[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 382a5c4e7ec smbd: Fix failure to check dstdir for delete on close via 0f67dd540fe tests: SMB2 rename fails to check del-on-close on dst dir via d680d392685 pylibsmb: Add rename() via fec5a569b6b tests: Factor out prep_creds() via 74576743969 libsmb: Make cli_nt_pipes_close() static via 47d93b02807 lib: g_lock.h references "struct server_id", add #include via 7aaefd6f467 lib: Remove unused security_descriptor_append() via b948b99c6ca build: fcvt() and fcvtl() are not used from c4d82a6b1f3 smbd: avoid a smb_fname copy in call_trans2setfilepathinfo() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 382a5c4e7ec08ec9291453ffad9541ab36aca274 Author: Volker Lendecke Date: Thu Nov 19 12:38:06 2020 +0100 smbd: Fix failure to check dstdir for delete on close In smb2_setinfo.c the call to smbd_do_setfilepathinfo() to perform the rename takes place while holding a share mode lock. The function check_parent_access() called below tries to query the destination directory's locking.tdb entry to check whether the delete on close flag is set on the destination directory. This fails because the file to be renamed already has the share mode entry locked, we can't lock two share mode entries simultaneously. Convert the check to use fetch_share_mode_unlocked(). This might introduce races, but this whole check is racy anyway. It does not really matter whether we do the check for delete_on_close under a lock or not, fetch_share_mode_unlocked() retrieves a consistent status of the locking.tdb entry at some point in time as well. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Nov 20 00:20:06 UTC 2020 on sn-devel-184 commit 0f67dd540fe11f6543ed759d3d947600c265e889 Author: Volker Lendecke Date: Tue Nov 17 15:24:43 2020 +0100 tests: SMB2 rename fails to check del-on-close on dst dir Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d680d392685b250b1bb9e879f821a348628c Author: Volker Lendecke Date: Mon Nov 16 12:41:35 2020 +0100 pylibsmb: Add rename() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit fec5a569b6be94ee7fcc2608be9ce7dbd2976871 Author: Volker Lendecke Date: Tue Nov 17 16:11:11 2020 +0100 tests: Factor out prep_creds() 3 times the same code can be put together Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 74576743969e42ba5424f0989e4e707b4264564a Author: Volker Lendecke Date: Mon Nov 9 19:32:57 2020 +0100 libsmb: Make cli_nt_pipes_close() static Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 47d93b02807caea5e9c686d95281f800b473f188 Author: Volker Lendecke Date: Wed Nov 11 16:52:07 2020 +0100 lib: g_lock.h references "struct server_id", add #include Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 7aaefd6f467569c4040592212c8fcf6fb6a1c399 Author: Volker Lendecke Date: Wed Nov 11 08:03:46 2020 +0100 lib: Remove unused security_descriptor_append() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b948b99c6ca08b436f473781a559e9976c2a4896 Author: Volker Lendecke Date: Mon Nov 16 14:37:43 2020 +0100 build: fcvt() and fcvtl() are not used No need to check for them in the configure phase Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: libcli/security/security_descriptor.c | 12 --- libcli/security/security_descriptor.h | 2 -- python/samba/tests/libsmb.py | 59 +-- source3/include/g_lock.h | 2 ++ source3/libsmb/clientgen.c| 2 +- source3/libsmb/proto.h| 1 - source3/libsmb/pylibsmb.c | 37 ++ source3/smbd/open.c | 7 - source3/wscript | 4 +-- 9 files changed, 89 insertions(+), 37 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/security/security_descriptor.c b/libcli/security/security_descriptor.c index 28c68215b8a..ba142016389 100644 --- a/libcli/security/security_descriptor.c +++ b/libcli/security/security_descriptor.c @@ -547,18 +547,6 @@ static struct security_descriptor *security_descriptor_appendv(struct security_d return sd; } -struct security_descriptor *security_descriptor_append(struct security_descriptor *sd, - ...) -{ - va_list ap; - - va_start(ap, sd); - sd = security_descriptor_appendv(sd
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c4d82a6b1f3 smbd: avoid a smb_fname copy in call_trans2setfilepathinfo() via 458c24fccd8 smbd: avoid a smb_fname copy in call_trans2qfilepathinfo() via 7f0008a992b smbd: replace calls to check_access() with smbd_check_access_rights() via ed88f59189c smbd: use SMB2_INFO_SPECIAL in call_trans2qfilepathinfo() via 5604afefb05 torture: avoid OPLOCK-CANCEL flapping on busy gitlab CI via 4dbb8fda4ee docs-xml: add "smbd force process locks" via 3b694328e43 selftest: remove selftest/knownfail.d/samba3.smbtorture_s3 from 8bc77a0f86f pylibsmb: Multi-threaded use is now possible with SMB2 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c4d82a6b1f31d0601ad4670665cd3105b92f8524 Author: Ralph Boehme Date: Tue Nov 17 11:02:31 2020 +0100 smbd: avoid a smb_fname copy in call_trans2setfilepathinfo() There's no point in doing a copy here, we can just point smb_fname at fsp->fsp_name. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Nov 19 21:24:23 UTC 2020 on sn-devel-184 commit 458c24fccd86a26710db54589ab67ae60b345576 Author: Ralph Boehme Date: Tue Oct 20 17:07:35 2020 +0200 smbd: avoid a smb_fname copy in call_trans2qfilepathinfo() No point in making a copy here. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 7f0008a992b60fda8f2eb04553b547029bb421fc Author: Ralph Boehme Date: Tue Oct 27 12:23:00 2020 +0100 smbd: replace calls to check_access() with smbd_check_access_rights() check_access() is a 1:1 wrapper arounf smbd_check_access_rights(). Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit ed88f59189cfc3cd4f0492b0812fffc04cfa6a7c Author: Ralph Boehme Date: Mon Oct 26 17:57:00 2020 +0100 smbd: use SMB2_INFO_SPECIAL in call_trans2qfilepathinfo() Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 5604afefb05b376fcc61db99441fd57367881e69 Author: Ralph Boehme Date: Mon Nov 16 10:44:48 2020 +0100 torture: avoid OPLOCK-CANCEL flapping on busy gitlab CI I saw this test fail a few times on gitlab CI with NT_STATUS_SHARING_VIOLATION: Running OPLOCK-CANCEL cli_unlink failed: NT_STATUS_SHARING_VIOLATION TEST OPLOCK-CANCEL FAILED! The only possible explanation I could come up for this flapping test is that the fnum1 filehandle in cli1 is still not closed when cli2 tries to open the file deletion 5 seconds after cli1 is thrown away. As fnum1 doesn't have FILE_SHARE_DELELE the open-for-delete fails with a SHARING_VIOLATION. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 4dbb8fda4ee9a816759e8677ad930cde16413d33 Author: Ralph Boehme Date: Mon Nov 16 11:06:08 2020 +0100 docs-xml: add "smbd force process locks" Avoid a parametric option in a hot codepath. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 3b694328e43f8c50d2967224db4c424477831468 Author: Ralph Boehme Date: Mon Oct 26 10:03:24 2020 +0100 selftest: remove selftest/knownfail.d/samba3.smbtorture_s3 This hunk was inadvertently included in 5161edbdb28. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison --- Summary of changes: .../smbdotconf/locking/force_process_locks.xml | 19 ++ selftest/knownfail.d/samba3.smbtorture_s3 | 2 -- source3/smbd/files.c | 12 +++ source3/smbd/trans2.c | 40 +- source3/torture/test_oplock_cancel.c | 2 ++ 5 files changed, 34 insertions(+), 41 deletions(-) create mode 100644 docs-xml/smbdotconf/locking/force_process_locks.xml delete mode 100644 selftest/knownfail.d/samba3.smbtorture_s3 Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/locking/force_process_locks.xml b/docs-xml/smbdotconf/locking/force_process_locks.xml new file mode 100644 index 000..f701c0a5df9 --- /dev/null +++ b/docs-xml/smbdotconf/locking/force_process_locks.xml @@ -0,0 +1,19 @@ +http://www.samba.org/samba/DTD/samba-doc";> + + + This boolean option tells smbd whether + to forcefully disable the use of Open File Description locks on Linux. + + + This option should not be changed from the default unless you know what + you're doing. + + + + +locking +no + diff --git a/selftest/knownfail.d/samba3.smbtorture_s3 b/selftest/knownfail.d/samba3.smbtorture_s3 deleted file mode 100644 index f56cf2327e9..000 --- a/selftest/knownfail.d/samba3.smbtorture_s3 +++ /dev/null @@ -1,2 +0,0 @@ -^samb
[SCM] Samba Shared Repository - branch v4-12-test updated
The branch, v4-12-test has been updated via b3665f70109 vfs_shadow_copy2: Preserve all open flags assuming ROFS via 58eaf85bd92 s3: spoolss: Make parameters in call to user_ok_token() match all other uses. via dcce5e5bf67 s3: smbd: Don't overwrite contents of fsp->aio_requests[0] with NULL via TALLOC_FREE(). via 4873f377e75 interface: fix if_index is not parsed correctly via a6782e76046 s3: modules: gluster. Fix the error I made in preventing talloc leaks from a function. via 8136ade13f8 libcli: smb2: Never print length if smb2_signing_key_valid() fails for crypto blob. from 9215dc9dc69 s3-vfs_glusterfs: always disable write-behind translator https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-test - Log - commit b3665f70109b634564974de966d255807c0547f0 Author: Anoop C S Date: Thu Nov 12 20:27:24 2020 +0530 vfs_shadow_copy2: Preserve all open flags assuming ROFS Instead of replacing open flags with just O_RDONLY, filter out all those flags unrelated to a Read Only File System BUG: https://bugzilla.samba.org/show_bug.cgi?id=14573 Signed-off-by: Anoop C S Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Thu Nov 12 17:23:19 UTC 2020 on sn-devel-184 (cherry picked from commit e9e06a11daf036abf7a7022ebc8eaefde178aa52) Autobuild-User(v4-12-test): Karolin Seeger Autobuild-Date(v4-12-test): Thu Nov 19 14:09:43 UTC 2020 on sn-devel-184 commit 58eaf85bd924f4f9264d677486c0122a5a2c9f9f Author: Jeremy Allison Date: Thu Nov 5 15:48:08 2020 -0800 s3: spoolss: Make parameters in call to user_ok_token() match all other uses. We already have p->session_info->unix_info->unix_name, we don't need to go through a legacy call to uidtoname(p->session_info->unix_token->uid). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14568 Signed-off-by: Jeremy Allison Reviewed-by: Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Mon Nov 9 04:10:45 UTC 2020 on sn-devel-184 (cherry picked from commit e5e1759057a767f517bf480a2172a36623df2799) commit dcce5e5bf679e8d9afeb9bb9455da2c98b3ae7b2 Author: Jeremy Allison Date: Sat Sep 26 22:14:33 2020 -0700 s3: smbd: Don't overwrite contents of fsp->aio_requests[0] with NULL via TALLOC_FREE(). They may have been carefully set by the aio_del_req_from_fsp() destructor so we must not overwrite here. Found via some *amazing* debugging work from Ashok Ramakrishnan . BUG: https://bugzilla.samba.org/show_bug.cgi?id=14515 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Wed Sep 30 11:18:43 UTC 2020 on sn-devel-184 (cherry picked from commit fca8cb63762faff54cda243c1ed8217b36333131) commit 4873f377e75d5104b4ca2afbc36783b850463eb0 Author: Jones Syue Date: Mon Sep 28 09:10:03 2020 +0800 interface: fix if_index is not parsed correctly Replace probed_ifaces[i] with ifs. In SDC 2020 SMB3 Virtual IO Lab, run Windows Protocol Test Suite to test FileServer multichannel test cases. Samba server has 2 virtual interfaces for VPN connection: > name=tun2001, ip/mask=192.168.144.9/22 > name=tun2002, ip/mask=192.168.144.10/22 test suite client can ping these 2 ip addresses and browse shares. Then client try to use IOCTL FSCTL_QUERY_NETWORK_INTERFACE_INFO to get the virtual ip addresses of samba server, but samba server responded it without the virtual ip addresses. My VPN setup is point-to-point and the virtual interfaces 'tun2001' & 'tun2002' are without flag IFF_BROADCAST. So edit smb.conf and add "interfaces = ${virtual_ip}/${mask_length};if_index=${id}", like this: > interfaces = eth4 eth8 eth11 eth10 qvs0 "192.168.144.9/22;if_index=50" "192.168.144.10/22;if_index=51" then samba server IOCTL response could return the virtual ip addresses, but found a issue: the interface index of virtual ip addresses is always 4294967295 (0x, -1). Quote Metze: https://gitlab.com/samba-team/devel/samba/-/commit/6cadb55d975a6348a417caed8b3258f5be2acba4#note_419181789 This looks good, I think that also explains the possible memory corruption/crash I mentioned in the bug report. As 'i' is most likely the same as 'total_probed' and probed_ifaces[i] is not valid, so we overwrite unrelated memory. Later I see 'realloc(): invalid pointer' and this backtrace: BACKTRACE: #0 log_stack_trace + 0x29 [ip=0x7f2f1b6fffa9] [sp=0x7ffcd0ab53e0] #1 smb_panic + 0x11 [ip=0x7f2f1b700301] [sp=0x7ffcd0ab5d10] #2 sig_fault + 0x54 [ip=0x7f2f1b7004f4] [sp=0x7ffcd0ab5e20] #3 funlockfile + 0x50 [ip=0x7f2f17ce6dd0] [sp=0x
[SCM] Samba Shared Repository - branch v4-11-test updated
The branch, v4-11-test has been updated via 49710332b59 s3: modules: gluster. Fix the error I made in preventing talloc leaks from a function. from 09da9690e93 VERSION: Bump version up to 4.11.17... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-11-test - Log - commit 49710332b5937bb7490db87b803faeaf8ca5190b Author: Jeremy Allison Date: Tue Nov 10 10:18:18 2020 -0800 s3: modules: gluster. Fix the error I made in preventing talloc leaks from a function. file_lines_parse() plays horrible tricks with the passed-in talloc pointers and the hierarcy which makes freeing hard to get right. As we know mem_ctx is freed by the caller, after calling file_lines_parse don't free on exit and let the caller handle it. This violates good Samba coding practice but we know we're not leaking here. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486 Signed-off-by: Jeremy Allison Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Nov 11 15:02:27 UTC 2020 on sn-devel-184 (cherry picked from commit 457b49c67803dd95abc8502c2a410fac273f6fba) Autobuild-User(v4-11-test): Karolin Seeger Autobuild-Date(v4-11-test): Thu Nov 19 12:38:34 UTC 2020 on sn-devel-184 --- Summary of changes: source3/modules/vfs_glusterfs.c | 20 1 file changed, 12 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index 747176ecebb..190235cf8ae 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -315,15 +315,25 @@ static int check_for_write_behind_translator(TALLOC_CTX *mem_ctx, return -1; } + /* +* file_lines_parse() plays horrible tricks with +* the passed-in talloc pointers and the hierarcy +* which makes freeing hard to get right. +* +* As we know mem_ctx is freed by the caller, after +* this point don't free on exit and let the caller +* handle it. This violates good Samba coding practice +* but we know we're not leaking here. +*/ + lines = file_lines_parse(buf, newlen, &numlines, mem_ctx); if (lines == NULL || numlines <= 0) { - TALLOC_FREE(option); - TALLOC_FREE(buf); return -1; } + /* On success, buf is now a talloc child of lines !! */ for (i=0; i < numlines; i++) { if (strequal(lines[i], option)) { @@ -338,15 +348,9 @@ static int check_for_write_behind_translator(TALLOC_CTX *mem_ctx, "Please check the vfs_glusterfs(8) manpage for " "further details.\n", volume); - TALLOC_FREE(lines); - TALLOC_FREE(option); - TALLOC_FREE(buf); return -1; } - TALLOC_FREE(lines); - TALLOC_FREE(option); - TALLOC_FREE(buf); return 0; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-13-test updated
The branch, v4-13-test has been updated via 8c82d0fd49b vfs_shadow_copy2: Preserve all open flags assuming ROFS via 7e9d27271db s3: spoolss: Make parameters in call to user_ok_token() match all other uses. via 61c8a44895e s3: smbd: Don't overwrite contents of fsp->aio_requests[0] with NULL via TALLOC_FREE(). via 68f19debb74 interface: fix if_index is not parsed correctly via 76f07c13cd6 s3: modules: gluster. Fix the error I made in preventing talloc leaks from a function. via c58689c9aad libcli: smb2: Never print length if smb2_signing_key_valid() fails for crypto blob. from 4337a6378db s3-vfs_glusterfs: always disable write-behind translator https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test - Log - commit 8c82d0fd49b0406b34e60f49fd4c3b2ff95cb049 Author: Anoop C S Date: Thu Nov 12 20:27:24 2020 +0530 vfs_shadow_copy2: Preserve all open flags assuming ROFS Instead of replacing open flags with just O_RDONLY, filter out all those flags unrelated to a Read Only File System BUG: https://bugzilla.samba.org/show_bug.cgi?id=14573 Signed-off-by: Anoop C S Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Thu Nov 12 17:23:19 UTC 2020 on sn-devel-184 (cherry picked from commit e9e06a11daf036abf7a7022ebc8eaefde178aa52) Autobuild-User(v4-13-test): Karolin Seeger Autobuild-Date(v4-13-test): Thu Nov 19 11:24:37 UTC 2020 on sn-devel-184 commit 7e9d27271db00db8610eeabdebb49d59f03345ac Author: Jeremy Allison Date: Thu Nov 5 15:48:08 2020 -0800 s3: spoolss: Make parameters in call to user_ok_token() match all other uses. We already have p->session_info->unix_info->unix_name, we don't need to go through a legacy call to uidtoname(p->session_info->unix_token->uid). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14568 Signed-off-by: Jeremy Allison Reviewed-by: Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Mon Nov 9 04:10:45 UTC 2020 on sn-devel-184 (cherry picked from commit e5e1759057a767f517bf480a2172a36623df2799) commit 61c8a44895ea5e4bd42d1447384005d89f5327e6 Author: Jeremy Allison Date: Sat Sep 26 22:14:33 2020 -0700 s3: smbd: Don't overwrite contents of fsp->aio_requests[0] with NULL via TALLOC_FREE(). They may have been carefully set by the aio_del_req_from_fsp() destructor so we must not overwrite here. Found via some *amazing* debugging work from Ashok Ramakrishnan . BUG: https://bugzilla.samba.org/show_bug.cgi?id=14515 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Wed Sep 30 11:18:43 UTC 2020 on sn-devel-184 (cherry picked from commit fca8cb63762faff54cda243c1ed8217b36333131) commit 68f19debb7453a83d1837c4a0595f7d433b562c0 Author: Jones Syue Date: Mon Sep 28 09:10:03 2020 +0800 interface: fix if_index is not parsed correctly Replace probed_ifaces[i] with ifs. In SDC 2020 SMB3 Virtual IO Lab, run Windows Protocol Test Suite to test FileServer multichannel test cases. Samba server has 2 virtual interfaces for VPN connection: > name=tun2001, ip/mask=192.168.144.9/22 > name=tun2002, ip/mask=192.168.144.10/22 test suite client can ping these 2 ip addresses and browse shares. Then client try to use IOCTL FSCTL_QUERY_NETWORK_INTERFACE_INFO to get the virtual ip addresses of samba server, but samba server responded it without the virtual ip addresses. My VPN setup is point-to-point and the virtual interfaces 'tun2001' & 'tun2002' are without flag IFF_BROADCAST. So edit smb.conf and add "interfaces = ${virtual_ip}/${mask_length};if_index=${id}", like this: > interfaces = eth4 eth8 eth11 eth10 qvs0 "192.168.144.9/22;if_index=50" "192.168.144.10/22;if_index=51" then samba server IOCTL response could return the virtual ip addresses, but found a issue: the interface index of virtual ip addresses is always 4294967295 (0x, -1). Quote Metze: https://gitlab.com/samba-team/devel/samba/-/commit/6cadb55d975a6348a417caed8b3258f5be2acba4#note_419181789 This looks good, I think that also explains the possible memory corruption/crash I mentioned in the bug report. As 'i' is most likely the same as 'total_probed' and probed_ifaces[i] is not valid, so we overwrite unrelated memory. Later I see 'realloc(): invalid pointer' and this backtrace: BACKTRACE: #0 log_stack_trace + 0x29 [ip=0x7f2f1b6fffa9] [sp=0x7ffcd0ab53e0] #1 smb_panic + 0x11 [ip=0x7f2f1b700301] [sp=0x7ffcd0ab5d10] #2 sig_fault + 0x54 [ip=0x7f2f1b7004f4] [sp=0x7ffcd0ab5e20] #3 funlockfile + 0x50 [ip=0x7f2f17ce6dd0] [sp=0x