The branch, v4-16-stable has been updated via 2517bca6b10 VERSION: Disable GIT_SNAPSHOT for the 4.16.0rc3 release. via 5f8796ea630 WHATSNEW: Add release notes for Samba 4.16.0rc3. via 1bbb3677ae5 smbd: Safeguards for getpwuid via cdc5e9e4dbe smbd: Only file_free() a self-created fsp in create_file_unixpath() via d44c45cbdbc smbd: Introduce close_file_smb() via 521178327e4 smbd: Factor out fsp_unbind_smb() from file_free() via 4cc60cbdb70 torture: Add a test to show that full_audit uses a ptr after free via a61a91d427f smbd: Simplify the flow in close_file_free() via e8d165da42a smbd: No base fsps to close_file_free() from file_close_user() via 9794341b29e smbd: Factor out close_file_in_loop() from file_close_conn_fn() via c0e02d8e879 smbd: No base fsps to close_file_free() from file_close_conn() via d088caa4002 smbd: NULL out "fsp" in close_file() via 4f9bada50af smbd: Call file_free() just once in close_file() via b48431f4783 smbd: Move the call to file_free() out of close_fake_file() via 3500cb49764 smbd: Move the call to file_free() out of close_normal_file() via 692fb63a1ac smbd: Move the call to file_free() out of close_directory() via a260463481a smbd: Slightly simplify create_file_unixpath() via e1e2bae551e s3:modules: Fix virusfilter_vfs_openat via 63f6fac589e s3:selftest: Add test for virus scanner via e95306ed8e3 selftest: Fix trailing whitespace in Samba3.pm via db32ea07caa docs-xml:manpages: Document 'dummy' virusfilter and 'virusfilter:infected files' via 174fcd9f6b3 s3:modules: Implement dummy virus scanner that uses filename matching via 2fd16c0cbf6 selftest: Do not force -d0 for smbd/nmbd/winbindd via bc72fb438fe s4:kdc: Translate HDB flags to SDB flags via 27c6ad1f9b6 s4:kdc: Remove trailing spaces in hdb-samba4.c via 6628357976b s4:kdc: Add a HDB to SDB mask via fe8bf1d8aa6 libcli/smb: let smb2_signing_decrypt_pdu() cope with gnutls_aead_cipher_decrypt() ptext_len bug via f400eef07a4 libcli/smb: fix error checking in smb2_signing_decrypt_pdu() invalid ptext_len via 8deee49cda0 selftest/quick: add smb2.session via 188b96164c5 s3/libads: ensure a sockaddr variable is correctly zero initialized via 8cbf38a1b2b s3/libads: simplify storing existing ads->ldap.ss via cdcf23aac2f s3: libsmb: Call cli_dfs_target_check() from cli_smb2_rename_send(). via 35a250f49ee s3: libsmb: Call cli_dfs_target_check() from cli_cifs_rename_send(). via 1304041a4fd s3: libsmb: Call cli_dfs_target_check() from cli_smb1_rename_send(). via 01b06586f19 s3: libsmb: Call cli_dfs_target_check() from cli_ntrename_internal_send(). via 96122869594 s3: libsmb: Call cli_dfs_target_check() from cli_smb2_hardlink_send(). via 62ce0c8f55b s3: libsmb: Add cli_dfs_target_check() function. via 738fbcca544 s3: tests: Add a new test test_msdfs_rename() that does simple renames on MSDFS root shares. via 95aca464c7c s3: tests: Add a new test test_msdfs_hardlink() that does simple hardlinks on MSDFS root shares. via 64aea70f9f8 lib: libsmbclient: Ensure cli_rename() always sets cli->raw_status. via 5c55418c25e s4: test: Add samba4.libsmbclient.rename test. Currently fails for SMB3. via 29355d0a2d4 VERSION: Bump version up to Samba 4.16.0rc3... from a4763bd9d87 VERSION: Disable GIT_SNAPSHOT for the 4.16.0rc2 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-stable - Log ----------------------------------------------------------------- ----------------------------------------------------------------------- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 32 ++++- docs-xml/manpages/vfs_virusfilter.8.xml | 12 ++ libcli/smb/smb2_signing.c | 24 +++- selftest/knownfail.d/smb1-tests | 2 + selftest/quick | 1 + selftest/target/Samba3.pm | 20 ++- source3/lib/adouble.c | 20 +-- source3/libads/ldap.c | 14 +- source3/libsmb/cli_smb2_fnum.c | 14 ++ source3/libsmb/clidfs.c | 57 ++++++++ source3/libsmb/clifile.c | 53 ++++++++ source3/libsmb/proto.h | 6 + source3/modules/vfs_fruit.c | 12 +- source3/modules/vfs_virusfilter.c | 18 ++- source3/modules/vfs_virusfilter_common.h | 4 + source3/modules/vfs_virusfilter_dummy.c | 58 ++++++++ source3/modules/vfs_worm.c | 2 +- source3/modules/wscript_build | 1 + source3/passdb/pdb_interface.c | 14 +- source3/printing/nt_printing.c | 10 +- source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 4 +- source3/script/tests/full_audit_segfault/run.sh | 23 ++++ .../script/tests/full_audit_segfault/vfstest.cmd | 3 + source3/script/tests/test_smbclient_s3.sh | 99 ++++++++++++++ source3/script/tests/test_virus_scanner.sh | 124 +++++++++++++++++ source3/selftest/tests.py | 17 +++ source3/smbd/close.c | 104 ++++++-------- source3/smbd/dir.c | 9 +- source3/smbd/fake_file.c | 4 +- source3/smbd/files.c | 150 +++++++++++++++++---- source3/smbd/nttrans.c | 6 +- source3/smbd/open.c | 75 +++++------ source3/smbd/proto.h | 9 +- source3/smbd/reply.c | 62 ++++----- source3/smbd/smb2_close.c | 2 +- source3/smbd/smb2_create.c | 3 +- source3/smbd/trans2.c | 48 +++---- source3/torture/cmd_vfs.c | 85 ++++++++++++ source3/utils/net_vfs.c | 7 +- source4/kdc/hdb-samba4.c | 12 +- source4/kdc/sdb.h | 12 ++ source4/torture/libsmbclient/libsmbclient.c | 112 +++++++++++++++ wscript_configure_system_gnutls | 3 + 44 files changed, 1094 insertions(+), 255 deletions(-) create mode 100644 source3/modules/vfs_virusfilter_dummy.c create mode 100755 source3/script/tests/full_audit_segfault/run.sh create mode 100644 source3/script/tests/full_audit_segfault/vfstest.cmd create mode 100755 source3/script/tests/test_virus_scanner.sh Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 3584323d925..7c79f3655c4 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # ######################################################## -SAMBA_VERSION_RC_RELEASE=2 +SAMBA_VERSION_RC_RELEASE=3 ######################################################## # To mark SVN snapshots this should be set to 'yes' # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index acf91910706..cdd911d40b1 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements ===================== -This is the second release candidate of Samba 4.16. This is *not* +This is the third release candidate of Samba 4.16. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -174,6 +174,36 @@ smb.conf changes rpc start on demand helpers Added true +CHANGES SINCE 4.16.0rc2 +======================= + +o Jeremy Allison <j...@samba.org> + * BUG 14169: Renaming file on DFS root fails with + NT_STATUS_OBJECT_PATH_NOT_FOUND. + * BUG 14938: NT error code is not set when overwriting a file during rename + in libsmbclient. + +o Ralph Boehme <s...@samba.org> + * BUG 14674: net ads info shows LDAP Server: 0.0.0.0 depending on contacted + server. + +o Pavel Filipenský <pfili...@redhat.com> + * BUG 14971: virusfilter_vfs_openat: Not scanned: Directory or special file. + +o Volker Lendecke <v...@samba.org> + * BUG 14900: Regression: Samba 4.15.2 on macOS segfaults intermittently + during strcpy in tdbsam_getsampwnam. + * BUG 14975: Fix a crash in vfs_full_audit - CREATE_FILE can free a used fsp. + +o Stefan Metzmacher <me...@samba.org> + * BUG 14968: smb2_signing_decrypt_pdu() may not decrypt with + gnutls_aead_cipher_decrypt() from gnutls before 3.5.2. + +o Andreas Schneider <a...@samba.org> + * BUG 14960: SDB uses HDB flags directly which can lead to unwanted side + effects. + + CHANGES SINCE 4.16.0rc1 ======================= diff --git a/docs-xml/manpages/vfs_virusfilter.8.xml b/docs-xml/manpages/vfs_virusfilter.8.xml index 329a35af68a..88f91d73a42 100644 --- a/docs-xml/manpages/vfs_virusfilter.8.xml +++ b/docs-xml/manpages/vfs_virusfilter.8.xml @@ -48,6 +48,10 @@ scanner</para></listitem> <listitem><para><emphasis>clamav</emphasis>, the ClamAV scanner</para></listitem> + <listitem><para><emphasis>dummy</emphasis>, dummy scanner used in + tests. Checks against the <emphasis>infected files</emphasis> + parameter and flags any name that matches as infected. + </para></listitem> </itemizedlist> </listitem> </varlistentry> @@ -264,6 +268,14 @@ </listitem> </varlistentry> + <varlistentry> + <term>virusfilter:infected files = empty</term> + <listitem> + <para>Files that virusfilter <emphasis>dummy</emphasis> flags as infected.</para> + <para>If this option is not set, the default is empty.</para> + </listitem> + </varlistentry> + <varlistentry> <term>virusfilter:block access on error = false</term> <listitem> diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c index 4a94b026ccc..6efb87801cb 100644 --- a/libcli/smb/smb2_signing.c +++ b/libcli/smb/smb2_signing.c @@ -1251,9 +1251,31 @@ NTSTATUS smb2_signing_decrypt_pdu(struct smb2_signing_key *decryption_key, ctext_size, ptext, &ptext_size); - if (rc < 0 || ptext_size != m_total) { + if (rc < 0) { + TALLOC_FREE(ptext); + TALLOC_FREE(ctext); + status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR); + goto out; + } +#ifdef HAVE_GNUTLS_AEAD_CIPHER_DECRYPT_PTEXT_LEN_BUG + /* + * Note that gnutls before 3.5.2 had a bug and returned + * *ptext_len = ctext_len, instead of + * *ptext_len = ctext_len - tag_size + */ + if (ptext_size != ctext_size) { + TALLOC_FREE(ptext); + TALLOC_FREE(ctext); + rc = GNUTLS_E_SHORT_MEMORY_BUFFER; + status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR); + goto out; + } + ptext_size -= tag_size; +#endif /* HAVE_GNUTLS_AEAD_CIPHER_DECRYPT_PTEXT_LEN_BUG */ + if (ptext_size != m_total) { TALLOC_FREE(ptext); TALLOC_FREE(ctext); + rc = GNUTLS_E_SHORT_MEMORY_BUFFER; status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR); goto out; } diff --git a/selftest/knownfail.d/smb1-tests b/selftest/knownfail.d/smb1-tests index 28a74863c6a..03d299ad7c7 100644 --- a/selftest/knownfail.d/smb1-tests +++ b/selftest/knownfail.d/smb1-tests @@ -29,6 +29,8 @@ ^samba3.blackbox.smbclient_s3.NT1.(plain|sign).member_creds.volume\((ad_member|nt4_member)\) ^samba3.blackbox.smbclient_s3.NT1.(plain|sign).member_creds.delete a non empty directory\((ad_member|nt4_member)\) ^samba3.blackbox.smbclient_s3.NT1.(plain|sign).member_creds.Recursive ls across MS-DFS links\((ad_member|nt4_member)\) +^samba3.blackbox.smbclient_s3.NT1.(plain|sign).member_creds.Hardlink on MS-DFS share\((ad_member|nt4_member)\) +^samba3.blackbox.smbclient_s3.NT1.(plain|sign).member_creds.Rename on MS-DFS share\((ad_member|nt4_member)\) ^samba3.blackbox.smbclient_s3.*valid.users.nt4.* ^samba3.blackbox.smbclient_s3.NT1.*valid.users.* ^samba3.unix.whoami machine account.whoami\(ad_member:local\) diff --git a/selftest/quick b/selftest/quick index 0e79f1020bf..6700180c2c2 100644 --- a/selftest/quick +++ b/selftest/quick @@ -33,6 +33,7 @@ rpc.join rpc.handles rpc.echo smb.signing +smb2.session drs.unit samba4.blackbox.dbcheck.dc # This needs to be here to get testing of crypt_r() diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 7bb007c959d..2cc2d13d9e0 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -199,7 +199,7 @@ sub getlog_env_app($$$) close(LOG); return "" if $out eq $title; - + return $out; } @@ -1694,6 +1694,9 @@ sub setup_fileserver my $veto_sharedir="$share_dir/veto"; push(@dirs,$veto_sharedir); + my $virusfilter_sharedir="$share_dir/virusfilter"; + push(@dirs,$virusfilter_sharedir); + my $ip4 = Samba::get_ipv4_addr("FILESERVER"); my $fileserver_options = " kernel change notify = yes @@ -1818,6 +1821,15 @@ sub setup_fileserver path = $veto_sharedir delete veto files = yes +[virusfilter] + path = $virusfilter_sharedir + vfs objects = acl_xattr virusfilter + virusfilter:scanner = dummy + virusfilter:min file size = 0 + virusfilter:infected files = *infected* + virusfilter:infected file action = rename + virusfilter:scan on close = yes + [homes] comment = Home directories browseable = No @@ -2158,7 +2170,7 @@ sub make_bin_cmd { my ($self, $binary, $env_vars, $options, $valgrind, $dont_log_stdout) = @_; - my @optargs = ("-d0"); + my @optargs = (); if (defined($options)) { @optargs = split(/ /, $options); } @@ -2467,7 +2479,7 @@ sub provision($$) my $nmbdsockdir="$prefix_abs/nmbd"; unlink($nmbdsockdir); - ## + ## ## create the test directory layout ## die ("prefix_abs = ''") if $prefix_abs eq ""; @@ -3331,7 +3343,7 @@ sub provision($$) unless (open(PASSWD, ">$nss_wrapper_passwd")) { warn("Unable to open $nss_wrapper_passwd"); return undef; - } + } print PASSWD "nobody:x:$uid_nobody:$gid_nobody:nobody gecos:$prefix_abs:/bin/false $unix_name:x:$unix_uid:$unix_gids[0]:$unix_name gecos:$prefix_abs:/bin/false pdbtest:x:$uid_pdbtest:$gid_nogroup:pdbtest gecos:$prefix_abs:/bin/false diff --git a/source3/lib/adouble.c b/source3/lib/adouble.c index 37fb686f17b..aa78007dadd 100644 --- a/source3/lib/adouble.c +++ b/source3/lib/adouble.c @@ -1254,13 +1254,13 @@ static bool ad_convert_xattr(vfs_handle_struct *handle, if (nwritten == -1) { DBG_ERR("SMB_VFS_PWRITE failed\n"); saved_errno = errno; - close_file(NULL, fsp, ERROR_CLOSE); + close_file_free(NULL, &fsp, ERROR_CLOSE); errno = saved_errno; ok = false; goto fail; } - status = close_file(NULL, fsp, NORMAL_CLOSE); + status = close_file_free(NULL, &fsp, NORMAL_CLOSE); if (!NT_STATUS_IS_OK(status)) { ok = false; goto fail; @@ -1395,12 +1395,12 @@ static bool ad_convert_finderinfo(vfs_handle_struct *handle, if (nwritten == -1) { DBG_ERR("SMB_VFS_PWRITE failed\n"); saved_errno = errno; - close_file(NULL, fsp, ERROR_CLOSE); + close_file_free(NULL, &fsp, ERROR_CLOSE); errno = saved_errno; return false; } - status = close_file(NULL, fsp, NORMAL_CLOSE); + status = close_file_free(NULL, &fsp, NORMAL_CLOSE); if (!NT_STATUS_IS_OK(status)) { return false; } @@ -1652,7 +1652,7 @@ static bool ad_unconvert_open_ad(TALLOC_CTX *mem_ctx, if (ret != 0) { DBG_ERR("SMB_VFS_FCHOWN [%s] failed: %s\n", fsp_str_dbg(fsp), nt_errstr(status)); - close_file(NULL, fsp, NORMAL_CLOSE); + close_file_free(NULL, &fsp, NORMAL_CLOSE); return false; } } @@ -1710,14 +1710,14 @@ static bool ad_unconvert_get_streams(struct vfs_handle_struct *handle, num_streams, streams); if (!NT_STATUS_IS_OK(status)) { - close_file(NULL, fsp, NORMAL_CLOSE); + close_file_free(NULL, &fsp, NORMAL_CLOSE); DBG_ERR("streaminfo on [%s] failed: %s\n", smb_fname_str_dbg(smb_fname), nt_errstr(status)); return false; } - status = close_file(NULL, fsp, NORMAL_CLOSE); + status = close_file_free(NULL, &fsp, NORMAL_CLOSE); if (!NT_STATUS_IS_OK(status)) { DBG_ERR("close_file [%s] failed: %s\n", smb_fname_str_dbg(smb_fname), @@ -1975,7 +1975,7 @@ static bool ad_collect_one_stream(struct vfs_handle_struct *handle, out: TALLOC_FREE(sname); if (fsp != NULL) { - status = close_file(NULL, fsp, NORMAL_CLOSE); + status = close_file_free(NULL, &fsp, NORMAL_CLOSE); if (!NT_STATUS_IS_OK(status)) { DBG_ERR("close_file [%s] failed: %s\n", smb_fname_str_dbg(smb_fname), @@ -2117,9 +2117,9 @@ bool ad_unconvert(TALLOC_CTX *mem_ctx, out: if (fsp != NULL) { - status = close_file(NULL, fsp, NORMAL_CLOSE); + status = close_file_free(NULL, &fsp, NORMAL_CLOSE); if (!NT_STATUS_IS_OK(status)) { - DBG_ERR("close_file [%s] failed: %s\n", + DBG_ERR("close_file_free() [%s] failed: %s\n", smb_fname_str_dbg(smb_fname), nt_errstr(status)); ok = false; diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 1bc271785e2..647cdbd0459 100755 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -605,7 +605,9 @@ ADS_STATUS ads_connect(ADS_STRUCT *ads) ADS_STATUS status; NTSTATUS ntstatus; char addr[INET6_ADDRSTRLEN]; - struct samba_sockaddr existing_sa = {0}; + struct sockaddr_storage existing_ss; + + zero_sockaddr(&existing_ss); /* * ads_connect can be passed in a reused ADS_STRUCT @@ -627,11 +629,7 @@ ADS_STATUS ads_connect(ADS_STRUCT *ads) */ if (ads->server.ldap_server == NULL && !is_zero_addr(&ads->ldap.ss)) { /* Save off the address we previously found by ads_find_dc(). */ - bool ok = sockaddr_storage_to_samba_sockaddr(&existing_sa, - &ads->ldap.ss); - if (!ok) { - return ADS_ERROR_NT(NT_STATUS_INVALID_ADDRESS); - } + existing_ss = ads->ldap.ss; } ads_zero_ldap(ads); @@ -679,11 +677,11 @@ ADS_STATUS ads_connect(ADS_STRUCT *ads) } } - if (!is_zero_addr(&existing_sa.u.ss)) { + if (!is_zero_addr(&existing_ss)) { /* We saved off who we should talk to. */ bool ok = ads_try_connect(ads, ads->server.gc, - &existing_sa.u.ss); + &existing_ss); if (ok) { goto got_connection; } diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c index 87c56b5564d..13d23ed6566 100644 --- a/source3/libsmb/cli_smb2_fnum.c +++ b/source3/libsmb/cli_smb2_fnum.c @@ -3215,12 +3215,26 @@ struct tevent_req *cli_smb2_rename_send( { struct tevent_req *req = NULL, *subreq = NULL; struct cli_smb2_rename_state *state = NULL; + NTSTATUS status; req = tevent_req_create( mem_ctx, &state, struct cli_smb2_rename_state); if (req == NULL) { return NULL; } + + /* + * Strip a MSDFS path from fname_dst if we were given one. + */ + status = cli_dfs_target_check(state, + cli, + fname_src, + fname_dst, + &fname_dst); + if (tevent_req_nterror(req, status)) { + return tevent_req_post(req, ev); + } + state->ev = ev; state->cli = cli; state->fname_dst = fname_dst; diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c index 5b64858ca33..5288a7efc64 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c @@ -1274,3 +1274,60 @@ bool cli_check_msdfs_proxy(TALLOC_CTX *ctx, return true; } + +/******************************************************************** + Windows and NetApp (and arguably the SMB1/2/3 specs) expect a non-DFS + path for the targets of rename and hardlink. If we have been given + a DFS path for these calls, convert it back into a local path by + stripping off the DFS prefix. +********************************************************************/ + +NTSTATUS cli_dfs_target_check(TALLOC_CTX *mem_ctx, + struct cli_state *cli, + const char *fname_src, + const char *fname_dst, + const char **fname_dst_out) +{ + char *dfs_prefix = NULL; + size_t prefix_len = 0; + struct smbXcli_tcon *tcon = NULL; + + if (!smbXcli_conn_dfs_supported(cli->conn)) { + goto copy_fname_out; + } + if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) { + tcon = cli->smb2.tcon; + } else { + tcon = cli->smb1.tcon; + } + if (!smbXcli_tcon_is_dfs_share(tcon)) { + goto copy_fname_out; + } + dfs_prefix = cli_dfs_make_full_path(mem_ctx, cli, ""); + if (dfs_prefix == NULL) { + return NT_STATUS_NO_MEMORY; + } + prefix_len = strlen(dfs_prefix); + if (strncmp(fname_dst, dfs_prefix, prefix_len) != 0) { + /* + * Prefix doesn't match. Assume it was + * already stripped or not added in the + * first place. + */ + goto copy_fname_out; + } + /* Return the trailing name after the prefix. */ + *fname_dst_out = &fname_dst[prefix_len]; + TALLOC_FREE(dfs_prefix); + return NT_STATUS_OK; + + copy_fname_out: + + /* + * No change to the destination name. Just + * point it at the incoming destination name. + */ + *fname_dst_out = fname_dst; + TALLOC_FREE(dfs_prefix); + return NT_STATUS_OK; +} diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index f1d0a9483f6..5c570c68eac 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -1234,6 +1234,18 @@ static struct tevent_req *cli_smb1_rename_send(TALLOC_CTX *mem_ctx, return NULL; } + /* + * Strip a MSDFS path from fname_dst if we were given one. + */ + status = cli_dfs_target_check(state, + cli, + fname_src, + fname_dst, + &fname_dst); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + if (!push_ucs2_talloc(talloc_tos(), &converted_str, fname_dst, &converted_size_bytes)) { status = NT_STATUS_INVALID_PARAMETER; @@ -1311,6 +1323,7 @@ static struct tevent_req *cli_cifs_rename_send(TALLOC_CTX *mem_ctx, uint8_t additional_flags = 0; uint16_t additional_flags2 = 0; uint8_t *bytes = NULL; + NTSTATUS status; req = tevent_req_create(mem_ctx, &state, struct cli_cifs_rename_state); if (req == NULL) { @@ -1325,6 +1338,18 @@ static struct tevent_req *cli_cifs_rename_send(TALLOC_CTX *mem_ctx, return tevent_req_post(req, ev); } + /* + * Strip a MSDFS path from fname_dst if we were given one. + */ + status = cli_dfs_target_check(state, + cli, + fname_src, + fname_dst, + &fname_dst); + if (tevent_req_nterror(req, status)) { + return tevent_req_post(req, ev); + } + SSVAL(state->vwv+0, 0, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_DIRECTORY); bytes = talloc_array(state, uint8_t, 1); @@ -1489,6 +1514,7 @@ NTSTATUS cli_rename(struct cli_state *cli, } status = cli_rename_recv(req); + cli->raw_status = status; /* cli_smb2_rename_recv doesn't set this */ fail: TALLOC_FREE(frame); @@ -1517,6 +1543,7 @@ static struct tevent_req *cli_ntrename_internal_send(TALLOC_CTX *mem_ctx, -- Samba Shared Repository