The branch, v4-4-test has been updated via 1a36149 WHATSNEW: Start release notes for Samba 4.4.3. via 06343ea configure: Don't check for inotify on illumos via 969ddf1 nwrap: Fix the build on Solaris via 13d563a smbd: Avoid large reads beyond EOF via a4c00ce Fix the smb2_setinfo to handle FS info types and FSQUOTA infolevel from 2184ae7 cleanupd: restart as needed
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-4-test - Log ----------------------------------------------------------------- commit 1a36149a9bfe8d1060257aef66e6ae28723bb6a1 Author: Karolin Seeger <ksee...@samba.org> Date: Thu Apr 28 11:15:24 2016 +0200 WHATSNEW: Start release notes for Samba 4.4.3. Signed-off-by: Karolin Seeger <ksee...@samba.org> Autobuild-User(v4-4-test): Karolin Seeger <ksee...@samba.org> Autobuild-Date(v4-4-test): Fri Apr 29 01:48:35 CEST 2016 on sn-devel-144 commit 06343eadebb68ed04968627a4163ba00f5e2f91e Author: Jorge Schrauwen <sjo...@blackdot.be> Date: Sun Apr 3 11:43:50 2016 +0200 configure: Don't check for inotify on illumos Bug: https://bugzilla.samba.org/show_bug.cgi?id=11816 Reviewed-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> (cherry picked from commit 94f31295b12b20a68d596929ea428eb36f8c0d82) commit 969ddf12550e3c995a9bc2c016638874d8cef50b Author: Volker Lendecke <v...@samba.org> Date: Mon Apr 4 13:43:02 2016 +0200 nwrap: Fix the build on Solaris BUG: https://bugzilla.samba.org/show_bug.cgi?id=11816 Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Volker Lendecke <v...@samba.org> Autobuild-Date(master): Tue Apr 5 08:57:06 CEST 2016 on sn-devel-144 (cherry picked from commit ff6b49beeb5df30f4e243a97d2e6218ec497e9ad) commit 13d563abeedc608e65878aa0fcb735afb022b791 Author: Volker Lendecke <v...@samba.org> Date: Wed Apr 27 12:15:37 2016 +0200 smbd: Avoid large reads beyond EOF With unix extensions and oplocks=no mount.cifs from jessie reads beyond the file end forever, and we are happy to return zeros.... BUG: https://bugzilla.samba.org/show_bug.cgi?id=11878 Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Apr 27 23:57:56 CEST 2016 on sn-devel-144 (cherry picked from commit 10b0a8baa25fab70df8e6c5f0048ce0963211517) commit a4c00ce2795da4d5623ae6709926777f06bb5d8e Author: Partha Sarathi <par...@exablox.com> Date: Thu Apr 14 12:39:05 2016 +0000 Fix the smb2_setinfo to handle FS info types and FSQUOTA infolevel BUG: https://bugzilla.samba.org/show_bug.cgi?id=11819 Signed-off-by: Partha Sarathi <par...@exablox.com> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Uri Simchoni <u...@samba.org> Autobuild-User(master): Uri Simchoni <u...@samba.org> Autobuild-Date(master): Wed Apr 27 05:39:01 CEST 2016 on sn-devel-144 (cherry picked from commit 07e2f4731e5819a893c4675d93fede5ea261bed7) ----------------------------------------------------------------------- Summary of changes: WHATSNEW.txt | 97 ++++++++++++++++++++-- lib/nss_wrapper/wscript | 2 +- source3/smbd/globals.h | 7 ++ source3/smbd/reply.c | 10 +++ source3/smbd/smb2_setinfo.c | 18 +++++ source3/smbd/trans2.c | 143 +++++++++++++++++++++------------ source3/wscript | 11 ++- source4/ntvfs/sysdep/wscript_configure | 13 ++- 8 files changed, 234 insertions(+), 67 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index cea4492..4a10fc5 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,86 @@ ============================= + Release Notes for Samba 4.4.3 + , 2016 + ============================= + + +This is the latest stable release of Samba 4.4. + + +Changes since 4.4.2: +-------------------- + +o Michael Adam <ob...@samba.org> + * BUG 11786: idmap_hash: Only allow the hash module for default idmap config. + +o Jeremy Allison <j...@samba.org> + * BUG 11822: s3: libsmb: Fix error where short name length was read as 2 + bytes, should be 1. + +o Andrew Bartlett <abart...@samba.org> + * BUG 11789: Fix returning of ldb.MessageElement. + +o Ralph Boehme <s...@samba.org> + * BUG 11855: cleanupd: Restart as needed. + +o Günther Deschner <g...@samba.org> + * BUG 11786: s3:winbindd:idmap: check loadparm in domain_has_idmap_config() + helper as well. + * BUG 11789: libsmb/pysmb: Add pytalloc-util dependency to fix the build. + +o Volker Lendecke <v...@samba.org> + * BUG 11786: winbind: Fix CID 1357100: Unchecked return value. + * BUG 11816: nwrap: Fix the build on Solaris. + * BUG 11827: vfs_catia: Fix memleak. + * BUG 11878: smbd: Avoid large reads beyond EOF. + +o Stefan Metzmacher <me...@samba.org> + * BUG 11789: s3:wscript: pylibsmb depends on pycredentials. + +o Tom Mortensen <t...@lime-technology.com> + * BUG 11875: nss_wins: Fix the hostent setup. + +o Garming Sam <garm...@catalyst.net.nz> + * BUG 11789: build: Mark explicit dependencies on pytalloc-util. + +o Partha Sarathi <par...@exablox.com> + * BUG 11819: Fix the smb2_setinfo to handle FS info types and FSQUOTA + infolevel. + +o Jorge Schrauwen <sjo...@blackdot.be> + * BUG 11816: configure: Don't check for inotify on illumos. + +o Uri Simchoni <u...@samba.org> + * BUG 11806: vfs_acl_common: Avoid setting POSIX ACLs if "ignore system acls" + is set. + * BUG 11815: smbcquotas: print "NO LIMIT" only if returned quota value is 0. + * BUG 11852: libads: Record session expiry for spnego sasl binds. + + +####################################### +Reporting bugs & Development Discussion +####################################### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +====================================================================== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +====================================================================== + + +Release notes for older releases follow: +---------------------------------------- + + ============================= Release Notes for Samba 4.4.2 April 12, 2016 ============================= @@ -16,8 +98,9 @@ o Stefan Metzmacher <me...@samba.org> * Bug 11804 - prerequisite backports for the security release on April 12th, 2016 -Release notes for the original 4.4.1 release follows: ------------------------------------------------------ + +----------------------------------------------------------------------- + ============================= Release Notes for Samba 4.4.1 @@ -544,12 +627,14 @@ database (https://bugzilla.samba.org/). ====================================================================== -Release notes for older releases follow: ----------------------------------------- +---------------------------------------------------------------------- -Release Announcements -===================== + ============================= + Release Notes for Samba 4.4.0 + March 22, 2016 + ============================= + This is the first stable release of the Samba 4.4 release series. diff --git a/lib/nss_wrapper/wscript b/lib/nss_wrapper/wscript index 6c3d7f7..c727980 100644 --- a/lib/nss_wrapper/wscript +++ b/lib/nss_wrapper/wscript @@ -62,7 +62,7 @@ def configure(conf): define='HAVE_SOLARIS_GETPWUID_R', headers='unistd.h pwd.h') conf.CHECK_C_PROTOTYPE('getgrent_r', 'struct group *getgrent_r(struct group *src, char *buf, int buflen)', - define='SOLARIS_GETGRENT_R', headers='unistd.h grp.h') + define='HAVE_SOLARIS_GETGRENT_R', headers='unistd.h grp.h') conf.CHECK_C_PROTOTYPE('getgrnam_r', 'int getgrnam_r(const char *name, struct group *grp, char *buf, int buflen, struct group **pgrp)', define='HAVE_SOLARIS_GETGRNAM_R', headers='unistd.h grp.h') diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h index c843f5a..15f29a8 100644 --- a/source3/smbd/globals.h +++ b/source3/smbd/globals.h @@ -140,6 +140,13 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, char **ppdata, unsigned int *pdata_size); +NTSTATUS smbd_do_setfsinfo(connection_struct *conn, + struct smb_request *req, + TALLOC_CTX *mem_ctx, + uint16_t info_level, + files_struct *fsp, + const DATA_BLOB *pdata); + NTSTATUS smbd_do_setfilepathinfo(connection_struct *conn, struct smb_request *req, TALLOC_CTX *mem_ctx, diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 77d5b6e..bfa64a3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4074,6 +4074,16 @@ normal_read: uint8_t headerbuf[smb_size + 2*12 + 1 /* padding byte */]; ssize_t ret; + if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) || + (startpos > fsp->fsp_name->st.st_ex_size) || + (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) { + /* + * We already know that we would do a short + * read, so don't try the sendfile() path. + */ + goto nosendfile_read; + } + construct_reply_common_req(req, (char *)headerbuf); setup_readX_header(req, (char *)headerbuf, smb_maxcnt); diff --git a/source3/smbd/smb2_setinfo.c b/source3/smbd/smb2_setinfo.c index 9361aea..a9196fe 100644 --- a/source3/smbd/smb2_setinfo.c +++ b/source3/smbd/smb2_setinfo.c @@ -530,6 +530,24 @@ static struct tevent_req *smbd_smb2_setinfo_send(TALLOC_CTX *mem_ctx, break; } + case 0x02:/* SMB2_SETINFO_FS */ + { + uint16_t file_info_level = in_file_info_class + 1000; + + status = smbd_do_setfsinfo(conn, smbreq, state, + file_info_level, + fsp, + &in_input_buffer); + if (!NT_STATUS_IS_OK(status)) { + if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_LEVEL)) { + status = NT_STATUS_INVALID_INFO_CLASS; + } + tevent_req_nterror(req, status); + return tevent_req_post(req, ev); + } + break; + } + case 0x03:/* SMB2_SETINFO_SECURITY */ { if (!CAN_WRITE(conn)) { diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index b65f581..1780d6f 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -3930,6 +3930,86 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned return status; } +static NTSTATUS smb_set_fsquota(connection_struct *conn, + struct smb_request *req, + files_struct *fsp, + const DATA_BLOB *qdata) +{ + NTSTATUS status; + SMB_NTQUOTA_STRUCT quotas; + + ZERO_STRUCT(quotas); + + /* access check */ + if ((get_current_uid(conn) != 0) || !CAN_WRITE(conn)) { + DEBUG(3, ("set_fsquota: access_denied service [%s] user [%s]\n", + lp_servicename(talloc_tos(), SNUM(conn)), + conn->session_info->unix_info->unix_name)); + return NT_STATUS_ACCESS_DENIED; + } + + if (!check_fsp_ntquota_handle(conn, req, + fsp)) { + DEBUG(1, ("set_fsquota: no valid QUOTA HANDLE\n")); + return NT_STATUS_INVALID_HANDLE; + } + + /* note: normally there're 48 bytes, + * but we didn't use the last 6 bytes for now + * --metze + */ + if (qdata->length < 42) { + DEBUG(0,("set_fsquota: requires total_data(%u) >= 42 bytes!\n", + (unsigned int)qdata->length)); + return NT_STATUS_INVALID_PARAMETER; + } + + /* unknown_1 24 NULL bytes in pdata*/ + + /* the soft quotas 8 bytes (uint64_t)*/ + quotas.softlim = BVAL(qdata->data,24); + + /* the hard quotas 8 bytes (uint64_t)*/ + quotas.hardlim = BVAL(qdata->data,32); + + /* quota_flags 2 bytes **/ + quotas.qflags = SVAL(qdata->data,40); + + /* unknown_2 6 NULL bytes follow*/ + + /* now set the quotas */ + if (vfs_set_ntquota(fsp, SMB_USER_FS_QUOTA_TYPE, NULL, "as)!=0) { + DEBUG(1, ("vfs_set_ntquota() failed for service [%s]\n", + lp_servicename(talloc_tos(), SNUM(conn)))); + status = map_nt_error_from_unix(errno); + } else { + status = NT_STATUS_OK; + } + return status; +} + +NTSTATUS smbd_do_setfsinfo(connection_struct *conn, + struct smb_request *req, + TALLOC_CTX *mem_ctx, + uint16_t info_level, + files_struct *fsp, + const DATA_BLOB *pdata) +{ + switch (info_level) { + case SMB_FS_QUOTA_INFORMATION: + { + return smb_set_fsquota(conn, + req, + fsp, + pdata); + } + + default: + break; + } + return NT_STATUS_INVALID_LEVEL; +} + /**************************************************************************** Reply to a TRANS2_QFSINFO (query filesystem info). ****************************************************************************/ @@ -4157,63 +4237,22 @@ static void call_trans2setfsinfo(connection_struct *conn, case SMB_FS_QUOTA_INFORMATION: { + NTSTATUS status; + DATA_BLOB qdata = { + .data = (uint8_t *)pdata, + .length = total_data + }; files_struct *fsp = NULL; - SMB_NTQUOTA_STRUCT quotas; - - ZERO_STRUCT(quotas); - - /* access check */ - if ((get_current_uid(conn) != 0) || !CAN_WRITE(conn)) { - DEBUG(0,("set_user_quota: access_denied service [%s] user [%s]\n", - lp_servicename(talloc_tos(), SNUM(conn)), - conn->session_info->unix_info->unix_name)); - reply_nterror(req, NT_STATUS_ACCESS_DENIED); - return; - } - - /* note: normally there're 48 bytes, - * but we didn't use the last 6 bytes for now - * --metze - */ fsp = file_fsp(req, SVAL(params,0)); - if (!check_fsp_ntquota_handle(conn, req, - fsp)) { - DEBUG(3,("TRANSACT_GET_USER_QUOTA: no valid QUOTA HANDLE\n")); - reply_nterror( - req, NT_STATUS_INVALID_HANDLE); - return; - } - - if (total_data < 42) { - DEBUG(0,("call_trans2setfsinfo: SET_FS_QUOTA: requires total_data(%d) >= 42 bytes!\n", - total_data)); - reply_nterror( - req, - NT_STATUS_INVALID_PARAMETER); - return; - } - - /* unknown_1 24 NULL bytes in pdata*/ - - /* the soft quotas 8 bytes (uint64_t)*/ - quotas.softlim = BVAL(pdata,24); - - /* the hard quotas 8 bytes (uint64_t)*/ - quotas.hardlim = BVAL(pdata,32); - - /* quota_flags 2 bytes **/ - quotas.qflags = SVAL(pdata,40); - - /* unknown_2 6 NULL bytes follow*/ - - /* now set the quotas */ - if (vfs_set_ntquota(fsp, SMB_USER_FS_QUOTA_TYPE, NULL, "as)!=0) { - DEBUG(0,("vfs_set_ntquota() failed for service [%s]\n",lp_servicename(talloc_tos(), SNUM(conn)))); - reply_nterror(req, map_nt_error_from_unix(errno)); + status = smb_set_fsquota(conn, + req, + fsp, + &qdata); + if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); return; } - break; } default: diff --git a/source3/wscript b/source3/wscript index 52f5876..72fe0c8 100644 --- a/source3/wscript +++ b/source3/wscript @@ -135,10 +135,13 @@ long ret = splice(0,0,1,0,400,SPLICE_F_MOVE); headers='fcntl.h'): conf.CHECK_DECLS('splice', reverse=True, headers='fcntl.h') - # Check for inotify support - conf.CHECK_HEADERS('sys/inotify.h') - if "HAVE_SYS_INOTIFY_H" in conf.env: - conf.DEFINE('HAVE_INOTIFY', 1) + # Check for inotify support (Skip if we are SunOS) + #NOTE: illumos provides sys/inotify.h but is not an exact match for linux + host_os = sys.platform + if host_os.rfind('sunos') == -1: + conf.CHECK_HEADERS('sys/inotify.h') + if "HAVE_SYS_INOTIFY_H" in conf.env: + conf.DEFINE('HAVE_INOTIFY', 1) # Check for kernel change notify support conf.CHECK_CODE(''' diff --git a/source4/ntvfs/sysdep/wscript_configure b/source4/ntvfs/sysdep/wscript_configure index aa63000..274fc08 100644 --- a/source4/ntvfs/sysdep/wscript_configure +++ b/source4/ntvfs/sysdep/wscript_configure @@ -1,9 +1,14 @@ #!/usr/bin/env python -conf.CHECK_HEADERS('sys/inotify.h', add_headers=False) +import sys + +# Check for inotify support (Skip if we are SunOS) +#NOTE: illumos provides sys/inotify.h but is not an exact match for linux +host_os = sys.platform +if host_os.rfind('sunos') == -1: + conf.CHECK_HEADERS('sys/inotify.h', add_headers=False) + if (conf.CONFIG_SET('HAVE_SYS_INOTIFY_H')): + conf.DEFINE('HAVE_LINUX_INOTIFY', 1) conf.CHECK_DECLS('F_SETLEASE', headers='linux/fcntl.h', reverse=True) conf.CHECK_DECLS('SA_SIGINFO', headers='signal.h', reverse=True) - -if (conf.CONFIG_SET('HAVE_SYS_INOTIFY_H')): - conf.DEFINE('HAVE_LINUX_INOTIFY', 1) -- Samba Shared Repository