The branch, master has been updated via 897f08f7a03 testprogs: Use new kerberos options for samba-tool in test_kpasswd_mit.sh via bc5e8ba9f3a testprogs: Use new kerberos options for samba-tool in test_export_keytab_mit.sh via 773659baaff testprogs: Use new kerberos options for ldb and samba-tool in test_kinit_mit.sh via ecfa4e190a6 gp: Fix GNOME Settings writing unreadable user profile via 194f6661d66 gp: Fix Firewalld RSoP output skipping Zones via c12518a9b62 smbd: Remove source3/smbd/statcache.c via d04db4a5769 vfs: Fix whitespace via b94fd4229d7 smbd: Slightly simplify set_current_case_sensitive() via d48481118bc smbd: Slightly simplify set_current_case_sensitive() via 49fdf8f9ec9 smbd: Make set_current_case_sensitive() static from eb5df255fae s4:libnet: correctly handle gnutls_pbkdf2() errors
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 897f08f7a039a1ca837eb5054ca7d8ba9a6e747e Author: Andreas Schneider <a...@samba.org> Date: Mon Dec 5 11:03:25 2022 +0100 testprogs: Use new kerberos options for samba-tool in test_kpasswd_mit.sh Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Dec 14 23:56:50 UTC 2022 on sn-devel-184 commit bc5e8ba9f3aa67cff5d0420f8422b8f4765789b6 Author: Andreas Schneider <a...@samba.org> Date: Mon Dec 5 08:40:08 2022 +0100 testprogs: Use new kerberos options for samba-tool in test_export_keytab_mit.sh Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 773659baaffd7530f3aaa2fca947709b57ad7cea Author: Andreas Schneider <a...@samba.org> Date: Sat Dec 3 20:56:08 2022 +0100 testprogs: Use new kerberos options for ldb and samba-tool in test_kinit_mit.sh Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit ecfa4e190a6d48db4e7b514c9011aa139a5b2ac4 Author: David Mulder <dmul...@samba.org> Date: Wed Dec 14 14:24:24 2022 -0700 gp: Fix GNOME Settings writing unreadable user profile This file must be readable by all users, otherwise the policy doesn't get read or applied. Signed-off-by: David Mulder <dmul...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 194f6661d665105a9433d4edb02ba70e1b70a396 Author: David Mulder <dmul...@samba.org> Date: Wed Dec 14 14:23:48 2022 -0700 gp: Fix Firewalld RSoP output skipping Zones Signed-off-by: David Mulder <dmul...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit c12518a9b6275602fd654a0dc47903d10843e91e Author: Volker Lendecke <v...@samba.org> Date: Wed Dec 14 13:58:25 2022 +0100 smbd: Remove source3/smbd/statcache.c After I found that nobody calls stat_cache_add() anymore, there was no reason to keep the rest of statcache.c. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit d04db4a576978be49b2c5c6533103cf8cab2f0b6 Author: Volker Lendecke <v...@samba.org> Date: Wed Dec 14 13:44:50 2022 +0100 vfs: Fix whitespace Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit b94fd4229d77ef150530eb434006adff346151f5 Author: Volker Lendecke <v...@samba.org> Date: Tue Dec 13 17:38:25 2022 +0100 smbd: Slightly simplify set_current_case_sensitive() Remove a global cache of calculating case sensivity. The calculation is really simple: It only references a bool per-share parameter and a global variable. I really doubt there is any measurable benefit from this cache, and if there was, I don't care if SMB1 gets a tiny bit slower in response to reduced global state. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit d48481118bc5e2dd8999fc112967a99e508ddf80 Author: Volker Lendecke <v...@samba.org> Date: Tue Dec 13 17:33:29 2022 +0100 smbd: Slightly simplify set_current_case_sensitive() Assert this isn't called from SMB2 Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 49fdf8f9ec967fb39f88f54752b2bf25e89672e5 Author: Volker Lendecke <v...@samba.org> Date: Tue Dec 13 17:31:53 2022 +0100 smbd: Make set_current_case_sensitive() static This is a SMB1-only thing Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> ----------------------------------------------------------------------- Summary of changes: librpc/idl/messaging.idl | 2 +- python/samba/gp/gp_firewalld_ext.py | 4 +- python/samba/gp/gp_gnome_settings_ext.py | 1 + source3/include/proto.h | 2 - source3/include/vfs.h | 10 +- source3/lib/smbd_shim.c | 8 - source3/lib/smbd_shim.h | 3 - source3/locking/locking.c | 5 - source3/smbd/close.c | 5 - source3/smbd/globals.c | 3 - source3/smbd/globals.h | 3 - source3/smbd/proto.h | 20 -- source3/smbd/server.c | 18 -- source3/smbd/server_reload.c | 1 - source3/smbd/smb1_process.c | 38 +++ source3/smbd/smb2_service.c | 51 --- source3/smbd/statcache.c | 448 --------------------------- source3/wscript_build | 1 - testprogs/blackbox/test_export_keytab_mit.sh | 2 +- testprogs/blackbox/test_kinit_mit.sh | 18 +- testprogs/blackbox/test_kpasswd_mit.sh | 2 +- 21 files changed, 59 insertions(+), 586 deletions(-) delete mode 100644 source3/smbd/statcache.c Changeset truncated at 500 lines: diff --git a/librpc/idl/messaging.idl b/librpc/idl/messaging.idl index 5d217c03f5b..398deed8e4c 100644 --- a/librpc/idl/messaging.idl +++ b/librpc/idl/messaging.idl @@ -79,7 +79,7 @@ interface messaging MSG_SMB_INJECT_FAULT = 0x030C, MSG_SMB_BLOCKING_LOCK_CANCEL = 0x030D, MSG_SMB_NOTIFY = 0x030E, - MSG_SMB_STAT_CACHE_DELETE = 0x030F, + /* MSG_SMB_STAT_CACHE_DELETE = 0x030F, Obsoleted */ /* Samba4 compatibility */ MSG_PVFS_NOTIFY = 0x0310, diff --git a/python/samba/gp/gp_firewalld_ext.py b/python/samba/gp/gp_firewalld_ext.py index 7947961a9ee..dd80d94c9cf 100644 --- a/python/samba/gp/gp_firewalld_ext.py +++ b/python/samba/gp/gp_firewalld_ext.py @@ -144,7 +144,9 @@ class gp_firewalld_ext(gp_pol_ext): return output for e in pol_conf.entries: if e.keyname.startswith(section): - if e.keyname.endswith('Zone'): + if e.keyname.endswith('Zones'): + if e.valuename == '**delvals.': + continue if 'Zones' not in output.keys(): output['Zones'] = [] output['Zones'].append(e.data) diff --git a/python/samba/gp/gp_gnome_settings_ext.py b/python/samba/gp/gp_gnome_settings_ext.py index cbf01a14ade..654a4061dbc 100644 --- a/python/samba/gp/gp_gnome_settings_ext.py +++ b/python/samba/gp/gp_gnome_settings_ext.py @@ -54,6 +54,7 @@ def create_user_profile(test_dir): with NamedTemporaryFile('w', dir=os.path.dirname(user_profile), delete=False) as w: w.write('user-db:user\nsystem-db:local') + os.chmod(w.name, 0o644) fname = w.name shutil.move(fname, user_profile) diff --git a/source3/include/proto.h b/source3/include/proto.h index bbd45c536ff..79d424fd10d 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -763,8 +763,6 @@ void unbecome_root(void); int find_service(TALLOC_CTX *ctx, const char *service_in, char **p_service_out); bool lp_allow_local_address( int snum, const struct tsocket_address *local_address); -void send_stat_cache_delete_message(struct messaging_context *msg_ctx, - const char *name); NTSTATUS can_delete_directory_fsp(files_struct *fsp); bool change_to_root_user(void); bool become_authenticated_pipe_user(struct auth_session_info *session_info); diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 1cc3b91a9e0..5ad15135ef9 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -1,4 +1,4 @@ -/* +/* Unix SMB/CIFS implementation. VFS structures and parameters Copyright (C) Jeremy Allison 1999-2005 @@ -766,8 +766,8 @@ typedef struct connection_struct { name_compare_entry *hide_list; /* Per-share list of files to return as hidden. */ name_compare_entry *veto_list; /* Per-share list of files to veto (never show). */ - name_compare_entry *veto_oplock_list; /* Per-share list of files to refuse oplocks on. */ - name_compare_entry *aio_write_behind_list; /* Per-share list of files to use aio write behind on. */ + name_compare_entry *veto_oplock_list; /* Per-share list of files to refuse oplocks on. */ + name_compare_entry *aio_write_behind_list; /* Per-share list of files to use aio write behind on. */ struct trans_state *pending_trans; struct rpc_pipe_client *spoolss_pipe; @@ -1205,7 +1205,7 @@ struct vfs_fn_pointers { uint32_t in_len, uint8_t **_out_data, uint32_t max_out_len, - uint32_t *out_len); + uint32_t *out_len); NTSTATUS (*fget_dos_attributes_fn)(struct vfs_handle_struct *handle, struct files_struct *fsp, @@ -1775,7 +1775,7 @@ SMB_ACL_T smb_vfs_call_sys_acl_get_fd(struct vfs_handle_struct *handle, SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx); int smb_vfs_call_sys_acl_blob_get_fd(struct vfs_handle_struct *handle, - struct files_struct *fsp, + struct files_struct *fsp, TALLOC_CTX *mem_ctx, char **blob_description, DATA_BLOB *blob); diff --git a/source3/lib/smbd_shim.c b/source3/lib/smbd_shim.c index a6e3695096d..c7c64f76cd0 100644 --- a/source3/lib/smbd_shim.c +++ b/source3/lib/smbd_shim.c @@ -32,14 +32,6 @@ void set_smbd_shim(const struct smbd_shim *shim_functions) shim = *shim_functions; } -void send_stat_cache_delete_message(struct messaging_context *msg_ctx, - const char *name) -{ - if (shim.send_stat_cache_delete_message) { - shim.send_stat_cache_delete_message(msg_ctx, name); - } -} - bool change_to_root_user(void) { if (shim.change_to_root_user) { diff --git a/source3/lib/smbd_shim.h b/source3/lib/smbd_shim.h index 19ce7acd50e..c4bf330da4f 100644 --- a/source3/lib/smbd_shim.h +++ b/source3/lib/smbd_shim.h @@ -29,9 +29,6 @@ struct smbd_shim { - void (*send_stat_cache_delete_message)(struct messaging_context *msg_ctx, - const char *name); - bool (*change_to_root_user)(void); bool (*become_authenticated_pipe_user)(struct auth_session_info *session_info); bool (*unbecome_authenticated_pipe_user)(void); diff --git a/source3/locking/locking.c b/source3/locking/locking.c index a65124403cf..5c2613b117c 100644 --- a/source3/locking/locking.c +++ b/source3/locking/locking.c @@ -965,11 +965,6 @@ static void set_delete_on_close_locked(struct share_mode_lock *lck, reset_delete_on_close_lck(state->fsp, lck); } - if (state->fsp->fsp_flags.is_directory) { - send_stat_cache_delete_message(state->fsp->conn->sconn->msg_ctx, - state->fsp->fsp_name->base_name); - } - state->fsp->fsp_flags.delete_on_close = state->delete_on_close; } diff --git a/source3/smbd/close.c b/source3/smbd/close.c index 94678b5b8db..d1e89325780 100644 --- a/source3/smbd/close.c +++ b/source3/smbd/close.c @@ -343,11 +343,6 @@ static void close_share_mode_lock_prepare(struct share_mode_lock *lck, /* Initial delete on close was set and no one else * wrote a real delete on close. */ - if (fsp->fsp_flags.is_directory) { - send_stat_cache_delete_message(fsp->conn->sconn->msg_ctx, - fsp->fsp_name->base_name); - } - fsp->fsp_flags.delete_on_close = true; set_delete_on_close_lck(fsp, lck, fsp->conn->session_info->security_token, diff --git a/source3/smbd/globals.c b/source3/smbd/globals.c index 4d4553649c0..9989a73dc85 100644 --- a/source3/smbd/globals.c +++ b/source3/smbd/globals.c @@ -61,9 +61,6 @@ int sec_ctx_stack_ndx = 0; bool become_uid_done = false; bool become_gid_done = false; -connection_struct *last_conn = NULL; -uint16_t last_flags = 0; - uint32_t global_client_caps = 0; uint16_t fnf_handle = 257; diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h index 44be970510a..d1c0d145de7 100644 --- a/source3/smbd/globals.h +++ b/source3/smbd/globals.h @@ -79,9 +79,6 @@ extern int sec_ctx_stack_ndx; extern bool become_uid_done; extern bool become_gid_done; -extern connection_struct *last_conn; -extern uint16_t last_flags; - extern uint32_t global_client_caps; extern uint16_t fnf_handle; diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h index a9060aeafc1..069c069f803 100644 --- a/source3/smbd/proto.h +++ b/source3/smbd/proto.h @@ -1047,7 +1047,6 @@ void smbd_exit_server_cleanly(const char *const reason) _NORETURN_; bool set_conn_connectpath(connection_struct *conn, const char *connectpath); bool canonicalize_connect_path(connection_struct *conn); NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum); -void set_current_case_sensitive(connection_struct *conn, uint16_t flags); bool chdir_current_service(connection_struct *conn); void load_registry_shares(void); int add_home_service(const char *service, const char *username, const char *homedir); @@ -1095,25 +1094,6 @@ bool is_share_read_only_for_token(const char *username, NTSTATUS srvstr_push_fn(const char *base_ptr, uint16_t smb_flags2, void *dest, const char *src, int dest_len, int flags, size_t *ret_len); -/* The following definitions come from smbd/statcache.c */ - -void stat_cache_add( const char *full_orig_name, - const char *translated_path, - NTTIME twrp, - bool case_sensitive); -bool stat_cache_lookup(connection_struct *conn, - char **pp_name, - char **pp_dirpath, - char **pp_start, - NTTIME twrp, - SMB_STRUCT_STAT *pst); -void smbd_send_stat_cache_delete_message(struct messaging_context *msg_ctx, - const char *name); -void send_stat_cache_delete_message(struct messaging_context *msg_ctx, - const char *name); -void stat_cache_delete(const char *name); -bool reset_stat_cache( void ); - /* The following definitions come from smbd/statvfs.c */ int sys_statvfs(const char *path, struct vfs_statvfs_struct *statbuf); diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 155d2207609..6bdaca7a0a4 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -124,21 +124,6 @@ static void smbd_parent_conf_updated(struct messaging_context *msg, messaging_send_to_children(msg, MSG_SMB_CONF_UPDATED, NULL); } -/******************************************************************* - Delete a statcache entry. - ********************************************************************/ - -static void smb_stat_cache_delete(struct messaging_context *msg, - void *private_data, - uint32_t msg_tnype, - struct server_id server_id, - DATA_BLOB *data) -{ - const char *name = (const char *)data->data; - DEBUG(10,("smb_stat_cache_delete: delete name %s\n", name)); - stat_cache_delete(name); -} - /**************************************************************************** Send a SIGTERM to our process group. *****************************************************************************/ @@ -1280,8 +1265,6 @@ static bool open_sockets_smbd(struct smbd_parent_context *parent, messaging_register(msg_ctx, NULL, MSG_SHUTDOWN, msg_exit_server); messaging_register(msg_ctx, ev_ctx, MSG_SMB_CONF_UPDATED, smbd_parent_conf_updated); - messaging_register(msg_ctx, NULL, MSG_SMB_STAT_CACHE_DELETE, - smb_stat_cache_delete); messaging_register(msg_ctx, NULL, MSG_DEBUG, smbd_msg_debug); messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_TDIS, smb_parent_send_to_children); @@ -1620,7 +1603,6 @@ extern void build_options(bool screen); loadparm_s3_global_substitution(); static const struct smbd_shim smbd_shim_fns = { - .send_stat_cache_delete_message = smbd_send_stat_cache_delete_message, .change_to_root_user = smbd_change_to_root_user, .become_authenticated_pipe_user = smbd_become_authenticated_pipe_user, .unbecome_authenticated_pipe_user = smbd_unbecome_authenticated_pipe_user, diff --git a/source3/smbd/server_reload.c b/source3/smbd/server_reload.c index 329edf640da..d3322d12f6a 100644 --- a/source3/smbd/server_reload.c +++ b/source3/smbd/server_reload.c @@ -170,7 +170,6 @@ bool reload_services(struct smbd_server_connection *sconn, } mangle_reset_cache(); - reset_stat_cache(); flush_dfree_cache(); return(ret); diff --git a/source3/smbd/smb1_process.c b/source3/smbd/smb1_process.c index 9edfa2116e9..1834c67b91f 100644 --- a/source3/smbd/smb1_process.c +++ b/source3/smbd/smb1_process.c @@ -1017,6 +1017,44 @@ static void smb1srv_update_crypto_flags(struct smbXsrv_session *session, return; } +static void set_current_case_sensitive(connection_struct *conn, uint16_t flags) +{ + int snum; + enum remote_arch_types ra_type; + + SMB_ASSERT(conn != NULL); + SMB_ASSERT(!conn->sconn->using_smb2); + + snum = SNUM(conn); + + /* + * Obey the client case sensitivity requests - only for clients that + * support it. */ + switch (lp_case_sensitive(snum)) { + case Auto: + /* + * We need this uglyness due to DOS/Win9x clients that lie + * about case insensitivity. */ + ra_type = get_remote_arch(); + if ((ra_type != RA_SAMBA) && (ra_type != RA_CIFSFS)) { + /* + * Client can't support per-packet case sensitive + * pathnames. */ + conn->case_sensitive = false; + } else { + conn->case_sensitive = + !(flags & FLAG_CASELESS_PATHNAMES); + } + break; + case True: + conn->case_sensitive = true; + break; + default: + conn->case_sensitive = false; + break; + } +} + /**************************************************************************** Prepare everything for calling the actual request function, and potentially call the request function via the "new" interface. diff --git a/source3/smbd/smb2_service.c b/source3/smbd/smb2_service.c index 6b821e6da70..6670b8a5a13 100644 --- a/source3/smbd/smb2_service.c +++ b/source3/smbd/smb2_service.c @@ -90,57 +90,6 @@ bool set_conn_connectpath(connection_struct *conn, const char *connectpath) return true; } -/**************************************************************************** - Load parameters specific to a connection/service. -****************************************************************************/ - -void set_current_case_sensitive(connection_struct *conn, uint16_t flags) -{ - int snum; - enum remote_arch_types ra_type; - - SMB_ASSERT(conn != NULL); - - snum = SNUM(conn); - - if ((conn == last_conn) && (last_flags == flags)) { - return; - } - - last_conn = conn; - last_flags = flags; - - /* - * Obey the client case sensitivity requests - only for clients that - * support it. */ - switch (lp_case_sensitive(snum)) { - case Auto: - /* - * We need this uglyness due to DOS/Win9x clients that lie - * about case insensitivity. */ - ra_type = get_remote_arch(); - if (conn->sconn->using_smb2) { - conn->case_sensitive = false; - } else if ((ra_type != RA_SAMBA) && (ra_type != RA_CIFSFS)) { - /* - * Client can't support per-packet case sensitive - * pathnames. */ - conn->case_sensitive = false; - } else { - conn->case_sensitive = - !(flags & FLAG_CASELESS_PATHNAMES); - } - break; - case True: - conn->case_sensitive = true; - break; - default: - conn->case_sensitive = false; - break; - } - return; -} - bool chdir_current_service(connection_struct *conn) { const struct smb_filename connectpath_fname = { diff --git a/source3/smbd/statcache.c b/source3/smbd/statcache.c deleted file mode 100644 index 4138a9287ad..00000000000 --- a/source3/smbd/statcache.c +++ /dev/null @@ -1,448 +0,0 @@ -/* - Unix SMB/CIFS implementation. - stat cache code - Copyright (C) Andrew Tridgell 1992-2000 - Copyright (C) Jeremy Allison 1999-2007 - Copyright (C) Andrew Bartlett <abart...@samba.org> 2003 - Copyright (C) Volker Lendecke 2007 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "../lib/util/memcache.h" -#include "smbd/smbd.h" -#include "messages.h" -#include "serverid.h" -#include "smbprofile.h" -#include <tdb.h> - -#define STAT_CACHE_TWRP_TOKEN "%016" PRIx64 "@%s" -#define STAT_CACHE_TWRP_TOKEN_LEN 17 - -/**************************************************************************** - Stat cache code used in unix_convert. -*****************************************************************************/ - -/** - * Add an entry into the stat cache. - * - * @param full_orig_name The original name as specified by the client - * @param orig_translated_path The name on our filesystem. - * - * @note Only the first strlen(orig_translated_path) characters are stored - * into the cache. This means that full_orig_name will be internally - * truncated. - * - */ - -void stat_cache_add( const char *full_orig_name, - const char *translated_path_in, - NTTIME twrp, - bool case_sensitive) -{ - size_t translated_path_length; - char *translated_path = NULL; - char *original_path; - size_t original_path_length; - TALLOC_CTX *ctx = talloc_tos(); - - if (!lp_stat_cache()) { - return; - } - - /* - * Don't cache trivial valid directory entries such as . and .. - */ - - if ((*full_orig_name == '\0') - || ISDOT(full_orig_name) || ISDOTDOT(full_orig_name)) { - return; - } - - translated_path = talloc_asprintf(ctx, - STAT_CACHE_TWRP_TOKEN, - twrp, - translated_path_in); - if (translated_path == NULL) { - return; - } - - /* - * If we are in case insentive mode, we don't need to - * store names that need no translation - else, it - * would be a waste. - */ - - if (!case_sensitive && (strcmp(full_orig_name, translated_path) == 0)) { - TALLOC_FREE(translated_path); - return; - } - - /* - * Remove any trailing '/' characters from the - * translated path. - */ - - translated_path_length = strlen(translated_path); - - if(translated_path[translated_path_length-1] == '/') { - translated_path_length--; - } - - if(case_sensitive) { - original_path = talloc_asprintf(ctx, -- Samba Shared Repository