[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 382a5c4e7ec smbd: Fix failure to check dstdir for delete on close
via 0f67dd540fe tests: SMB2 rename fails to check del-on-close on dst
dir
via d680d392685 pylibsmb: Add rename()
via fec5a569b6b tests: Factor out prep_creds()
via 74576743969 libsmb: Make cli_nt_pipes_close() static
via 47d93b02807 lib: g_lock.h references "struct server_id", add
#include
via 7aaefd6f467 lib: Remove unused security_descriptor_append()
via b948b99c6ca build: fcvt() and fcvtl() are not used
from c4d82a6b1f3 smbd: avoid a smb_fname copy in
call_trans2setfilepathinfo()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 382a5c4e7ec08ec9291453ffad9541ab36aca274
Author: Volker Lendecke
Date: Thu Nov 19 12:38:06 2020 +0100
smbd: Fix failure to check dstdir for delete on close
In smb2_setinfo.c the call to smbd_do_setfilepathinfo() to perform the
rename takes place while holding a share mode lock. The function
check_parent_access() called below tries to query the destination
directory's locking.tdb entry to check whether the delete on close
flag is set on the destination directory. This fails because the
file to be renamed already has the share mode entry locked, we can't
lock two share mode entries simultaneously.
Convert the check to use fetch_share_mode_unlocked(). This might
introduce races, but this whole check is racy anyway. It does not
really matter whether we do the check for delete_on_close under a lock
or not, fetch_share_mode_unlocked() retrieves a consistent status of
the locking.tdb entry at some point in time as well.
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
Autobuild-User(master): Jeremy Allison
Autobuild-Date(master): Fri Nov 20 00:20:06 UTC 2020 on sn-devel-184
commit 0f67dd540fe11f6543ed759d3d947600c265e889
Author: Volker Lendecke
Date: Tue Nov 17 15:24:43 2020 +0100
tests: SMB2 rename fails to check del-on-close on dst dir
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
commit d680d392685b250b1bb9e879f821a348628c
Author: Volker Lendecke
Date: Mon Nov 16 12:41:35 2020 +0100
pylibsmb: Add rename()
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
commit fec5a569b6be94ee7fcc2608be9ce7dbd2976871
Author: Volker Lendecke
Date: Tue Nov 17 16:11:11 2020 +0100
tests: Factor out prep_creds()
3 times the same code can be put together
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
commit 74576743969e42ba5424f0989e4e707b4264564a
Author: Volker Lendecke
Date: Mon Nov 9 19:32:57 2020 +0100
libsmb: Make cli_nt_pipes_close() static
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
commit 47d93b02807caea5e9c686d95281f800b473f188
Author: Volker Lendecke
Date: Wed Nov 11 16:52:07 2020 +0100
lib: g_lock.h references "struct server_id", add #include
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
commit 7aaefd6f467569c4040592212c8fcf6fb6a1c399
Author: Volker Lendecke
Date: Wed Nov 11 08:03:46 2020 +0100
lib: Remove unused security_descriptor_append()
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
commit b948b99c6ca08b436f473781a559e9976c2a4896
Author: Volker Lendecke
Date: Mon Nov 16 14:37:43 2020 +0100
build: fcvt() and fcvtl() are not used
No need to check for them in the configure phase
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
---
Summary of changes:
libcli/security/security_descriptor.c | 12 ---
libcli/security/security_descriptor.h | 2 --
python/samba/tests/libsmb.py | 59 +--
source3/include/g_lock.h | 2 ++
source3/libsmb/clientgen.c| 2 +-
source3/libsmb/proto.h| 1 -
source3/libsmb/pylibsmb.c | 37 ++
source3/smbd/open.c | 7 -
source3/wscript | 4 +--
9 files changed, 89 insertions(+), 37 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/security/security_descriptor.c
b/libcli/security/security_descriptor.c
index 28c68215b8a..ba142016389 100644
--- a/libcli/security/security_descriptor.c
+++ b/libcli/security/security_descriptor.c
@@ -547,18 +547,6 @@ static struct security_descriptor
*security_descriptor_appendv(struct security_d
return sd;
}
-struct security_descriptor *security_descriptor_append(struct
security_descriptor *sd,
- ...)
-{
- va_list ap;
-
- va_start(ap, sd);
- sd = security_descriptor_appendv(sd
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c4d82a6b1f3 smbd: avoid a smb_fname copy in call_trans2setfilepathinfo() via 458c24fccd8 smbd: avoid a smb_fname copy in call_trans2qfilepathinfo() via 7f0008a992b smbd: replace calls to check_access() with smbd_check_access_rights() via ed88f59189c smbd: use SMB2_INFO_SPECIAL in call_trans2qfilepathinfo() via 5604afefb05 torture: avoid OPLOCK-CANCEL flapping on busy gitlab CI via 4dbb8fda4ee docs-xml: add "smbd force process locks" via 3b694328e43 selftest: remove selftest/knownfail.d/samba3.smbtorture_s3 from 8bc77a0f86f pylibsmb: Multi-threaded use is now possible with SMB2 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c4d82a6b1f31d0601ad4670665cd3105b92f8524 Author: Ralph Boehme Date: Tue Nov 17 11:02:31 2020 +0100 smbd: avoid a smb_fname copy in call_trans2setfilepathinfo() There's no point in doing a copy here, we can just point smb_fname at fsp->fsp_name. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Nov 19 21:24:23 UTC 2020 on sn-devel-184 commit 458c24fccd86a26710db54589ab67ae60b345576 Author: Ralph Boehme Date: Tue Oct 20 17:07:35 2020 +0200 smbd: avoid a smb_fname copy in call_trans2qfilepathinfo() No point in making a copy here. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 7f0008a992b60fda8f2eb04553b547029bb421fc Author: Ralph Boehme Date: Tue Oct 27 12:23:00 2020 +0100 smbd: replace calls to check_access() with smbd_check_access_rights() check_access() is a 1:1 wrapper arounf smbd_check_access_rights(). Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit ed88f59189cfc3cd4f0492b0812fffc04cfa6a7c Author: Ralph Boehme Date: Mon Oct 26 17:57:00 2020 +0100 smbd: use SMB2_INFO_SPECIAL in call_trans2qfilepathinfo() Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 5604afefb05b376fcc61db99441fd57367881e69 Author: Ralph Boehme Date: Mon Nov 16 10:44:48 2020 +0100 torture: avoid OPLOCK-CANCEL flapping on busy gitlab CI I saw this test fail a few times on gitlab CI with NT_STATUS_SHARING_VIOLATION: Running OPLOCK-CANCEL cli_unlink failed: NT_STATUS_SHARING_VIOLATION TEST OPLOCK-CANCEL FAILED! The only possible explanation I could come up for this flapping test is that the fnum1 filehandle in cli1 is still not closed when cli2 tries to open the file deletion 5 seconds after cli1 is thrown away. As fnum1 doesn't have FILE_SHARE_DELELE the open-for-delete fails with a SHARING_VIOLATION. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 4dbb8fda4ee9a816759e8677ad930cde16413d33 Author: Ralph Boehme Date: Mon Nov 16 11:06:08 2020 +0100 docs-xml: add "smbd force process locks" Avoid a parametric option in a hot codepath. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 3b694328e43f8c50d2967224db4c424477831468 Author: Ralph Boehme Date: Mon Oct 26 10:03:24 2020 +0100 selftest: remove selftest/knownfail.d/samba3.smbtorture_s3 This hunk was inadvertently included in 5161edbdb28. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison --- Summary of changes: .../smbdotconf/locking/force_process_locks.xml | 19 ++ selftest/knownfail.d/samba3.smbtorture_s3 | 2 -- source3/smbd/files.c | 12 +++ source3/smbd/trans2.c | 40 +- source3/torture/test_oplock_cancel.c | 2 ++ 5 files changed, 34 insertions(+), 41 deletions(-) create mode 100644 docs-xml/smbdotconf/locking/force_process_locks.xml delete mode 100644 selftest/knownfail.d/samba3.smbtorture_s3 Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/locking/force_process_locks.xml b/docs-xml/smbdotconf/locking/force_process_locks.xml new file mode 100644 index 000..f701c0a5df9 --- /dev/null +++ b/docs-xml/smbdotconf/locking/force_process_locks.xml @@ -0,0 +1,19 @@ +http://www.samba.org/samba/DTD/samba-doc";> + + + This boolean option tells smbd whether + to forcefully disable the use of Open File Description locks on Linux. + + + This option should not be changed from the default unless you know what + you're doing. + + + + +locking +no + diff --git a/selftest/knownfail.d/samba3.smbtorture_s3 b/selftest/knownfail.d/samba3.smbtorture_s3 deleted file mode 100644 index f56cf2327e9..000 --- a/selftest/knownfail.d/samba3.smbtorture_s3 +++ /dev/null @@ -1,2 +0,0 @@ -^samb
[SCM] Samba Shared Repository - branch v4-12-test updated
The branch, v4-12-test has been updated
via b3665f70109 vfs_shadow_copy2: Preserve all open flags assuming ROFS
via 58eaf85bd92 s3: spoolss: Make parameters in call to user_ok_token()
match all other uses.
via dcce5e5bf67 s3: smbd: Don't overwrite contents of
fsp->aio_requests[0] with NULL via TALLOC_FREE().
via 4873f377e75 interface: fix if_index is not parsed correctly
via a6782e76046 s3: modules: gluster. Fix the error I made in
preventing talloc leaks from a function.
via 8136ade13f8 libcli: smb2: Never print length if
smb2_signing_key_valid() fails for crypto blob.
from 9215dc9dc69 s3-vfs_glusterfs: always disable write-behind translator
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-test
- Log -
commit b3665f70109b634564974de966d255807c0547f0
Author: Anoop C S
Date: Thu Nov 12 20:27:24 2020 +0530
vfs_shadow_copy2: Preserve all open flags assuming ROFS
Instead of replacing open flags with just O_RDONLY, filter out all those
flags unrelated to a Read Only File System
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14573
Signed-off-by: Anoop C S
Reviewed-by: Ralph Boehme
Autobuild-User(master): Ralph Böhme
Autobuild-Date(master): Thu Nov 12 17:23:19 UTC 2020 on sn-devel-184
(cherry picked from commit e9e06a11daf036abf7a7022ebc8eaefde178aa52)
Autobuild-User(v4-12-test): Karolin Seeger
Autobuild-Date(v4-12-test): Thu Nov 19 14:09:43 UTC 2020 on sn-devel-184
commit 58eaf85bd924f4f9264d677486c0122a5a2c9f9f
Author: Jeremy Allison
Date: Thu Nov 5 15:48:08 2020 -0800
s3: spoolss: Make parameters in call to user_ok_token() match all other
uses.
We already have p->session_info->unix_info->unix_name, we don't
need to go through a legacy call to
uidtoname(p->session_info->unix_token->uid).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14568
Signed-off-by: Jeremy Allison
Reviewed-by: Andrew Bartlett
Autobuild-User(master): Andrew Bartlett
Autobuild-Date(master): Mon Nov 9 04:10:45 UTC 2020 on sn-devel-184
(cherry picked from commit e5e1759057a767f517bf480a2172a36623df2799)
commit dcce5e5bf679e8d9afeb9bb9455da2c98b3ae7b2
Author: Jeremy Allison
Date: Sat Sep 26 22:14:33 2020 -0700
s3: smbd: Don't overwrite contents of fsp->aio_requests[0] with NULL via
TALLOC_FREE().
They may have been carefully set by the aio_del_req_from_fsp()
destructor so we must not overwrite here.
Found via some *amazing* debugging work from Ashok Ramakrishnan
.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14515
Signed-off-by: Jeremy Allison
Reviewed-by: Ralph Boehme
Autobuild-User(master): Ralph Böhme
Autobuild-Date(master): Wed Sep 30 11:18:43 UTC 2020 on sn-devel-184
(cherry picked from commit fca8cb63762faff54cda243c1ed8217b36333131)
commit 4873f377e75d5104b4ca2afbc36783b850463eb0
Author: Jones Syue
Date: Mon Sep 28 09:10:03 2020 +0800
interface: fix if_index is not parsed correctly
Replace probed_ifaces[i] with ifs.
In SDC 2020 SMB3 Virtual IO Lab,
run Windows Protocol Test Suite to test FileServer multichannel test cases.
Samba server has 2 virtual interfaces for VPN connection:
> name=tun2001, ip/mask=192.168.144.9/22
> name=tun2002, ip/mask=192.168.144.10/22
test suite client can ping these 2 ip addresses and browse shares.
Then client try to use IOCTL FSCTL_QUERY_NETWORK_INTERFACE_INFO to get the
virtual ip addresses of samba server, but samba server responded it
without the virtual ip addresses. My VPN setup is point-to-point and the
virtual interfaces 'tun2001' & 'tun2002' are without flag IFF_BROADCAST.
So edit smb.conf and add
"interfaces = ${virtual_ip}/${mask_length};if_index=${id}", like this:
> interfaces = eth4 eth8 eth11 eth10 qvs0 "192.168.144.9/22;if_index=50"
"192.168.144.10/22;if_index=51"
then samba server IOCTL response could return the virtual ip addresses,
but found a issue:
the interface index of virtual ip addresses is always 4294967295
(0x, -1).
Quote Metze:
https://gitlab.com/samba-team/devel/samba/-/commit/6cadb55d975a6348a417caed8b3258f5be2acba4#note_419181789
This looks good, I think that also explains
the possible memory corruption/crash I mentioned in the bug report.
As 'i' is most likely the same as 'total_probed' and
probed_ifaces[i] is not valid, so we overwrite unrelated memory.
Later I see 'realloc(): invalid pointer' and this backtrace:
BACKTRACE:
#0 log_stack_trace + 0x29 [ip=0x7f2f1b6fffa9] [sp=0x7ffcd0ab53e0]
#1 smb_panic + 0x11 [ip=0x7f2f1b700301] [sp=0x7ffcd0ab5d10]
#2 sig_fault + 0x54 [ip=0x7f2f1b7004f4] [sp=0x7ffcd0ab5e20]
#3 funlockfile + 0x50 [ip=0x7f2f17ce6dd0] [sp=0x
[SCM] Samba Shared Repository - branch v4-11-test updated
The branch, v4-11-test has been updated
via 49710332b59 s3: modules: gluster. Fix the error I made in
preventing talloc leaks from a function.
from 09da9690e93 VERSION: Bump version up to 4.11.17...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-11-test
- Log -
commit 49710332b5937bb7490db87b803faeaf8ca5190b
Author: Jeremy Allison
Date: Tue Nov 10 10:18:18 2020 -0800
s3: modules: gluster. Fix the error I made in preventing talloc leaks from
a function.
file_lines_parse() plays horrible tricks with
the passed-in talloc pointers and the hierarcy
which makes freeing hard to get right.
As we know mem_ctx is freed by the caller, after
calling file_lines_parse don't free on exit and let the caller
handle it. This violates good Samba coding practice
but we know we're not leaking here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486
Signed-off-by: Jeremy Allison
Reviewed-by: Guenther Deschner
Autobuild-User(master): Günther Deschner
Autobuild-Date(master): Wed Nov 11 15:02:27 UTC 2020 on sn-devel-184
(cherry picked from commit 457b49c67803dd95abc8502c2a410fac273f6fba)
Autobuild-User(v4-11-test): Karolin Seeger
Autobuild-Date(v4-11-test): Thu Nov 19 12:38:34 UTC 2020 on sn-devel-184
---
Summary of changes:
source3/modules/vfs_glusterfs.c | 20
1 file changed, 12 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c
index 747176ecebb..190235cf8ae 100644
--- a/source3/modules/vfs_glusterfs.c
+++ b/source3/modules/vfs_glusterfs.c
@@ -315,15 +315,25 @@ static int check_for_write_behind_translator(TALLOC_CTX
*mem_ctx,
return -1;
}
+ /*
+* file_lines_parse() plays horrible tricks with
+* the passed-in talloc pointers and the hierarcy
+* which makes freeing hard to get right.
+*
+* As we know mem_ctx is freed by the caller, after
+* this point don't free on exit and let the caller
+* handle it. This violates good Samba coding practice
+* but we know we're not leaking here.
+*/
+
lines = file_lines_parse(buf,
newlen,
&numlines,
mem_ctx);
if (lines == NULL || numlines <= 0) {
- TALLOC_FREE(option);
- TALLOC_FREE(buf);
return -1;
}
+ /* On success, buf is now a talloc child of lines !! */
for (i=0; i < numlines; i++) {
if (strequal(lines[i], option)) {
@@ -338,15 +348,9 @@ static int check_for_write_behind_translator(TALLOC_CTX
*mem_ctx,
"Please check the vfs_glusterfs(8) manpage for "
"further details.\n",
volume);
- TALLOC_FREE(lines);
- TALLOC_FREE(option);
- TALLOC_FREE(buf);
return -1;
}
- TALLOC_FREE(lines);
- TALLOC_FREE(option);
- TALLOC_FREE(buf);
return 0;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-13-test updated
The branch, v4-13-test has been updated
via 8c82d0fd49b vfs_shadow_copy2: Preserve all open flags assuming ROFS
via 7e9d27271db s3: spoolss: Make parameters in call to user_ok_token()
match all other uses.
via 61c8a44895e s3: smbd: Don't overwrite contents of
fsp->aio_requests[0] with NULL via TALLOC_FREE().
via 68f19debb74 interface: fix if_index is not parsed correctly
via 76f07c13cd6 s3: modules: gluster. Fix the error I made in
preventing talloc leaks from a function.
via c58689c9aad libcli: smb2: Never print length if
smb2_signing_key_valid() fails for crypto blob.
from 4337a6378db s3-vfs_glusterfs: always disable write-behind translator
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test
- Log -
commit 8c82d0fd49b0406b34e60f49fd4c3b2ff95cb049
Author: Anoop C S
Date: Thu Nov 12 20:27:24 2020 +0530
vfs_shadow_copy2: Preserve all open flags assuming ROFS
Instead of replacing open flags with just O_RDONLY, filter out all those
flags unrelated to a Read Only File System
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14573
Signed-off-by: Anoop C S
Reviewed-by: Ralph Boehme
Autobuild-User(master): Ralph Böhme
Autobuild-Date(master): Thu Nov 12 17:23:19 UTC 2020 on sn-devel-184
(cherry picked from commit e9e06a11daf036abf7a7022ebc8eaefde178aa52)
Autobuild-User(v4-13-test): Karolin Seeger
Autobuild-Date(v4-13-test): Thu Nov 19 11:24:37 UTC 2020 on sn-devel-184
commit 7e9d27271db00db8610eeabdebb49d59f03345ac
Author: Jeremy Allison
Date: Thu Nov 5 15:48:08 2020 -0800
s3: spoolss: Make parameters in call to user_ok_token() match all other
uses.
We already have p->session_info->unix_info->unix_name, we don't
need to go through a legacy call to
uidtoname(p->session_info->unix_token->uid).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14568
Signed-off-by: Jeremy Allison
Reviewed-by: Andrew Bartlett
Autobuild-User(master): Andrew Bartlett
Autobuild-Date(master): Mon Nov 9 04:10:45 UTC 2020 on sn-devel-184
(cherry picked from commit e5e1759057a767f517bf480a2172a36623df2799)
commit 61c8a44895ea5e4bd42d1447384005d89f5327e6
Author: Jeremy Allison
Date: Sat Sep 26 22:14:33 2020 -0700
s3: smbd: Don't overwrite contents of fsp->aio_requests[0] with NULL via
TALLOC_FREE().
They may have been carefully set by the aio_del_req_from_fsp()
destructor so we must not overwrite here.
Found via some *amazing* debugging work from Ashok Ramakrishnan
.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14515
Signed-off-by: Jeremy Allison
Reviewed-by: Ralph Boehme
Autobuild-User(master): Ralph Böhme
Autobuild-Date(master): Wed Sep 30 11:18:43 UTC 2020 on sn-devel-184
(cherry picked from commit fca8cb63762faff54cda243c1ed8217b36333131)
commit 68f19debb7453a83d1837c4a0595f7d433b562c0
Author: Jones Syue
Date: Mon Sep 28 09:10:03 2020 +0800
interface: fix if_index is not parsed correctly
Replace probed_ifaces[i] with ifs.
In SDC 2020 SMB3 Virtual IO Lab,
run Windows Protocol Test Suite to test FileServer multichannel test cases.
Samba server has 2 virtual interfaces for VPN connection:
> name=tun2001, ip/mask=192.168.144.9/22
> name=tun2002, ip/mask=192.168.144.10/22
test suite client can ping these 2 ip addresses and browse shares.
Then client try to use IOCTL FSCTL_QUERY_NETWORK_INTERFACE_INFO to get the
virtual ip addresses of samba server, but samba server responded it
without the virtual ip addresses. My VPN setup is point-to-point and the
virtual interfaces 'tun2001' & 'tun2002' are without flag IFF_BROADCAST.
So edit smb.conf and add
"interfaces = ${virtual_ip}/${mask_length};if_index=${id}", like this:
> interfaces = eth4 eth8 eth11 eth10 qvs0 "192.168.144.9/22;if_index=50"
"192.168.144.10/22;if_index=51"
then samba server IOCTL response could return the virtual ip addresses,
but found a issue:
the interface index of virtual ip addresses is always 4294967295
(0x, -1).
Quote Metze:
https://gitlab.com/samba-team/devel/samba/-/commit/6cadb55d975a6348a417caed8b3258f5be2acba4#note_419181789
This looks good, I think that also explains
the possible memory corruption/crash I mentioned in the bug report.
As 'i' is most likely the same as 'total_probed' and
probed_ifaces[i] is not valid, so we overwrite unrelated memory.
Later I see 'realloc(): invalid pointer' and this backtrace:
BACKTRACE:
#0 log_stack_trace + 0x29 [ip=0x7f2f1b6fffa9] [sp=0x7ffcd0ab53e0]
#1 smb_panic + 0x11 [ip=0x7f2f1b700301] [sp=0x7ffcd0ab5d10]
#2 sig_fault + 0x54 [ip=0x7f2f1b7004f4] [sp=0x7ffcd0ab5e20]
#3 funlockfile + 0x50 [ip=0x7f2f17ce6dd0] [sp=0x
