEY_TYPE(KRB5_KT_KEY()), - ); -if(ret == 0) { - /* this entry is already in the new keytab, so no need to - copy it; if the keyblocks are not the same, something - is weird, so complain about that */ - if (!compare_keyblock(KRB5_KT_KEY(), KRB5_KT_KEY())) { - DEBUG(2, ("copy_one_entry: entry with different keyvalue " - "already exists for %s, keytype %s, kvno %d", - name_str, etype_str, entry.vno)); - } - krb5_kt_free_entry(context, ); - krb5_kt_free_entry (context, ); - free(name_str); - free(etype_str); - return ret; -} else if(ret != KRB5_KT_NOTFOUND) { - krb5_set_error_message (context, ret, "fetching %s/%s/%u", - name_str, etype_str, entry.vno); - krb5_kt_free_entry (context, ); - free(name_str); - free(etype_str); - return ret; -} -ret = krb5_kt_add_entry (context, dst_keytab, ); -krb5_kt_free_entry (context, ); -if (ret) { - krb5_set_error_message (context, ret, "adding %s/%s/%u", - name_str, etype_str, entry.vno); - free(name_str); - free(etype_str); - return ret; -} -free(name_str); -free(etype_str); -return ret; -} - -krb5_error_code kt_copy(krb5_context context, const char *from, const char *to) -{ -krb5_error_code ret; -krb5_keytab src_keytab, dst_keytab; -krb5_kt_cursor cursor; -krb5_keytab_entry entry; - -ret = krb5_kt_resolve (context, from, _keytab); -if (ret) { - krb5_set_error_message (context, ret, "resolving src keytab `%s'", from); - return ret; -} - -ret = krb5_kt_resolve (context, to, _keytab); -if (ret) { - krb5_kt_close (context, src_keytab); - krb5_set_error_message (context, ret, "resolving dst keytab `%s'", to); - return ret; -} - -ret = krb5_kt_start_seq_get (context, src_keytab, ); -if (ret) { - krb5_set_error_message (context, ret, "krb5_kt_start_seq_get %s", from); - goto out; -} - -while((ret = krb5_kt_next_entry(context, src_keytab, - , )) == 0
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 44aba9c7cab nsswitch: ensure the attrlist_t array is large enough for a NULL sentinel from b5427f4ce54 WHATSNEW: samba-tool without ad-dc https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 44aba9c7cabedf7b5a01fb9c5f3099125dd70602 Author: Ralph Boehme Date: Fri Jul 9 18:20:30 2021 +0200 nsswitch: ensure the attrlist_t array is large enough for a NULL sentinel BUG: https://bugzilla.samba.org/show_bug.cgi?id=14754 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Jul 12 15:11:42 UTC 2021 on sn-devel-184 --- Summary of changes: nsswitch/winbind_nss_aix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/nsswitch/winbind_nss_aix.c b/nsswitch/winbind_nss_aix.c index 343809a4b34..f1f00e92a76 100644 --- a/nsswitch/winbind_nss_aix.c +++ b/nsswitch/winbind_nss_aix.c @@ -833,7 +833,7 @@ static attrlist_t **wb_aix_attrlist(void) logit("method attrlist called\n"); n = sizeof(attr_list) / sizeof(struct attr_types); - size = (n*sizeof(attrlist_t *)); + size = ((n + 1) * sizeof(attrlist_t *)); if ( (ret = malloc( size )) == NULL ) { errno = ENOMEM; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f9ffed06862 lib:cmdline: Also set logfile for the debug system from 9cb3e4314b0 lib: Slightly simplify server_id_set_disconnected() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f9ffed06862c222da4adcf2259bc45c18edb1dc3 Author: Andreas Schneider Date: Tue Jun 8 13:25:58 2021 +0200 lib:cmdline: Also set logfile for the debug system Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Jun 8 12:35:34 UTC 2021 on sn-devel-184 --- Summary of changes: lib/cmdline/cmdline.c | 1 + 1 file changed, 1 insertion(+) Changeset truncated at 500 lines: diff --git a/lib/cmdline/cmdline.c b/lib/cmdline/cmdline.c index aadb06c7f56..9c0a88bd452 100644 --- a/lib/cmdline/cmdline.c +++ b/lib/cmdline/cmdline.c @@ -314,6 +314,7 @@ static bool set_logfile(TALLOC_CTX *mem_ctx, TALLOC_FREE(new_logfile); return false; } + debug_set_logfile(new_logfile); TALLOC_FREE(new_logfile); return true; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 667fd04ccd5 s3:passdb: Fix 'return 1' in secrets_store_creds() from 62782a1482c lib: Fix a typo https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 667fd04ccd500bc6b5f619450b577f62d8a234ab Author: pavel.filipensky Date: Fri Apr 16 14:24:15 2021 +0200 s3:passdb: Fix 'return 1' in secrets_store_creds() The recently introduced function secrets_store_creds() should always use 'return false' in case of a failure. It is not only spelling issue since 'return 1' actually means 'return true'. Signed-off-by: Pavel Filipensky Reviewed-by: Andrew Bartlett Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Apr 20 06:42:50 UTC 2021 on sn-devel-184 --- Summary of changes: source3/passdb/secrets.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index be9cc0039d3..fdacafa11c9 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -169,7 +169,7 @@ bool secrets_store_creds(struct cli_credentials *creds) ok = secrets_store(SECRETS_AUTH_DOMAIN, p, strlen(p) + 1); if (!ok) { DBG_ERR("Failed storing auth domain name\n"); - return 1; + return false; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fbf95a641bb auth4: Remove unused auth_unix from 8e3b369c055 allow tests to be run against a PAM-less build https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fbf95a641bbb6acf83a818732b68ed1a1aa0b66d Author: Andrew Bartlett Date: Sat Apr 17 07:25:18 2021 +1200 auth4: Remove unused auth_unix auth_unix was in the source4/auth/ntlm for two reasons: - inherited from earlier Samba before the Samba4 fork - To support the ejs-backed SWAT (web administration tool) Neither of these are good reasons to keep this unused code around, there is very unlikely to be a need to support plaintext PAM authentication in this part of the code in the future. See b16362fab65d0700bd6a8cf6569a9e21c7e6b069 for some context on the historical use case. Signed-off-by: Andrew Bartlett Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Apr 19 07:07:01 UTC 2021 on sn-devel-184 --- Summary of changes: source4/auth/ntlm/auth_unix.c | 802 source4/auth/ntlm/wscript_build | 8 - 2 files changed, 810 deletions(-) delete mode 100644 source4/auth/ntlm/auth_unix.c Changeset truncated at 500 lines: diff --git a/source4/auth/ntlm/auth_unix.c b/source4/auth/ntlm/auth_unix.c deleted file mode 100644 index cfe4f1a073f..000 --- a/source4/auth/ntlm/auth_unix.c +++ /dev/null @@ -1,802 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Password and authentication handling - Copyright (C) Andrew Bartlett 2001 - Copyright (C) Jeremy Allison2001 - Copyright (C) Simo Sorce2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "auth/auth.h" -#include "auth/ntlm/auth_proto.h" -#include "system/passwd.h" /* needed by some systems for struct passwd */ -#include "lib/socket/socket.h" -#include "lib/tsocket/tsocket.h" -#include "../libcli/auth/pam_errors.h" -#include "param/param.h" -#include "lib/util/tevent_ntstatus.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_AUTH - -_PUBLIC_ NTSTATUS auth4_unix_init(TALLOC_CTX *); - -/* TODO: look at how to best fill in parms retrieveing a struct passwd info - * except in case USER_INFO_DONT_CHECK_UNIX_ACCOUNT is set - */ -static NTSTATUS authunix_make_user_info_dc(TALLOC_CTX *mem_ctx, - const char *netbios_name, - const struct auth_usersupplied_info *user_info, - struct passwd *pwd, - struct auth_user_info_dc **_user_info_dc) -{ - struct auth_user_info_dc *user_info_dc; - struct auth_user_info *info; - NTSTATUS status; - - /* This is a real, real hack */ - if (pwd->pw_uid == 0) { - status = auth_system_user_info_dc(mem_ctx, netbios_name, _info_dc); - if (!NT_STATUS_IS_OK(status)) { - return status; - } - - user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info); - NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info); - - info->account_name = talloc_steal(info, pwd->pw_name); - NT_STATUS_HAVE_NO_MEMORY(info->account_name); - - info->domain_name = talloc_strdup(info, "unix"); - NT_STATUS_HAVE_NO_MEMORY(info->domain_name); - } else { - user_info_dc = talloc(mem_ctx, struct auth_user_info_dc); - NT_STATUS_HAVE_NO_MEMORY(user_info_dc); - - user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info); - NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info); - - info->authenticated = true; - - info->account_name = talloc_steal(info, pwd->pw_name); - NT_STATUS_HAVE_NO_MEMORY(inf