The branch, v4-1-test has been updated via dd83f1d s3: modules: streaminfo: As we have no VFS function SMB_VFS_LLISTXATTR we can't cope with a symlink when lp_posix_pathnames() is true. via 6763283 s3: vfs_dirsort module. via 9cb8ae1 s3: vfs_dirsort module. via 4ce9501 smbd: Fix an ancient oplock bug via b5253bf vfs_btrfs: pass-through copy-chunk(len=0) requests via 1271434 smbd/smb2_ioctl: fail zero length copy chunk requests via 3a3d027 torture: add zero length FSCTL_SRV_COPYCHUNK test via 6265959 kdc: Add belts-and-braces check that we fail if the hdb version changes via 593ce2a Support for Heimdal's unified krb5 and hdb plugin system. via 68dc374 Cope with first element in hdb_method having a different name in different heimdal versions. via 3f09c5c smbd: Fix memory overwrites from dc58296 s3-winbind: Improve performance of wb_fill_pwent_sid2uid_done().
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log ----------------------------------------------------------------- commit dd83f1d98ae5a822ed4b000f3eb5e84f1d9f2a4d Author: Jeremy Allison <j...@samba.org> Date: Fri Feb 7 10:19:26 2014 -0800 s3: modules: streaminfo: As we have no VFS function SMB_VFS_LLISTXATTR we can't cope with a symlink when lp_posix_pathnames() is true. Fix bug : Bug 10429 - samba returns STATUS_OBJECT_NAME_NOT_FOUND when attempting to remove dangling symlink https://bugzilla.samba.org/show_bug.cgi?id=10429 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Jeff Layton <jlay...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Feb 8 00:01:16 CET 2014 on sn-devel-104 (cherry picked from commit 17adbbcad7e401dd544dfa76f7ec9aeb6a847381) Autobuild-User(v4-1-test): Karolin Seeger <ksee...@samba.org> Autobuild-Date(v4-1-test): Fri Feb 14 22:30:55 CET 2014 on sn-devel-104 commit 6763283ef3c512c1d3b92cbc532c33dd646d46fd Author: Jeremy Allison <j...@samba.org> Date: Tue Feb 11 10:39:04 2014 -0800 s3: vfs_dirsort module. Add raw.search torture test on a share definition with: vfs objects = dirsort https://bugzilla.samba.org/show_bug.cgi?id=10406 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> (cherry picked from commit 30cc8f41da58b87ff575860b7cde640520829923) commit 9cb8ae1de2649f5f7993c799ea7c655f167403d1 Author: Jeremy Allison <j...@samba.org> Date: Wed Jan 29 17:01:30 2014 -0800 s3: vfs_dirsort module. Allow dirsort to work when multiple simultaneous directories are open. The old code only keeps one active private data pointer on the connection struct, opening a second directory on the same connection will overwrite it. This modification turns the private data pointer into a linked list of open directories on the connection struct, and finds the correct one by searching on the passed in DIR *. With this code in place, smbd passes raw.search torture test on a share definition with: vfs objects = dirsort https://bugzilla.samba.org/show_bug.cgi?id=10406 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> (cherry picked from commit fd79652b0e598882e0c4d156bd897c29dae8ec04) commit 4ce9501d4d4aed8db3a666b77b556b97f8693014 Author: Volker Lendecke <v...@samba.org> Date: Wed Sep 4 13:57:00 2013 +0200 smbd: Fix an ancient oplock bug If we get an oplock break response, we forgot to remove the oplock break timeout. Found by stopping raw.oplock.exclusive5 after the 2nd open and watching a debug level 10 log. This amends 08a9de89 from 2007. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> (cherry picked from commit 0670975261c5f29394f9e9d25f899a7de948dad1) Fix bug #10436 - cancel fsp->oplock_timeout in downgrade_file_oplock(). commit b5253bf2dc1c9729551f8b4adc5fe77dcc922bb0 Author: David Disseldorp <dd...@samba.org> Date: Thu Feb 6 20:12:22 2014 +0100 vfs_btrfs: pass-through copy-chunk(len=0) requests Never map copy-chunk(len=0) requests to BTRFS_IOC_CLONE_RANGE ioctls. A BTRFS_IOC_CLONE_RANGE with @src_length=0 results in a clone of all data from @src_offset->EOF! BUG: https://bugzilla.samba.org/show_bug.cgi?id=10424 Signed-off-by: David Disseldorp <dd...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> (cherry picked from commit 3be664969d4de41ebb4778caabce8bcf5e303064) commit 1271434175a3858abbb3aed88d0bd3ee2eb302a7 Author: David Disseldorp <dd...@samba.org> Date: Thu Feb 6 20:12:21 2014 +0100 smbd/smb2_ioctl: fail zero length copy chunk requests As documented in MS-SMB2 3.3.5.15.6 Handling a Server-Side Data Copy Request, an invalid parameter response should be sent when: The Length value in a single chunk is greater than ServerSideCopyMaxChunkSize or *equal to zero*. We do not currently abide by the latter part of this clause. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10424 Signed-off-by: David Disseldorp <dd...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> (cherry picked from commit 00906f9604ad3e633e3d3cbc8d9dc4e2e305a455) commit 3a3d0272b1c479080cb73010a2a6b2ab6f8ed660 Author: David Disseldorp <dd...@samba.org> Date: Thu Feb 6 20:12:20 2014 +0100 torture: add zero length FSCTL_SRV_COPYCHUNK test Windows Server 2012 returns NT_STATUS_INVALID_PARAMETER for FSCTL_SRV_COPYCHUNK requests that include a server-side copy length of zero, in line with MS-SMB2 3.3.5.15.6. We should match this behaviour, so test for it. Signed-off-by: David Disseldorp <dd...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> (cherry picked from commit 54d07da81e181072b530e88b42d0d0d17fe60df0) commit 6265959f5b50c059b5cd3750354750cce12bf48a Author: Andrew Bartlett <abart...@samba.org> Date: Tue Jan 14 11:23:04 2014 +1300 kdc: Add belts-and-braces check that we fail if the hdb version changes This checks both if host system run-time Heimdal has changed version, and that the build-time version is supported. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-By: Jelmer Vernooij <jel...@samba.org> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Mon Jan 20 22:26:49 CET 2014 on sn-devel-104 (cherry picked from commit e758f4111356fafce5b5c8393648c9ea5c400601) The last 3 patches address bug #10418 - INTERNAL ERROR: Signal 11 in the kdc pid. commit 593ce2a7bd16492d7d8840433a2973b7404fe53e Author: Jeffrey Clark <d...@zaplabs.com> Date: Fri Jan 10 17:20:14 2014 -0600 Support for Heimdal's unified krb5 and hdb plugin system. Fixes exportkeytab and a kdc crash when building against heimdal master. Bug-Debian: http://bugs.debian.org/732342 Reviewed-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Jelmer Vernooij <jel...@samba.org> (cherry picked from commit 368208069e33a6d9b78a90f7326d5ac1bdd204f7) commit 68dc374c931fecdb15cd1df844d03559bca42308 Author: Jelmer Vernooij <jel...@samba.org> Date: Sat Nov 23 19:46:29 2013 +0000 Cope with first element in hdb_method having a different name in different heimdal versions. It's called `interface_version` in older Heimdal versions and `version` in newer versions. Signed-off-by: Jelmer Vernooij <jel...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Thu Nov 28 04:17:55 CET 2013 on sn-devel-104 (cherry picked from commit 92489bfed4e6350b6858d5e39d538f41768912ae) commit 3f09c5ca2b281b6eb6b3eeb1170d79c5a42a361a Author: Volker Lendecke <v...@samba.org> Date: Fri Feb 7 16:37:38 2014 +0100 smbd: Fix memory overwrites SIVAL writes 32 bit, not 16 Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Michael Adam <ob...@samba.org> Autobuild-User(master): Michael Adam <ob...@samba.org> Autobuild-Date(master): Fri Feb 7 20:07:23 CET 2014 on sn-devel-104 (cherry picked from commit 9088bde059e93a84745ec2158e2e640b5bb13844) Fix bug #10415 - *** glibc detected *** /usr/sbin/smbd: free(): invalid next size (fast). ----------------------------------------------------------------------- Summary of changes: selftest/target/Samba3.pm | 4 + source3/modules/vfs_btrfs.c | 22 ++++++- source3/modules/vfs_dirsort.c | 119 ++++++++++++++++++++++++++++++++-- source3/modules/vfs_streams_depot.c | 13 ++++- source3/modules/vfs_streams_xattr.c | 13 ++++- source3/selftest/tests.py | 5 ++ source3/smbd/oplock.c | 2 + source3/smbd/smb2_ioctl_network_fs.c | 21 +++++- source4/kdc/hdb-samba4-plugin.c | 24 +++++++- source4/kdc/hdb-samba4.c | 5 ++ source4/torture/smb2/ioctl.c | 64 ++++++++++++++++++ 11 files changed, 278 insertions(+), 14 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 9a6c86f..bc07403 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -1020,6 +1020,10 @@ sub provision($$$$$$) [tmp] path = $shrdir comment = smb username is [%U] +[tmpsort] + path = $shrdir + comment = Load dirsort module + vfs objects = dirsort acl_xattr fake_acls xattr_tdb streams_depot [tmpenc] path = $shrdir comment = encrypt smb username is [%U] diff --git a/source3/modules/vfs_btrfs.c b/source3/modules/vfs_btrfs.c index f854f2a..4ecf7ab 100644 --- a/source3/modules/vfs_btrfs.c +++ b/source3/modules/vfs_btrfs.c @@ -66,6 +66,27 @@ static struct tevent_req *btrfs_copy_chunk_send(struct vfs_handle_struct *handle } cc_state->handle = handle; + if (num == 0) { + /* + * With a @src_length of zero, BTRFS_IOC_CLONE_RANGE clones + * all data from @src_offset->EOF! This is certainly not what + * the caller expects, and not what vfs_default does. + */ + cc_state->subreq = SMB_VFS_NEXT_COPY_CHUNK_SEND(handle, + cc_state, ev, + src_fsp, + src_off, + dest_fsp, + dest_off, num); + if (tevent_req_nomem(cc_state->subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(cc_state->subreq, + btrfs_copy_chunk_done, + req); + return req; + } + status = vfs_stat_fsp(src_fsp); if (tevent_req_nterror(req, status)) { return tevent_req_post(req, ev); @@ -137,7 +158,6 @@ static struct tevent_req *btrfs_copy_chunk_send(struct vfs_handle_struct *handle btrfs_copy_chunk_done, req); return req; - } DEBUG(5, ("BTRFS_IOC_CLONE_RANGE returned %d\n", ret)); diff --git a/source3/modules/vfs_dirsort.c b/source3/modules/vfs_dirsort.c index 2c25765..98109c2 100644 --- a/source3/modules/vfs_dirsort.c +++ b/source3/modules/vfs_dirsort.c @@ -28,6 +28,7 @@ static int compare_dirent (const struct dirent *da, const struct dirent *db) } struct dirsort_privates { + struct dirsort_privates *prev, *next; long pos; struct dirent *directory_list; unsigned int number_of_entries; @@ -37,10 +38,6 @@ struct dirsort_privates { struct smb_filename *smb_fname; /* If open via OPENDIR */ }; -static void free_dirsort_privates(void **datap) { - TALLOC_FREE(*datap); -} - static bool get_sorted_dir_mtime(vfs_handle_struct *handle, struct dirsort_privates *data, struct timespec *ret_mtime) @@ -119,8 +116,15 @@ static DIR *dirsort_opendir(vfs_handle_struct *handle, const char *fname, const char *mask, uint32 attr) { + struct dirsort_privates *list_head = NULL; struct dirsort_privates *data = NULL; + if (SMB_VFS_HANDLE_TEST_DATA(handle)) { + /* Find the list head of all open directories. */ + SMB_VFS_HANDLE_GET_DATA(handle, list_head, struct dirsort_privates, + return NULL); + } + /* set up our private data about this directory */ data = talloc_zero(handle->conn, struct dirsort_privates); if (!data) { @@ -148,7 +152,9 @@ static DIR *dirsort_opendir(vfs_handle_struct *handle, return NULL; } - SMB_VFS_HANDLE_SET_DATA(handle, data, free_dirsort_privates, + /* Add to the private list of all open directories. */ + DLIST_ADD(list_head, data); + SMB_VFS_HANDLE_SET_DATA(handle, list_head, NULL, struct dirsort_privates, return NULL); return data->source_directory; @@ -159,8 +165,15 @@ static DIR *dirsort_fdopendir(vfs_handle_struct *handle, const char *mask, uint32 attr) { + struct dirsort_privates *list_head = NULL; struct dirsort_privates *data = NULL; + if (SMB_VFS_HANDLE_TEST_DATA(handle)) { + /* Find the list head of all open directories. */ + SMB_VFS_HANDLE_GET_DATA(handle, list_head, struct dirsort_privates, + return NULL); + } + /* set up our private data about this directory */ data = talloc_zero(handle->conn, struct dirsort_privates); if (!data) { @@ -186,7 +199,9 @@ static DIR *dirsort_fdopendir(vfs_handle_struct *handle, return NULL; } - SMB_VFS_HANDLE_SET_DATA(handle, data, free_dirsort_privates, + /* Add to the private list of all open directories. */ + DLIST_ADD(list_head, data); + SMB_VFS_HANDLE_SET_DATA(handle, list_head, NULL, struct dirsort_privates, return NULL); return data->source_directory; @@ -202,12 +217,20 @@ static struct dirent *dirsort_readdir(vfs_handle_struct *handle, SMB_VFS_HANDLE_GET_DATA(handle, data, struct dirsort_privates, return NULL); + while(data && (data->source_directory != dirp)) { + data = data->next; + } + if (data == NULL) { + return NULL; + } + if (get_sorted_dir_mtime(handle, data, ¤t_mtime) == false) { return NULL; } /* throw away cache and re-read the directory if we've changed */ - if (timespec_compare(¤t_mtime, &data->mtime) > 1) { + if (timespec_compare(¤t_mtime, &data->mtime)) { + SMB_VFS_NEXT_REWINDDIR(handle, data->source_directory); open_and_sort_dir(handle, data); } @@ -221,10 +244,53 @@ static struct dirent *dirsort_readdir(vfs_handle_struct *handle, static void dirsort_seekdir(vfs_handle_struct *handle, DIR *dirp, long offset) { + struct timespec current_mtime; struct dirsort_privates *data = NULL; + SMB_VFS_HANDLE_GET_DATA(handle, data, struct dirsort_privates, return); + /* Find the entry holding dirp. */ + while(data && (data->source_directory != dirp)) { + data = data->next; + } + if (data == NULL) { + return; + } + if (offset > data->number_of_entries) { + return; + } data->pos = offset; + + if (get_sorted_dir_mtime(handle, data, ¤t_mtime) == false) { + return; + } + + if (timespec_compare(¤t_mtime, &data->mtime)) { + /* Directory changed. We must re-read the + cache and search for the name that was + previously stored at the offset being + requested, otherwise after the re-sort + we will point to the wrong entry. The + OS/2 incremental delete code relies on + this. */ + unsigned int i; + char *wanted_name = talloc_strdup(handle->conn, + data->directory_list[offset].d_name); + if (wanted_name == NULL) { + return; + } + SMB_VFS_NEXT_REWINDDIR(handle, data->source_directory); + open_and_sort_dir(handle, data); + /* Now search for where we were. */ + data->pos = 0; + for (i = 0; i < data->number_of_entries; i++) { + if(strcmp(wanted_name, data->directory_list[i].d_name) == 0) { + data->pos = i; + break; + } + } + TALLOC_FREE(wanted_name); + } } static long dirsort_telldir(vfs_handle_struct *handle, DIR *dirp) @@ -233,6 +299,13 @@ static long dirsort_telldir(vfs_handle_struct *handle, DIR *dirp) SMB_VFS_HANDLE_GET_DATA(handle, data, struct dirsort_privates, return -1); + /* Find the entry holding dirp. */ + while(data && (data->source_directory != dirp)) { + data = data->next; + } + if (data == NULL) { + return -1; + } return data->pos; } @@ -241,9 +314,40 @@ static void dirsort_rewinddir(vfs_handle_struct *handle, DIR *dirp) struct dirsort_privates *data = NULL; SMB_VFS_HANDLE_GET_DATA(handle, data, struct dirsort_privates, return); + /* Find the entry holding dirp. */ + while(data && (data->source_directory != dirp)) { + data = data->next; + } + if (data == NULL) { + return; + } data->pos = 0; } +static int dirsort_closedir(vfs_handle_struct *handle, DIR *dirp) +{ + struct dirsort_privates *list_head = NULL; + struct dirsort_privates *data = NULL; + int ret; + + SMB_VFS_HANDLE_GET_DATA(handle, list_head, struct dirsort_privates, return -1); + /* Find the entry holding dirp. */ + for(data = list_head; data && (data->source_directory != dirp); data = data->next) { + ; + } + if (data == NULL) { + return -1; + } + /* Remove from the list and re-store the list head. */ + DLIST_REMOVE(list_head, data); + SMB_VFS_HANDLE_SET_DATA(handle, list_head, NULL, + struct dirsort_privates, return -1); + + ret = SMB_VFS_NEXT_CLOSEDIR(handle, dirp); + TALLOC_FREE(data); + return ret; +} + static struct vfs_fn_pointers vfs_dirsort_fns = { .opendir_fn = dirsort_opendir, .fdopendir_fn = dirsort_fdopendir, @@ -251,6 +355,7 @@ static struct vfs_fn_pointers vfs_dirsort_fns = { .seekdir_fn = dirsort_seekdir, .telldir_fn = dirsort_telldir, .rewind_dir_fn = dirsort_rewinddir, + .closedir_fn = dirsort_closedir, }; NTSTATUS vfs_dirsort_init(void) diff --git a/source3/modules/vfs_streams_depot.c b/source3/modules/vfs_streams_depot.c index 3ada92e..3ce7067 100644 --- a/source3/modules/vfs_streams_depot.c +++ b/source3/modules/vfs_streams_depot.c @@ -879,8 +879,19 @@ static NTSTATUS streams_depot_streaminfo(vfs_handle_struct *handle, state.handle = handle; state.status = NT_STATUS_OK; - status = walk_streams(handle, smb_fname_base, NULL, collect_one_stream, + if (S_ISLNK(smb_fname_base->st.st_ex_mode)) { + /* + * Currently we do't have SMB_VFS_LLISTXATTR + * inside the VFS which means there's no way + * to cope with a symlink when lp_posix_pathnames(). + * returns true. For now ignore links. + * FIXME - by adding SMB_VFS_LLISTXATTR. JRA. + */ + status = NT_STATUS_OK; + } else { + status = walk_streams(handle, smb_fname_base, NULL, collect_one_stream, &state); + } if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(state.streams); diff --git a/source3/modules/vfs_streams_xattr.c b/source3/modules/vfs_streams_xattr.c index 355c47c..5e9bd3e 100644 --- a/source3/modules/vfs_streams_xattr.c +++ b/source3/modules/vfs_streams_xattr.c @@ -793,8 +793,19 @@ static NTSTATUS streams_xattr_streaminfo(vfs_handle_struct *handle, state.handle = handle; state.status = NT_STATUS_OK; - status = walk_xattr_streams(handle->conn, fsp, fname, + if (S_ISLNK(sbuf.st_ex_mode)) { + /* + * Currently we do't have SMB_VFS_LLISTXATTR + * inside the VFS which means there's no way + * to cope with a symlink when lp_posix_pathnames(). + * returns true. For now ignore links. + * FIXME - by adding SMB_VFS_LLISTXATTR. JRA. + */ + status = NT_STATUS_OK; + } else { + status = walk_xattr_streams(handle->conn, fsp, fname, collect_one_stream, &state); + } if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(state.streams); diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 31a1b67..85d67d6 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -353,6 +353,11 @@ for t in tests: plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/aio -U$USERNAME%$PASSWORD', 'aio') plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') + elif t == "raw.search": + plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') +# test the dirsort module. + plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmpsort -U$USERNAME%$PASSWORD') + plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') else: plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c index 05b0d0b..f2d39b8 100644 --- a/source3/smbd/oplock.c +++ b/source3/smbd/oplock.c @@ -150,6 +150,8 @@ static void downgrade_file_oplock(files_struct *fsp) sconn->oplocks.exclusive_open--; sconn->oplocks.level_II_open++; fsp->sent_oplock_break = NO_BREAK_SENT; + + TALLOC_FREE(fsp->oplock_timeout); } /**************************************************************************** diff --git a/source3/smbd/smb2_ioctl_network_fs.c b/source3/smbd/smb2_ioctl_network_fs.c index 1e1e3e5..49c2715 100644 --- a/source3/smbd/smb2_ioctl_network_fs.c +++ b/source3/smbd/smb2_ioctl_network_fs.c @@ -46,16 +46,31 @@ static NTSTATUS copychunk_check_limits(struct srv_copychunk_copy *cc_copy) uint32_t i; uint32_t total_len = 0; + /* + * [MS-SMB2] 3.3.5.15.6 Handling a Server-Side Data Copy Request + * Send and invalid parameter response if: + * - The ChunkCount value is greater than + * ServerSideCopyMaxNumberofChunks + */ if (cc_copy->chunk_count > COPYCHUNK_MAX_CHUNKS) { return NT_STATUS_INVALID_PARAMETER; } for (i = 0; i < cc_copy->chunk_count; i++) { - if (cc_copy->chunks[i].length > COPYCHUNK_MAX_CHUNK_LEN) { + /* + * - The Length value in a single chunk is greater than + * ServerSideCopyMaxChunkSize or equal to zero. + */ + if ((cc_copy->chunks[i].length == 0) + || (cc_copy->chunks[i].length > COPYCHUNK_MAX_CHUNK_LEN)) { return NT_STATUS_INVALID_PARAMETER; } total_len += cc_copy->chunks[i].length; } + /* + * - Sum of Lengths in all chunks is greater than + * ServerSideCopyMaxDataSize + */ if (total_len > COPYCHUNK_MAX_TOTAL_LEN) { return NT_STATUS_INVALID_PARAMETER; } @@ -394,8 +409,8 @@ static NTSTATUS fsctl_validate_neg_info(TALLOC_CTX *mem_ctx, SIVAL(out_output->data, 0x00, conn->smb2.server.capabilities); memcpy(out_output->data+0x04, out_guid_blob.data, 16); - SIVAL(out_output->data, 0x14, conn->smb2.server.security_mode); - SIVAL(out_output->data, 0x16, conn->smb2.server.dialect); + SSVAL(out_output->data, 0x14, conn->smb2.server.security_mode); + SSVAL(out_output->data, 0x16, conn->smb2.server.dialect); return NT_STATUS_OK; } diff --git a/source4/kdc/hdb-samba4-plugin.c b/source4/kdc/hdb-samba4-plugin.c index 568386d..6f76124 100644 --- a/source4/kdc/hdb-samba4-plugin.c +++ b/source4/kdc/hdb-samba4-plugin.c @@ -60,6 +60,8 @@ static krb5_error_code hdb_samba4_create(krb5_context context, struct HDB **db, if (NT_STATUS_IS_OK(nt_status)) { return 0; + } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ERROR_DS_INCOMPATIBLE_VERSION)) { + return EINVAL; } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_CANT_ACCESS_DOMAIN_INFO)) { krb5_set_error_message(context, EINVAL, "Failed to open Samba4 LDB at %s", lpcfg_private_path(base_ctx, base_ctx->lp_ctx, "sam.ldb")); @@ -70,6 +72,22 @@ static krb5_error_code hdb_samba4_create(krb5_context context, struct HDB **db, return EINVAL; } +#if (HDB_INTERFACE_VERSION != 8 && HDB_INTERFACE_VERSION != 7) +#error "Unsupported Heimdal HDB version" +#endif + +#if HDB_INTERFACE_VERSION >= 8 +static krb5_error_code hdb_samba4_init(krb5_context context, void **ctx) +{ + *ctx = NULL; + return 0; +} + +static void hdb_samba4_fini(void *ctx) +{ +} +#endif + /* Only used in the hdb-backed keytab code * for a keytab of 'samba4&<address>' or samba4, to find * kpasswd's key in the main DB, and to @@ -78,7 +96,11 @@ static krb5_error_code hdb_samba4_create(krb5_context context, struct HDB **db, * The <address> is the string form of a pointer to a talloced struct hdb_samba_context */ struct hdb_method hdb_samba4_interface = { - .interface_version = HDB_INTERFACE_VERSION, + HDB_INTERFACE_VERSION, +#if HDB_INTERFACE_VERSION >= 8 + .init = hdb_samba4_init, + .fini = hdb_samba4_fini, +#endif .prefix = "samba4", .create = hdb_samba4_create }; diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c index 6a9e558..4519fb9 100644 --- a/source4/kdc/hdb-samba4.c +++ b/source4/kdc/hdb-samba4.c @@ -176,6 +176,11 @@ NTSTATUS hdb_samba4_create_kdc(struct samba_kdc_base_context *base_ctx, struct samba_kdc_db_context *kdc_db_ctx; NTSTATUS nt_status; + if (hdb_interface_version != HDB_INTERFACE_VERSION) { + krb5_set_error_message(context, EINVAL, "Heimdal HDB interface version mismatch between build-time and run-time libraries!"); + return NT_STATUS_ERROR_DS_INCOMPATIBLE_VERSION; + } + *db = talloc(base_ctx, HDB); if (!*db) { krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); diff --git a/source4/torture/smb2/ioctl.c b/source4/torture/smb2/ioctl.c index 501b233..561f45a 100644 --- a/source4/torture/smb2/ioctl.c +++ b/source4/torture/smb2/ioctl.c @@ -1543,6 +1543,68 @@ static bool test_ioctl_copy_chunk_max_output_sz(struct torture_context *torture, return true; } +static bool test_ioctl_copy_chunk_zero_length(struct torture_context *torture, + struct smb2_tree *tree) +{ + struct smb2_handle src_h; + struct smb2_handle dest_h; + NTSTATUS status; + union smb_ioctl ioctl; + union smb_fileinfo q; + TALLOC_CTX *tmp_ctx = talloc_new(tree); + struct srv_copychunk_copy cc_copy; + struct srv_copychunk_rsp cc_rsp; + enum ndr_err_code ndr_ret; + bool ok; + + ok = test_setup_copy_chunk(torture, tree, tmp_ctx, + 1, /* 1 chunk */ + &src_h, 4096, /* fill 4096 byte src file */ + SEC_RIGHTS_FILE_ALL, + &dest_h, 0, /* 0 byte dest file */ + SEC_RIGHTS_FILE_ALL, + &cc_copy, + &ioctl); + if (!ok) { + torture_fail(torture, "setup copy chunk error"); + } + + /* zero length server-side copy (via a single chunk desc) */ + cc_copy.chunks[0].source_off = 0; + cc_copy.chunks[0].target_off = 0; -- Samba Shared Repository