[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  d5759794d6d add .gitlab-ci-coverage.yml for a scheduled build
   via  7387da74e6f script/autobuild.py: split samba-ad-dc-4* tests into two
   via  6f5546ae64f script/autobuild.py: split samba-nopython out of 
samba-minimal-smbd again
   via  95a9c3b2952 script/autobuild.py: split samba-no-opath into two tests
   via  3189807278b script/autobuild.py: skip lcov step for samba-fips
   via  45522798238 .gitlab-ci-main.yml: specify the image only by 
SAMBA_CI_JOB_IMAGE
   via  6999e080ce0 .gitlab-ci*.yml: only use gitlab.org shared runners if 
possible
   via  a0a1988afb3 bootstrap/.gitlab-ci.yml: make sure we force gitlab.com 
runners for now
   via  23a54f4731c .gitlab-ci-main.yml: build coverity using 
--with-cluster-support
   via  c378d4dde0a .gitlab-ci.yml: move the content to .gitlab-ci-main.yml
   via  a786ff99677 .gitlab-ci.yml: move samba-ad-back{1,2} and 
samba-schemaupgrade to shared runners
   via  63853b823c6 script/autobuild.py: split samba-ad-dc-backup into 
samba-ad-back{1,2}
   via  c2a725b224b script/autobuild.py: move ad_dc_backup to samba-ad-dc-6
   via  2e8b58bc2df .gitlab-ci.yml: let private runners also make use of 
pre-builds
   via  307edf82023 script/autobuild.py: split out 
samba-{nt4,h5l,no-opath}-build
   via  e466bac9a8a .gitlab-ci.yml: be more resilient to intrastructure 
failures
   via  101237b4e6d .gitlab-ci.yml: specify explicit job timeouts
   via  4df7f2b6914 .gitlab-ci.yml: split out samba-{def,mit}-build into 
the build_first stage
   via  dc16294342d .gitlab-ci.yml: print out information of the available 
cpus
   via  37619d399b7 script/autobuild.py: split out "samba-{def,mit}-build"
   via  95849d3d6a8 script/autobuild.py: add support for dependencies
   via  404cd173e9e script/autobuild.py: store the directory for the 
running builder in self.builder_dir
   via  e315ce40c24 script/autobuild.py: defer cp and git clone
   via  ba6f6a3cce1 script/autobuild.py: pass --with-selftest-prefix via 
make instead of configure
   via  2933c02718c script/autobuild.py: split out a CLEAN_SOURCE_TREE_CMD
   via  0e7a7440f7c script/autobuild.py: change the task definitions into 
an dictionary
   via  467cfaf852e testprogs:blackbox: create temporary files under 
$PREFIX/SELFTEST_TMPDIR
   via  d260d2c59bf s4:client:tests: create temporary files under 
$PREFIX/SELFTEST_TMPDIR
   via  3d618689e25 python:tests:samba_tool: create temporary files under 
$SELFTEST_TMPDIR
   via  cef28acbd2b s3:script:tests: create temporary files under 
$PREFIX/SELFTEST_TMPDIR
  from  5b0d3b209a7 lib/audit_logging/test: fix typos

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit d5759794d6d384de02bbb5df9d46b3a8675813d0
Author: Stefan Metzmacher 
Date:   Tue Dec 29 15:15:13 2020 +0100

add .gitlab-ci-coverage.yml for a scheduled build

This will be used by the https://gitlab.com/samba-team/samba
configuration, while https://gitlab.com/samba-team/devel/samba
will still use .gitlab-ci.yml (via the legacy .gitlab-ci-private.yml).

The key point is the usage of the more powerful n1-standard-2
runners for testing.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 
Reviewed-by: Andreas Schneider 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Tue Apr 13 09:33:14 UTC 2021 on sn-devel-184

commit 7387da74e6f0e33de5f80b9a5e59f268541f52cd
Author: Stefan Metzmacher 
Date:   Wed Dec 30 02:01:30 2020 +0100

script/autobuild.py: split samba-ad-dc-4* tests into two

As single job they used more than 1h.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 
Reviewed-by: Andreas Schneider 

commit 6f5546ae64f39f3d1a252c5095c09b92a09a70e6
Author: Stefan Metzmacher 
Date:   Wed Dec 30 01:58:48 2020 +0100

script/autobuild.py: split samba-nopython out of samba-minimal-smbd again

This was using more than 1h as a single job.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 
Reviewed-by: Andreas Schneider 

commit 95a9c3b29529e60643eeae2ef99e8b0ef7d43710
Author: Stefan Metzmacher 
Date:   Wed Dec 30 01:33:00 2020 +0100

script/autobuild.py: split samba-no-opath into two tests

This was is basically a combination of 'samba-nt4' and
'samba-fileserver'.

As a single job it used more than 1h only for testing,
while the samba-no-nopath-build uses ~ 10mins (with a filled ccache).
Now we have two test jobs with ~ 30mins.
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 
Reviewed-by: Andreas Schneider 

commit 3189807278b0cb10007831ad84fa55c2cb14b125
Author: Stefan Metzmacher 
Date:   Wed Dec 30 12:11:55 2020 +0100

[PATCH] io_thread/x86: don't reset 'cs', 'ss', 'ds' and 'es' registers for io_threads

[Stefan Metzmacher]

This allows gdb attach to userspace processes using io-uring,
which means that they have io_threads (PF_IO_WORKER), which appear
just like normal as userspace threads.

See the code comment for more details.

Fixes: 4727dc20e04 ("arch: setup PF_IO_WORKER threads like PF_KTHREAD")
Signed-off-by: Stefan Metzmacher 
cc: Linus Torvalds 
cc: Jens Axboe 
cc: linux-kernel@vger.kernel.org
cc: io-ur...@vger.kernel.org
---
 arch/x86/kernel/process.c | 49 +++
 1 file changed, 49 insertions(+)

diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index 9c214d7085a4..72120c4b7618 100644
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -163,6 +163,55 @@ int copy_thread(unsigned long clone_flags, unsigned long 
sp, unsigned long arg,
/* Kernel thread ? */
if (unlikely(p->flags & (PF_KTHREAD | PF_IO_WORKER))) {
memset(childregs, 0, sizeof(struct pt_regs));
+   /*
+* gdb sees all userspace threads,
+* including io threads (PF_IO_WORKER)!
+*
+* gdb uses:
+* PTRACE_PEEKUSR, offsetof (struct user_regs_struct, cs)
+*  returning with 0x33 (51) to detect 64 bit
+* and:
+* PTRACE_PEEKUSR, offsetof (struct user_regs_struct, ds)
+*  returning 0x2b (43) to detect 32 bit.
+*
+* GDB relies on that the kernel returns the
+* same values for all threads, which means
+* we don't zero these out.
+*
+* Note that CONFIG_X86_64 handles 'es' and 'ds'
+* differently, see the following above:
+*   savesegment(es, p->thread.es);
+*   savesegment(ds, p->thread.ds);
+* and the CONFIG_X86_64 version of get_segment_reg().
+*
+* Linus proposed something like this:
+* 
(https://lore.kernel.org/io-uring/CAHk-=whEObPkZBe4766DmR46-=5qtuiatwbsoad468etgyc...@mail.gmail.com/)
+*
+*   childregs->cs = __USER_CS;
+*   childregs->ss = __USER_DS;
+*   childregs->ds = __USER_DS;
+*   childregs->es = __USER_DS;
+*
+* might make sense (just do it unconditionally, rather than 
making it
+* special to PF_IO_WORKER).
+*
+* But that doesn't make gdb happy in all cases.
+*
+* While 32bit userspace on a 64bit kernel is legacy,
+* it's still useful to allow 32bit libraries or nss modules
+* use the same code as the 64bit version of that library, which
+* can use io-uring just fine.
+*
+* So we better just inherit the values from
+* the originating process instead of hardcoding
+* values, which would imply 64bit userspace.
+*/
+   childregs->cs = current_pt_regs()->cs;
+   childregs->ss = current_pt_regs()->ss;
+#ifdef CONFIG_X86_32
+   childregs->ds = current_pt_regs()->ds;
+   childregs->es = current_pt_regs()->es;
+#endif
kthread_frame_init(frame, sp, arg);
return 0;
}
-- 
2.25.1

Re: [PATCH 0/6] Allow signals for IO threads

[Stefan Metzmacher]

Am 01.04.21 um 18:24 schrieb Linus Torvalds:
> On Thu, Apr 1, 2021 at 9:00 AM Stefan Metzmacher  wrote:
>>
>> I haven't tried it, but it seems gdb tries to use PTRACE_PEEKUSR
>> against the last thread tid listed under /proc//tasks/ in order to
>> get the architecture for the userspace application
> 
> Christ, what an odd hack. Why wouldn't it just do it on the initial
> thread you actually attached to?
> 
> Are you sure it's not simply because your test-case was to attach to
> the io_uring thread? Because the io_uring thread might as well be
> considered to be 64-bit.

  │   └─io_uring-cp,1396 Makefile file
  │   ├─{iou-mgr-1396},1397
  │   ├─{iou-wrk-1396},1398
  │   └─{iou-wrk-1396},1399

strace -ttT -o strace-uring-fail.txt gdb --pid 1396
(note strace -f would deadlock gdb with SIGSTOP)

The full file can be found here:
https://www.samba.org/~metze/strace-uring-fail.txt
(I guess there was a race and the workers 1398 and 1399 exited in between,
that's it using 1397):

18:46:35.429498 ptrace(PTRACE_PEEKUSER, 1397, 8*CS, [NULL]) = 0 <0.22>

>> so my naive assumption
>> would be that it wouldn't allow the detection of a 32-bit application
>> using a 64-bit kernel.
> 
> I'm not entirely convinced we want to care about a confused gdb
> implementation and somebody debugging a case that I don't believe
> happens in practice.
> 
> 32-bit user space is legacy. And legacy isn't io_uring. If somebody
> insists on doing odd things, they can live with the odd results.

Ok, I'd agree for 32-bit applications, but what about libraries?
E.g. distributions ship libraries like libsmbclient or nss modules
as 64-bit and 32-bit version, in order to support legacy applications
to run. Why shouldn't the 32-bit library builds not support io_uring?
(Note libsmbclient don't use io_uring yet, but I guess it will be in future).

Any ideas regarding similar problems for other architectures?

metze

Re: [PATCH 0/2] Don't show PF_IO_WORKER in /proc//task/

[Stefan Metzmacher]

Hi Jens,

>> I know you brought this one up as part of your series, not sure I get
>> why you want it owned by root and read-only? cmdline and exe, yeah those
>> could be hidden, but is there really any point?
>>
>> Maybe I'm missing something here, if so, do clue me in!
> 
> I looked through /proc and I think it's mostly similar to
> the unshare() case, if userspace wants to do stupid things
> like changing "comm" of iothreads, it gets what was asked for.
> 
> But the "cmdline" hiding would be very useful.
> 
> While most tools use "comm", by default.
> 
> ps -eLf or 'iotop' use "cmdline".
> 
> Some processes use setproctitle to change "cmdline" in order
> to identify the process better, without the 15 chars comm restriction,
> that's why I very often press 'c' in 'top' to see the cmdline,
> in that case it would be very helpful to see '[iou-wrk-1234]'
> instead of the seeing the cmdline.
> 
> So I'd very much prefer if this could be applied:
> https://lore.kernel.org/io-uring/d4487f959c778d0b1d4c5738b75bcff17d21df5b.1616197787.git.me...@samba.org/T/#u
> 
> If you want I can add a comment and a more verbose commit message...

I noticed that 'iotop' actually appends ' [iou-wrk-1234]' to the cmdline value,
so that leaves us with 'ps -eLf' and 'top' (with 'c').

pstree -a -t -p is also fine:
  │   └─io_uring-cp,1315 
/root/kernel/linux-image-5.12.0-rc2+-dbg_5.12.0-rc2+-5_amd64.deb file
  │   ├─{iou-mgr-1315},1316
  │   ├─{iou-wrk-1315},1317
  │   ├─{iou-wrk-1315},1318
  │   ├─{iou-wrk-1315},1319
  │   ├─{iou-wrk-1315},1320


In the spirit of "avoid special PF_IO_WORKER checks" I guess it's ok
to leave of as is...

metze

Re: [PATCH 2/8] kernel: unmask SIGSTOP for IO threads

[Stefan Metzmacher]

Hi Jens,

>>> I don't assume signals wanted by userspace should potentially handled in an 
>>> io_thread...
>>> e.g. things set with fcntl(fd, F_SETSIG,) used together with F_SETLEASE?
>>
>> I guess we do actually need it, if we're not fiddling with
>> wants_signal() for them. To quell Oleg's concerns, we can just move it
>> to post dup_task_struct(), that should eliminate any race concerns
>> there.
> 
> If that one is racy, don' we better also want this one?
> https://lore.kernel.org/io-uring/438b738c1e4827a7fdfe43087da88bbe17eedc72.1616197787.git.me...@samba.org/T/#u
> 
> And clear tsk->pf_io_worker ?

As the workers don't clone other workers I guess it's fine to defer this to 
5.13.

metze

Re: [PATCH] Document that PF_KTHREAD _is_ ABI

[Stefan Metzmacher]

Am 31.03.21 um 21:23 schrieb Alexey Dobriyan:
> On Mon, Mar 22, 2021 at 07:53:10AM +, Christoph Hellwig wrote:
>> On Sat, Mar 20, 2021 at 10:23:12AM -0700, Andy Lutomirski wrote:
 https://github.com/systemd/systemd/blob/main/src/basic/process-util.c#L354
 src/basic/process-util.c:is_kernel_thread()
>>>
>>> Eww.
>>>
>>> Could we fix it differently and more permanently by modifying the proc
>>> code to display the values systemd expects?
>>
>> Yes, do_task_stat needs a mapping from kernel flags to UABI flags.  And
>> we should already discard everything we think we can from the UABI
>> now, and only add the ones back that are required to not break
>> userspace.
> 
> Sure we do. Who is going to find all the flags? I found PF_KTHREAD. :^)
> 
> More seriously,
> 
> /proc/$pid/stat was expanded to include tsk->flags in 0.99.1 (!!!)
> 
> Developers kept adding and shuffling flags probably not even realising
> what's going on. The last incident happened at 5.10 when PF_IO_WORKER
> was exchanged with PF_VCPU for smaller codegen.

With the create_io_thread(), the impact of PF_IO_WORKER becomes more broadly
visible and userspace might start to look at it in order to find the difference
between userspace and kernel io threads. (I also think it should actually be 
renamed to
PF_IO_THREAD...)

Jens, what do you think about that?

metze

Re: [PATCH 0/6] Allow signals for IO threads

[Stefan Metzmacher]

Am 01.04.21 um 17:39 schrieb Linus Torvalds:
> On Thu, Apr 1, 2021 at 7:58 AM Stefan Metzmacher  wrote:
>>
>>>
>>> Ok, the following makes gdb happy again:
>>>
>>> --- a/arch/x86/kernel/process.c
>>> +++ b/arch/x86/kernel/process.c
>>> @@ -163,6 +163,8 @@ int copy_thread(unsigned long clone_flags, unsigned 
>>> long sp, unsigned long arg,
>>> /* Kernel thread ? */
>>> if (unlikely(p->flags & (PF_KTHREAD | PF_IO_WORKER))) {
>>> memset(childregs, 0, sizeof(struct pt_regs));
>>> +   if (p->flags & PF_IO_WORKER)
>>> +   childregs->cs = current_pt_regs()->cs;
>>> kthread_frame_init(frame, sp, arg);
>>> return 0;
>>> }
>>
>> Would it be possible to fix this remaining problem before 5.12 final?
> 
> Please not that way.
> 
> But doing something like
> 
> childregs->cs = __USER_CS;
> childregs->ss = __USER_DS;
> childregs->ds = __USER_DS;
> childregs->es = __USER_DS;
> 
> might make sense (just do it unconditionally, rather than making it
> special to PF_IO_WORKER).
> 
> Does that make gdb happy too?

I haven't tried it, but it seems gdb tries to use PTRACE_PEEKUSR
against the last thread tid listed under /proc//tasks/ in order to
get the architecture for the userspace application, so my naive assumption
would be that it wouldn't allow the detection of a 32-bit application
using a 64-bit kernel.

metze

Re: [PATCH 0/6] Allow signals for IO threads

[Stefan Metzmacher]

Hi Jens,

>> For help, type "help".
>> Type "apropos word" to search for commands related to "word".
>> Attaching to process 1320
>> [New LWP 1321]
>> [New LWP 1322]
>>
>> warning: Selected architecture i386:x86-64 is not compatible with reported 
>> target architecture i386
>>
>> warning: Architecture rejected target-supplied description
>> syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
>> 38  ../sysdeps/unix/sysv/linux/x86_64/syscall.S: No such file or 
>> directory.
>> (gdb)
> 
> Ok, the following makes gdb happy again:
> 
> --- a/arch/x86/kernel/process.c
> +++ b/arch/x86/kernel/process.c
> @@ -163,6 +163,8 @@ int copy_thread(unsigned long clone_flags, unsigned long 
> sp, unsigned long arg,
> /* Kernel thread ? */
> if (unlikely(p->flags & (PF_KTHREAD | PF_IO_WORKER))) {
> memset(childregs, 0, sizeof(struct pt_regs));
> +   if (p->flags & PF_IO_WORKER)
> +   childregs->cs = current_pt_regs()->cs;
> kthread_frame_init(frame, sp, arg);
> return 0;
> }
> 
> I'm wondering if we should decouple the PF_KTHREAD and PF_IO_WORKER cases 
> even more
> and keep as much of a userspace-like copy_thread as possible.

Would it be possible to fix this remaining problem before 5.12 final?
(I don't think my change would be the correct fix actually
and other architectures may have similar problems).

Thanks!
metze

Re: [PATCH 0/6] Allow signals for IO threads

[Stefan Metzmacher]

Hi Jens,

> root@ub1704-166:~# LANG=C gdb --pid 1320
> GNU gdb (Ubuntu 9.2-0ubuntu1~20.04) 9.2
> Copyright (C) 2020 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later 
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
> Type "show copying" and "show warranty" for details.
> This GDB was configured as "x86_64-linux-gnu".
> Type "show configuration" for configuration details.
> For bug reporting instructions, please see:
> .
> Find the GDB manual and other documentation resources online at:
> .
> 
> For help, type "help".
> Type "apropos word" to search for commands related to "word".
> Attaching to process 1320
> [New LWP 1321]
> [New LWP 1322]
> 
> warning: Selected architecture i386:x86-64 is not compatible with reported 
> target architecture i386
> 
> warning: Architecture rejected target-supplied description
> syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
> 38  ../sysdeps/unix/sysv/linux/x86_64/syscall.S: No such file or 
> directory.
> (gdb)

Ok, the following makes gdb happy again:

--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -163,6 +163,8 @@ int copy_thread(unsigned long clone_flags, unsigned long 
sp, unsigned long arg,
/* Kernel thread ? */
if (unlikely(p->flags & (PF_KTHREAD | PF_IO_WORKER))) {
memset(childregs, 0, sizeof(struct pt_regs));
+   if (p->flags & PF_IO_WORKER)
+   childregs->cs = current_pt_regs()->cs;
kthread_frame_init(frame, sp, arg);
return 0;
}

I'm wondering if we should decouple the PF_KTHREAD and PF_IO_WORKER cases even 
more
and keep as much of a userspace-like copy_thread as possible.

metze

Re: [PATCH 2/8] kernel: unmask SIGSTOP for IO threads

[Stefan Metzmacher]

Am 26.03.21 um 16:29 schrieb Jens Axboe:
> On 3/26/21 9:23 AM, Stefan Metzmacher wrote:
>> Am 26.03.21 um 16:01 schrieb Jens Axboe:
>>> On 3/26/21 7:48 AM, Oleg Nesterov wrote:
>>>> Jens, sorry, I got lost :/
>>>
>>> Let's bring you back in :-)
>>>
>>>> On 03/25, Jens Axboe wrote:
>>>>>
>>>>> With IO threads accepting signals, including SIGSTOP,
>>>>
>>>> where can I find this change? Looks like I wasn't cc'ed...
>>>
>>> It's this very series.
>>>
>>>>> unmask the
>>>>> SIGSTOP signal from the default blocked mask.
>>>>>
>>>>> Signed-off-by: Jens Axboe 
>>>>> ---
>>>>>  kernel/fork.c | 2 +-
>>>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/kernel/fork.c b/kernel/fork.c
>>>>> index d3171e8e88e5..d5a40552910f 100644
>>>>> --- a/kernel/fork.c
>>>>> +++ b/kernel/fork.c
>>>>> @@ -2435,7 +2435,7 @@ struct task_struct *create_io_thread(int (*fn)(void 
>>>>> *), void *arg, int node)
>>>>>   tsk = copy_process(NULL, 0, node, &args);
>>>>>   if (!IS_ERR(tsk)) {
>>>>>   sigfillset(&tsk->blocked);
>>>>> - sigdelsetmask(&tsk->blocked, sigmask(SIGKILL));
>>>>> + sigdelsetmask(&tsk->blocked, sigmask(SIGKILL)|sigmask(SIGSTOP));
>>>>
>>>> siginitsetinv(blocked, sigmask(SIGKILL)|sigmask(SIGSTOP)) but this is 
>>>> minor.
>>>
>>> Ah thanks.
>>>
>>>> To remind, either way this is racy and can't really help.
>>>>
>>>> And if "IO threads accepting signals" then I don't understand why. Sorry,
>>>> I must have missed something.
>>>
>>> I do think the above is a no-op at this point, and we can probably just
>>> kill it. Let me double check, hopefully we can just remove this blocked
>>> part.
>>
>> Is this really correct to drop in your "kernel: stop masking signals in 
>> create_io_thread()"
>> commit?
>>
>> I don't assume signals wanted by userspace should potentially handled in an 
>> io_thread...
>> e.g. things set with fcntl(fd, F_SETSIG,) used together with F_SETLEASE?
> 
> I guess we do actually need it, if we're not fiddling with
> wants_signal() for them. To quell Oleg's concerns, we can just move it
> to post dup_task_struct(), that should eliminate any race concerns
> there.

If that one is racy, don' we better also want this one?
https://lore.kernel.org/io-uring/438b738c1e4827a7fdfe43087da88bbe17eedc72.1616197787.git.me...@samba.org/T/#u

And clear tsk->pf_io_worker ?

metze

Re: [PATCH 2/8] kernel: unmask SIGSTOP for IO threads

[Stefan Metzmacher]

Am 26.03.21 um 16:01 schrieb Jens Axboe:
> On 3/26/21 7:48 AM, Oleg Nesterov wrote:
>> Jens, sorry, I got lost :/
> 
> Let's bring you back in :-)
> 
>> On 03/25, Jens Axboe wrote:
>>>
>>> With IO threads accepting signals, including SIGSTOP,
>>
>> where can I find this change? Looks like I wasn't cc'ed...
> 
> It's this very series.
> 
>>> unmask the
>>> SIGSTOP signal from the default blocked mask.
>>>
>>> Signed-off-by: Jens Axboe 
>>> ---
>>>  kernel/fork.c | 2 +-
>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/kernel/fork.c b/kernel/fork.c
>>> index d3171e8e88e5..d5a40552910f 100644
>>> --- a/kernel/fork.c
>>> +++ b/kernel/fork.c
>>> @@ -2435,7 +2435,7 @@ struct task_struct *create_io_thread(int (*fn)(void 
>>> *), void *arg, int node)
>>> tsk = copy_process(NULL, 0, node, &args);
>>> if (!IS_ERR(tsk)) {
>>> sigfillset(&tsk->blocked);
>>> -   sigdelsetmask(&tsk->blocked, sigmask(SIGKILL));
>>> +   sigdelsetmask(&tsk->blocked, sigmask(SIGKILL)|sigmask(SIGSTOP));
>>
>> siginitsetinv(blocked, sigmask(SIGKILL)|sigmask(SIGSTOP)) but this is minor.
> 
> Ah thanks.
> 
>> To remind, either way this is racy and can't really help.
>>
>> And if "IO threads accepting signals" then I don't understand why. Sorry,
>> I must have missed something.
> 
> I do think the above is a no-op at this point, and we can probably just
> kill it. Let me double check, hopefully we can just remove this blocked
> part.

Is this really correct to drop in your "kernel: stop masking signals in 
create_io_thread()"
commit?

I don't assume signals wanted by userspace should potentially handled in an 
io_thread...
e.g. things set with fcntl(fd, F_SETSIG,) used together with F_SETLEASE?

metze

Re: [PATCH 0/6] Allow signals for IO threads

[Stefan Metzmacher]

Am 26.03.21 um 16:10 schrieb Jens Axboe:
> On 3/26/21 9:08 AM, Stefan Metzmacher wrote:
>> Am 26.03.21 um 15:55 schrieb Jens Axboe:
>>> On 3/26/21 8:53 AM, Jens Axboe wrote:
>>>> On 3/26/21 8:45 AM, Stefan Metzmacher wrote:
>>>>> Am 26.03.21 um 15:43 schrieb Stefan Metzmacher:
>>>>>> Am 26.03.21 um 15:38 schrieb Jens Axboe:
>>>>>>> On 3/26/21 7:59 AM, Jens Axboe wrote:
>>>>>>>> On 3/26/21 7:54 AM, Jens Axboe wrote:
>>>>>>>>>> The KILL after STOP deadlock still exists.
>>>>>>>>>
>>>>>>>>> In which tree? Sounds like you're still on the old one with that
>>>>>>>>> incremental you sent, which wasn't complete.
>>>>>>>>>
>>>>>>>>>> Does io_wq_manager() exits without cleaning up on SIGKILL?
>>>>>>>>>
>>>>>>>>> No, it should kill up in all cases. I'll try your stop + kill, I just
>>>>>>>>> tested both of them separately and didn't observe anything. I also ran
>>>>>>>>> your io_uring-cp example (and found a bug in the example, fixed and
>>>>>>>>> pushed), fwiw.
>>>>>>>>
>>>>>>>> I can reproduce this one! I'll take a closer look.
>>>>>>>
>>>>>>> OK, that one is actually pretty straight forward - we rely on cleaning
>>>>>>> up on exit, but for fatal cases, get_signal() will call do_exit() for us
>>>>>>> and never return. So we might need a special case in there to deal with
>>>>>>> that, or some other way of ensuring that fatal signal gets processed
>>>>>>> correctly for IO threads.
>>>>>>
>>>>>> And if (fatal_signal_pending(current)) doesn't prevent get_signal() from 
>>>>>> being called?
>>>>>
>>>>> Ah, we're still in the first get_signal() from SIGSTOP, correct?
>>>>
>>>> Yes exactly, we're waiting in there being stopped. So we either need to
>>>> check to something ala:
>>>>
>>>> relock:
>>>> +  if (current->flags & PF_IO_WORKER && fatal_signal_pending(current))
>>>> +  return false;
>>>>
>>>> to catch it upfront and from the relock case, or add:
>>>>
>>>>fatal:
>>>> +  if (current->flags & PF_IO_WORKER)
>>>> +  return false;
>>>>
>>>> to catch it in the fatal section.
>>>
>>> Can you try this? Not crazy about adding a special case, but I don't
>>> think there's any way around this one. And should be pretty cheap, as
>>> we're already pulling in ->flags right above anyway.
>>>
>>> diff --git a/kernel/signal.c b/kernel/signal.c
>>> index 5ad8566534e7..5b75fbe3d2d6 100644
>>> --- a/kernel/signal.c
>>> +++ b/kernel/signal.c
>>> @@ -2752,6 +2752,15 @@ bool get_signal(struct ksignal *ksig)
>>>  */
>>> current->flags |= PF_SIGNALED;
>>>  
>>> +   /*
>>> +* PF_IO_WORKER threads will catch and exit on fatal signals
>>> +* themselves. They have cleanup that must be performed, so
>>> +* we cannot call do_exit() on their behalf. coredumps also
>>> +* do not apply to them.
>>> +*/
>>> +   if (current->flags & PF_IO_WORKER)
>>> +   return false;
>>> +
>>> if (sig_kernel_coredump(signr)) {
>>> if (print_fatal_signals)
>>> print_fatal_signal(ksig->info.si_signo);
>>>
>>
>> I guess not before next week, but if it resolves the problem for you,
>> I guess it would be good to get this into rc5.
> 
> It does, I pushed out a new branch. I'll send out a v2 series in a bit.

Great, thanks!

Any chance to get the "cmdline" hiding included?

metze

Re: [PATCH 0/6] Allow signals for IO threads

[Stefan Metzmacher]

Am 26.03.21 um 15:55 schrieb Jens Axboe:
> On 3/26/21 8:53 AM, Jens Axboe wrote:
>> On 3/26/21 8:45 AM, Stefan Metzmacher wrote:
>>> Am 26.03.21 um 15:43 schrieb Stefan Metzmacher:
>>>> Am 26.03.21 um 15:38 schrieb Jens Axboe:
>>>>> On 3/26/21 7:59 AM, Jens Axboe wrote:
>>>>>> On 3/26/21 7:54 AM, Jens Axboe wrote:
>>>>>>>> The KILL after STOP deadlock still exists.
>>>>>>>
>>>>>>> In which tree? Sounds like you're still on the old one with that
>>>>>>> incremental you sent, which wasn't complete.
>>>>>>>
>>>>>>>> Does io_wq_manager() exits without cleaning up on SIGKILL?
>>>>>>>
>>>>>>> No, it should kill up in all cases. I'll try your stop + kill, I just
>>>>>>> tested both of them separately and didn't observe anything. I also ran
>>>>>>> your io_uring-cp example (and found a bug in the example, fixed and
>>>>>>> pushed), fwiw.
>>>>>>
>>>>>> I can reproduce this one! I'll take a closer look.
>>>>>
>>>>> OK, that one is actually pretty straight forward - we rely on cleaning
>>>>> up on exit, but for fatal cases, get_signal() will call do_exit() for us
>>>>> and never return. So we might need a special case in there to deal with
>>>>> that, or some other way of ensuring that fatal signal gets processed
>>>>> correctly for IO threads.
>>>>
>>>> And if (fatal_signal_pending(current)) doesn't prevent get_signal() from 
>>>> being called?
>>>
>>> Ah, we're still in the first get_signal() from SIGSTOP, correct?
>>
>> Yes exactly, we're waiting in there being stopped. So we either need to
>> check to something ala:
>>
>> relock:
>> +if (current->flags & PF_IO_WORKER && fatal_signal_pending(current))
>> +return false;
>>
>> to catch it upfront and from the relock case, or add:
>>
>>  fatal:
>> +if (current->flags & PF_IO_WORKER)
>> +return false;
>>
>> to catch it in the fatal section.
> 
> Can you try this? Not crazy about adding a special case, but I don't
> think there's any way around this one. And should be pretty cheap, as
> we're already pulling in ->flags right above anyway.
> 
> diff --git a/kernel/signal.c b/kernel/signal.c
> index 5ad8566534e7..5b75fbe3d2d6 100644
> --- a/kernel/signal.c
> +++ b/kernel/signal.c
> @@ -2752,6 +2752,15 @@ bool get_signal(struct ksignal *ksig)
>*/
>   current->flags |= PF_SIGNALED;
>  
> + /*
> +  * PF_IO_WORKER threads will catch and exit on fatal signals
> +  * themselves. They have cleanup that must be performed, so
> +  * we cannot call do_exit() on their behalf. coredumps also
> +  * do not apply to them.
> +  */
> + if (current->flags & PF_IO_WORKER)
> + return false;
> +
>   if (sig_kernel_coredump(signr)) {
>   if (print_fatal_signals)
>   print_fatal_signal(ksig->info.si_signo);
> 

I guess not before next week, but if it resolves the problem for you,
I guess it would be good to get this into rc5.

metze

Re: [PATCH 0/6] Allow signals for IO threads

[Stefan Metzmacher]

Am 26.03.21 um 15:53 schrieb Jens Axboe:
> On 3/26/21 8:45 AM, Stefan Metzmacher wrote:
>> Am 26.03.21 um 15:43 schrieb Stefan Metzmacher:
>>> Am 26.03.21 um 15:38 schrieb Jens Axboe:
>>>> On 3/26/21 7:59 AM, Jens Axboe wrote:
>>>>> On 3/26/21 7:54 AM, Jens Axboe wrote:
>>>>>>> The KILL after STOP deadlock still exists.
>>>>>>
>>>>>> In which tree? Sounds like you're still on the old one with that
>>>>>> incremental you sent, which wasn't complete.
>>>>>>
>>>>>>> Does io_wq_manager() exits without cleaning up on SIGKILL?
>>>>>>
>>>>>> No, it should kill up in all cases. I'll try your stop + kill, I just
>>>>>> tested both of them separately and didn't observe anything. I also ran
>>>>>> your io_uring-cp example (and found a bug in the example, fixed and
>>>>>> pushed), fwiw.
>>>>>
>>>>> I can reproduce this one! I'll take a closer look.
>>>>
>>>> OK, that one is actually pretty straight forward - we rely on cleaning
>>>> up on exit, but for fatal cases, get_signal() will call do_exit() for us
>>>> and never return. So we might need a special case in there to deal with
>>>> that, or some other way of ensuring that fatal signal gets processed
>>>> correctly for IO threads.
>>>
>>> And if (fatal_signal_pending(current)) doesn't prevent get_signal() from 
>>> being called?
>>
>> Ah, we're still in the first get_signal() from SIGSTOP, correct?
> 
> Yes exactly, we're waiting in there being stopped. So we either need to
> check to something ala:
> 
> relock:
> + if (current->flags & PF_IO_WORKER && fatal_signal_pending(current))
> + return false;
> 
> to catch it upfront and from the relock case, or add:
> 
>   fatal:
> + if (current->flags & PF_IO_WORKER)
> + return false;
> 
> to catch it in the fatal section.
> 

Or something like io_uring_files_cancel()

Maybe change current->pf_io_worker with a generic current->io_thread
structure which, has exit hooks, as well as
io_wq_worker_sleeping() and io_wq_worker_running().

Maybe create_io_thread would take such an structure
as argument instead of a single function pointer.

struct io_thread_description {
const char *name;
int (*thread_fn)(struct io_thread_description *);
void (*sleeping_fn)((struct io_thread_description *);
void (*running_fn)((struct io_thread_description *);
void (*exit_fn)((struct io_thread_description *);
};

And then
struct io_wq_manager {
struct io_thread_description description;
... manager specific stuff...
};

metze

Re: [PATCH 0/6] Allow signals for IO threads

[Stefan Metzmacher]

Am 26.03.21 um 15:43 schrieb Stefan Metzmacher:
> Am 26.03.21 um 15:38 schrieb Jens Axboe:
>> On 3/26/21 7:59 AM, Jens Axboe wrote:
>>> On 3/26/21 7:54 AM, Jens Axboe wrote:
>>>>> The KILL after STOP deadlock still exists.
>>>>
>>>> In which tree? Sounds like you're still on the old one with that
>>>> incremental you sent, which wasn't complete.
>>>>
>>>>> Does io_wq_manager() exits without cleaning up on SIGKILL?
>>>>
>>>> No, it should kill up in all cases. I'll try your stop + kill, I just
>>>> tested both of them separately and didn't observe anything. I also ran
>>>> your io_uring-cp example (and found a bug in the example, fixed and
>>>> pushed), fwiw.
>>>
>>> I can reproduce this one! I'll take a closer look.
>>
>> OK, that one is actually pretty straight forward - we rely on cleaning
>> up on exit, but for fatal cases, get_signal() will call do_exit() for us
>> and never return. So we might need a special case in there to deal with
>> that, or some other way of ensuring that fatal signal gets processed
>> correctly for IO threads.
> 
> And if (fatal_signal_pending(current)) doesn't prevent get_signal() from 
> being called?

Ah, we're still in the first get_signal() from SIGSTOP, correct?

metze

Re: [PATCH 0/6] Allow signals for IO threads

[Stefan Metzmacher]

Am 26.03.21 um 15:38 schrieb Jens Axboe:
> On 3/26/21 7:59 AM, Jens Axboe wrote:
>> On 3/26/21 7:54 AM, Jens Axboe wrote:
 The KILL after STOP deadlock still exists.
>>>
>>> In which tree? Sounds like you're still on the old one with that
>>> incremental you sent, which wasn't complete.
>>>
 Does io_wq_manager() exits without cleaning up on SIGKILL?
>>>
>>> No, it should kill up in all cases. I'll try your stop + kill, I just
>>> tested both of them separately and didn't observe anything. I also ran
>>> your io_uring-cp example (and found a bug in the example, fixed and
>>> pushed), fwiw.
>>
>> I can reproduce this one! I'll take a closer look.
> 
> OK, that one is actually pretty straight forward - we rely on cleaning
> up on exit, but for fatal cases, get_signal() will call do_exit() for us
> and never return. So we might need a special case in there to deal with
> that, or some other way of ensuring that fatal signal gets processed
> correctly for IO threads.

And if (fatal_signal_pending(current)) doesn't prevent get_signal() from being 
called?

metze

Re: [PATCH 0/6] Allow signals for IO threads

[Stefan Metzmacher]

Am 26.03.21 um 13:56 schrieb Jens Axboe:
> On 3/26/21 5:48 AM, Stefan Metzmacher wrote:
>>
>> Am 26.03.21 um 01:39 schrieb Jens Axboe:
>>> Hi,
>>>
>>> As discussed in a previous thread today, the seemingly much saner approach
>>> is just to allow signals (including SIGSTOP) for the PF_IO_WORKER IO
>>> threads. If we just have the threads call get_signal() for
>>> signal_pending(), then everything just falls out naturally with how
>>> we receive and handle signals.
>>>
>>> Patch 1 adds support for checking and calling get_signal() from the
>>> regular IO workers, the manager, and the SQPOLL thread. Patch 2 unblocks
>>> SIGSTOP from the default IO thread blocked mask, and the rest just revert
>>> special cases that were put in place for PF_IO_WORKER threads.
>>>
>>> With this done, only two special cases remain for PF_IO_WORKER, and they
>>> aren't related to signals so not part of this patchset. But both of them
>>> can go away as well now that we have "real" threads as IO workers, and
>>> then we'll have zero special cases for PF_IO_WORKER.
>>>
>>> This passes the usual regression testing, my other usual 24h run has been
>>> kicked off. But I wanted to send this out early.
>>>
>>> Thanks to Linus for the suggestion. As with most other good ideas, it's
>>> obvious once you hear it. The fact that we end up with _zero_ special
>>> cases with this is a clear sign that this is the right way to do it
>>> indeed. The fact that this series is 2/3rds revert further drives that
>>> point home. Also thanks to Eric for diligent review on the signal side
>>> of things for the past changes (and hopefully ditto on this series :-))
>>
>> Ok, I'm testing a8ff6a3b20bd16d071ef66824ae4428529d114f9 from
>> your io_uring-5.12 branch.
>>
>> And using this patch:
>> diff --git a/examples/io_uring-cp.c b/examples/io_uring-cp.c
>> index cc7a227a5ec7..6e26a4214015 100644
>> --- a/examples/io_uring-cp.c
>> +++ b/examples/io_uring-cp.c
>> @@ -116,13 +116,16 @@ static void queue_write(struct io_uring *ring, struct 
>> io_data *data)
>> io_uring_submit(ring);
>>  }
>>
>> -static int copy_file(struct io_uring *ring, off_t insize)
>> +static int copy_file(struct io_uring *ring, off_t _insize)
>>  {
>> +   off_t insize = _insize;
>> unsigned long reads, writes;
>> struct io_uring_cqe *cqe;
>> off_t write_left, offset;
>> int ret;
>>
>> +again:
>> +   insize = _insize;
>> write_left = insize;
>> writes = reads = offset = 0;
>>
>> @@ -221,6 +224,12 @@ static int copy_file(struct io_uring *ring, off_t 
>> insize)
>> }
>> }
>>
>> +   {
>> +   struct timespec ts = { .tv_nsec = 99, };
>> +   nanosleep(&ts, NULL);
>> +   goto again;
>> +   }
>> +
>> return 0;
>>  }
>>
>> Running ./io_uring-cp ~/linux-image-5.12.0-rc2+-dbg_5.12.0-rc2+-5_amd64.deb 
>> file
>> What I see is this:
>>
>> kill -SIGSTOP to any thread I used a worker with pid 2061 here, results in
>>
>> root@ub1704-166:~# head /proc/2061/status
>> Name:   iou-wrk-2041
>> Umask:  0022
>> State:  R (running)
>> Tgid:   2041
>> Ngid:   0
>> Pid:2061
>> PPid:   1857
>> TracerPid:  0
>> Uid:0   0   0   0
>> Gid:0   0   0   0
>> root@ub1704-166:~# head /proc/2041/status
>> Name:   io_uring-cp
>> Umask:  0022
>> State:  T (stopped)
>> Tgid:   2041
>> Ngid:   0
>> Pid:2041
>> PPid:   1857
>> TracerPid:  0
>> Uid:0   0   0   0
>> Gid:0   0   0   0
>> root@ub1704-166:~# head /proc/2042/status
>> Name:   iou-mgr-2041
>> Umask:  0022
>> State:  T (stopped)
>> Tgid:   2041
>> Ngid:   0
>> Pid:2042
>> PPid:   1857
>> TracerPid:  0
>> Uid:0   0   0   0
>> Gid:0   0   0   0
>>
>> So userspace and iou-mgr-2041 stop, but the workers don't.
>> 49 workers burn cpu as much as possible.
>>
>> kill -KILL 2061
>> results in this:
>> - all workers are gone
>> - iou-mgr-2041 is gone
>> - io_uring-cp waits in status D forever
>>
>> root@ub1704-166:~# head /proc/2041/status
>> Name:   io_uring-cp
>> Umask:  00

Re: [PATCH 0/2] Don't show PF_IO_WORKER in /proc//task/

[Stefan Metzmacher]

Hi Jens,

>> And /proc/$iothread/ should be read only and owned by root with
>> "cmdline" and "exe" being empty.
> 
> I know you brought this one up as part of your series, not sure I get
> why you want it owned by root and read-only? cmdline and exe, yeah those
> could be hidden, but is there really any point?
> 
> Maybe I'm missing something here, if so, do clue me in!

I looked through /proc and I think it's mostly similar to
the unshare() case, if userspace wants to do stupid things
like changing "comm" of iothreads, it gets what was asked for.

But the "cmdline" hiding would be very useful.

While most tools use "comm", by default.

ps -eLf or 'iotop' use "cmdline".

Some processes use setproctitle to change "cmdline" in order
to identify the process better, without the 15 chars comm restriction,
that's why I very often press 'c' in 'top' to see the cmdline,
in that case it would be very helpful to see '[iou-wrk-1234]'
instead of the seeing the cmdline.

So I'd very much prefer if this could be applied:
https://lore.kernel.org/io-uring/d4487f959c778d0b1d4c5738b75bcff17d21df5b.1616197787.git.me...@samba.org/T/#u

If you want I can add a comment and a more verbose commit message...

metze

Re: [PATCH 0/2] Don't show PF_IO_WORKER in /proc//task/

[Stefan Metzmacher]

Am 25.03.21 um 22:44 schrieb Jens Axboe:
> On 3/25/21 2:40 PM, Jens Axboe wrote:
>> On 3/25/21 2:12 PM, Linus Torvalds wrote:
>>> On Thu, Mar 25, 2021 at 12:42 PM Linus Torvalds
>>>  wrote:

 On Thu, Mar 25, 2021 at 12:38 PM Linus Torvalds
  wrote:
>
> I don't know what the gdb logic is, but maybe there's some other
> option that makes gdb not react to them?

 .. maybe we could have a different name for them under the task/
 subdirectory, for example (not  just the pid)? Although that probably
 messes up 'ps' too..
>>>
>>> Actually, maybe the right model is to simply make all the io threads
>>> take signals, and get rid of all the special cases.
>>>
>>> Sure, the signals will never be delivered to user space, but if we
>>>
>>>  - just made the thread loop do "get_signal()" when there are pending 
>>> signals
>>>
>>>  - allowed ptrace_attach on them
>>>
>>> they'd look pretty much like regular threads that just never do the
>>> user-space part of signal handling.
>>>
>>> The whole "signals are very special for IO threads" thing has caused
>>> so many problems, that maybe the solution is simply to _not_ make them
>>> special?
>>
>> Just to wrap up the previous one, yes it broke all sorts of things to
>> make the 'tid' directory different. They just end up being hidden anyway
>> through that, for both ps and top.
>>
>> Yes, I do think that maybe it's better to just embrace maybe just
>> embrace the signals, and have everything just work by default. It's
>> better than continually trying to make the threads special. I'll see
>> if there are some demons lurking down that path.
> 
> In the spirit of "let's just try it", I ran with the below patch. With
> that, I can gdb attach just fine to a test case that creates an io_uring
> and a regular thread with pthread_create(). The regular thread uses
> the ring, so you end up with two iou-mgr threads. Attach:
> 
> [root@archlinux ~]# gdb -p 360
> [snip gdb noise]
> Attaching to process 360
> [New LWP 361]
> [New LWP 362]
> [New LWP 363]
> 
> warning: Selected architecture i386:x86-64 is not compatible with reported 
> target architecture i386
> 
> warning: Architecture rejected target-supplied description
> Error while reading shared library symbols for /usr/lib/libpthread.so.0:
> Cannot find user-level thread for LWP 363: generic error
> 0x7f7aa526e125 in clock_nanosleep@GLIBC_2.2.5 () from /usr/lib/libc.so.6
> (gdb) info threads
>   Id   Target Id Frame 
> * 1LWP 360 "io_uring"0x7f7aa526e125 in 
> clock_nanosleep@GLIBC_2.2.5 ()
>from /usr/lib/libc.so.6
>   2LWP 361 "iou-mgr-360" 0x in ?? ()
>   3LWP 362 "io_uring"0x7f7aa52a0a9d in syscall () from 
> /usr/lib/libc.so.6
>   4LWP 363 "iou-mgr-362" 0x in ?? ()
> (gdb) thread 2
> [Switching to thread 2 (LWP 361)]
> #0  0x in ?? ()
> (gdb) bt
> #0  0x in ?? ()
> Backtrace stopped: Cannot access memory at address 0x0
> (gdb) cont
> Continuing.
> ^C
> Thread 1 "io_uring" received signal SIGINT, Interrupt.
> [Switching to LWP 360]
> 0x7f7aa526e125 in clock_nanosleep@GLIBC_2.2.5 () from /usr/lib/libc.so.6
> (gdb) q
> A debugging session is active.
> 
>   Inferior 1 [process 360] will be detached.
> 
> Quit anyway? (y or n) y
> Detaching from program: /root/git/fio/t/io_uring, process 360
> [Inferior 1 (process 360) detached]
> 
> The iou-mgr-x threads are stopped just fine, gdb obviously can't get any
> real info out of them. But it works... Regular test cases work fine too,
> just a sanity check. Didn't expect them not to.

I guess that's basically what I tried to describe when I said they should
look like a userspace process that is blocked in a syscall forever.

> Only thing that I dislike a bit, but I guess that's just a Linuxism, is
> that if can now kill an io_uring owning task by sending a signal to one
> of its IO thread workers.

Can't we just only allow SIGSTOP, which will be only delivered to
the iothread itself? And also SIGKILL should not be allowed from userspace.

And /proc/$iothread/ should be read only and owned by root with
"cmdline" and "exe" being empty.

Thanks!
metze

Re: [PATCH 0/2] Don't show PF_IO_WORKER in /proc//task/

[Stefan Metzmacher]

Am 25.03.21 um 22:20 schrieb Stefan Metzmacher:
> 
> Am 25.03.21 um 21:55 schrieb Eric W. Biederman:
>> Oleg Nesterov  writes:
>>
>>> On 03/25, Linus Torvalds wrote:
>>>>
>>>> The whole "signals are very special for IO threads" thing has caused
>>>> so many problems, that maybe the solution is simply to _not_ make them
>>>> special?
>>>
>>> Or may be IO threads should not abuse CLONE_THREAD?
>>>
>>> Why does create_io_thread() abuse CLONE_THREAD ?
>>>
>>> One reason (I think) is that this implies SIGKILL when the process 
>>> exits/execs,
>>> anything else?
>>
>> A lot.
>>
>> The io workers perform work on behave of the ordinary userspace threads.
>> Some of that work is opening files.  For things like rlimits to work
>> properly you need to share the signal_struct.  But odds are if you find
>> anything in signal_struct (not counting signals) there will be an
>> io_uring code path that can exercise it as io_uring can traverse the
>> filesystem, open files and read/write files.  So io_uring can exercise
>> all of proc.
>>
>> Using create_io_thread with CLONE_THREAD is the least problematic way
>> (including all of the signal and ptrace problems we are looking at right
>> now) to implement the io worker threads.
>>
>> They _really_ are threads of the process that just never execute any
>> code in userspace.
> 
> So they should look like a userspace thread sitting in something like
> epoll_pwait() with all signals blocked, which will never return to userspace 
> again?

Would gdb work with that?
The question is what backtrace gdb would show for that thread.

Is it possible to block SIGSTOP/SIGCONT?

I also think that all signals to an iothread should not be delivered to
other threads and it may only react on a direct SIGSTOP/SIGCONT.
I guess even SIGKILL should be ignored as the shutdown should happen
via the exit path of the iothread parent only.

> I think that would be useful, but I also think that userspace should see:
> - /proc/$tidofiothread/cmdline as empty (in order to let ps and top use 
> [iou-wrk-$tidofuserspacethread])
> - /proc/$tidofiothread/exe as symlink to that not exists
> - all of /proc/$tidofiothread/ shows root.root as owner and group
>   and things which still allow write access to /proc/$tidofiothread/comm 
> similar things
>   with rw permissions should still disallow modifications:
> 
> For the other kernel threads e.g. "[cryptd]" I see the following:
> 
> LANG=C ls -l /proc/653 | grep rw
> ls: cannot read symbolic link '/proc/653/exe': No such file or directory
> -rw-r--r--  1 root root 0 Mar 25 22:09 autogroup
> -rw-r--r--  1 root root 0 Mar 25 22:09 comm
> -rw-r--r--  1 root root 0 Mar 25 22:09 coredump_filter
> lrwxrwxrwx  1 root root 0 Mar 25 22:09 cwd -> /
> lrwxrwxrwx  1 root root 0 Mar 25 22:09 exe
> -rw-r--r--  1 root root 0 Mar 25 22:09 gid_map
> -rw-r--r--  1 root root 0 Mar 25 22:09 loginuid
> -rw---  1 root root 0 Mar 25 22:09 mem
> -rw-r--r--  1 root root 0 Mar 25 22:09 oom_adj
> -rw-r--r--  1 root root 0 Mar 25 22:09 oom_score_adj
> -rw-r--r--  1 root root 0 Mar 25 22:09 projid_map
> lrwxrwxrwx  1 root root 0 Mar 25 22:09 root -> /
> -rw-r--r--  1 root root 0 Mar 25 22:09 sched
> -rw-r--r--  1 root root 0 Mar 25 22:09 setgroups
> -rw-r--r--  1 root root 0 Mar 25 22:09 timens_offsets
> -rw-rw-rw-  1 root root 0 Mar 25 22:09 timerslack_ns
> -rw-r--r--  1 root root 0 Mar 25 22:09 uid_map
> 
> And this:
> 
> LANG=C echo "bla" > /proc/653/comm
> -bash: echo: write error: Invalid argument
> 
> LANG=C echo "bla" > /proc/653/gid_map
> -bash: echo: write error: Operation not permitted
> 
> Can't we do the same for iothreads regarding /proc?
> Just make things read only there and empty "cmdline"/"exe"?
> 
> Maybe I'm too naive, but that what I'd assume as a userspace developer/admin.
> 
> Does at least parts of it make any sense?

I think the strange glibc setuid() behavior should also be tests here,
I guess we don't want that to reset the credentials of an iothread!

Another idea would be to have the iothreads as a child process with it's 
threads,
but again I'm only looking as an admin to what I'd except to see under /proc
via ps and top.

metze

Re: [PATCH 0/2] Don't show PF_IO_WORKER in /proc//task/

[Stefan Metzmacher]

Am 25.03.21 um 21:55 schrieb Eric W. Biederman:
> Oleg Nesterov  writes:
> 
>> On 03/25, Linus Torvalds wrote:
>>>
>>> The whole "signals are very special for IO threads" thing has caused
>>> so many problems, that maybe the solution is simply to _not_ make them
>>> special?
>>
>> Or may be IO threads should not abuse CLONE_THREAD?
>>
>> Why does create_io_thread() abuse CLONE_THREAD ?
>>
>> One reason (I think) is that this implies SIGKILL when the process 
>> exits/execs,
>> anything else?
> 
> A lot.
> 
> The io workers perform work on behave of the ordinary userspace threads.
> Some of that work is opening files.  For things like rlimits to work
> properly you need to share the signal_struct.  But odds are if you find
> anything in signal_struct (not counting signals) there will be an
> io_uring code path that can exercise it as io_uring can traverse the
> filesystem, open files and read/write files.  So io_uring can exercise
> all of proc.
> 
> Using create_io_thread with CLONE_THREAD is the least problematic way
> (including all of the signal and ptrace problems we are looking at right
> now) to implement the io worker threads.
> 
> They _really_ are threads of the process that just never execute any
> code in userspace.

So they should look like a userspace thread sitting in something like
epoll_pwait() with all signals blocked, which will never return to userspace 
again?

I think that would be useful, but I also think that userspace should see:
- /proc/$tidofiothread/cmdline as empty (in order to let ps and top use 
[iou-wrk-$tidofuserspacethread])
- /proc/$tidofiothread/exe as symlink to that not exists
- all of /proc/$tidofiothread/ shows root.root as owner and group
  and things which still allow write access to /proc/$tidofiothread/comm 
similar things
  with rw permissions should still disallow modifications:

For the other kernel threads e.g. "[cryptd]" I see the following:

LANG=C ls -l /proc/653 | grep rw
ls: cannot read symbolic link '/proc/653/exe': No such file or directory
-rw-r--r--  1 root root 0 Mar 25 22:09 autogroup
-rw-r--r--  1 root root 0 Mar 25 22:09 comm
-rw-r--r--  1 root root 0 Mar 25 22:09 coredump_filter
lrwxrwxrwx  1 root root 0 Mar 25 22:09 cwd -> /
lrwxrwxrwx  1 root root 0 Mar 25 22:09 exe
-rw-r--r--  1 root root 0 Mar 25 22:09 gid_map
-rw-r--r--  1 root root 0 Mar 25 22:09 loginuid
-rw---  1 root root 0 Mar 25 22:09 mem
-rw-r--r--  1 root root 0 Mar 25 22:09 oom_adj
-rw-r--r--  1 root root 0 Mar 25 22:09 oom_score_adj
-rw-r--r--  1 root root 0 Mar 25 22:09 projid_map
lrwxrwxrwx  1 root root 0 Mar 25 22:09 root -> /
-rw-r--r--  1 root root 0 Mar 25 22:09 sched
-rw-r--r--  1 root root 0 Mar 25 22:09 setgroups
-rw-r--r--  1 root root 0 Mar 25 22:09 timens_offsets
-rw-rw-rw-  1 root root 0 Mar 25 22:09 timerslack_ns
-rw-r--r--  1 root root 0 Mar 25 22:09 uid_map

And this:

LANG=C echo "bla" > /proc/653/comm
-bash: echo: write error: Invalid argument

LANG=C echo "bla" > /proc/653/gid_map
-bash: echo: write error: Operation not permitted

Can't we do the same for iothreads regarding /proc?
Just make things read only there and empty "cmdline"/"exe"?

Maybe I'm too naive, but that what I'd assume as a userspace developer/admin.

Does at least parts of it make any sense?

metze

Re: [PATCH AUTOSEL 5.11 43/44] signal: don't allow STOP on PF_IO_WORKER threads

[Stefan Metzmacher]

Am 25.03.21 um 14:38 schrieb Jens Axboe:
> On 3/25/21 6:11 AM, Stefan Metzmacher wrote:
>>
>> Am 25.03.21 um 13:04 schrieb Eric W. Biederman:
>>> Stefan Metzmacher  writes:
>>>
>>>> Am 25.03.21 um 12:24 schrieb Sasha Levin:
>>>>> From: "Eric W. Biederman" 
>>>>>
>>>>> [ Upstream commit 4db4b1a0d1779dc159f7b87feb97030ec0b12597 ]
>>>>>
>>>>> Just like we don't allow normal signals to IO threads, don't deliver a
>>>>> STOP to a task that has PF_IO_WORKER set. The IO threads don't take
>>>>> signals in general, and have no means of flushing out a stop either.
>>>>>
>>>>> Longer term, we may want to look into allowing stop of these threads,
>>>>> as it relates to eg process freezing. For now, this prevents a spin
>>>>> issue if a SIGSTOP is delivered to the parent task.
>>>>>
>>>>> Reported-by: Stefan Metzmacher 
>>>>> Signed-off-by: Jens Axboe 
>>>>> Signed-off-by: "Eric W. Biederman" 
>>>>> Signed-off-by: Sasha Levin 
>>>>> ---
>>>>>  kernel/signal.c | 3 ++-
>>>>>  1 file changed, 2 insertions(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/kernel/signal.c b/kernel/signal.c
>>>>> index 55526b941011..00a3840f6037 100644
>>>>> --- a/kernel/signal.c
>>>>> +++ b/kernel/signal.c
>>>>> @@ -288,7 +288,8 @@ bool task_set_jobctl_pending(struct task_struct 
>>>>> *task, unsigned long mask)
>>>>>   JOBCTL_STOP_SIGMASK | JOBCTL_TRAPPING));
>>>>>   BUG_ON((mask & JOBCTL_TRAPPING) && !(mask & JOBCTL_PENDING_MASK));
>>>>>  
>>>>> - if (unlikely(fatal_signal_pending(task) || (task->flags & PF_EXITING)))
>>>>> + if (unlikely(fatal_signal_pending(task) ||
>>>>> +  (task->flags & (PF_EXITING | PF_IO_WORKER
>>>>>   return false;
>>>>>  
>>>>>   if (mask & JOBCTL_STOP_SIGMASK)
>>>>>
>>>>
>>>> Again, why is this proposed for 5.11 and 5.10 already?
>>>
>>> Has the bit about the io worker kthreads been backported?
>>> If so this isn't horrible.  If not this is nonsense.
> 
> No not yet - my plan is to do that, but not until we're 100% satisfied
> with it.

Do you understand why the patches where autoselected for 5.11 and 5.10?

>> I don't know, I hope not...
>>
>> But I just tested v5.12-rc4 and attaching to
>> an application with iothreads with gdb is still not possible,
>> it still loops forever trying to attach to the iothreads.
> 
> I do see the looping, gdb apparently doesn't give up when it gets
> -EPERM trying to attach to the threads. Which isn't really a kernel
> thing, but:

Maybe we need to remove the iothreads from /proc/pid/tasks/

>> And I tested 'kill -9 $pidofiothread', and it feezed the whole
>> machine...
> 
> that sounds very strange, I haven't seen anything like that running
> the exact same scenario.
> 
>> So there's still work to do in order to get 5.12 stable.
>>
>> I'm short on time currently, but I hope to send more details soon.
> 
> Thanks! I'll play with it this morning and see if I can provoke
> something odd related to STOP/attach.

Thanks!

Somehow I have the impression that your same_thread_group_account patch
may fix a lot of things...

metze

Re: [PATCH AUTOSEL 5.11 43/44] signal: don't allow STOP on PF_IO_WORKER threads

[Stefan Metzmacher]

Am 25.03.21 um 13:04 schrieb Eric W. Biederman:
> Stefan Metzmacher  writes:
> 
>> Am 25.03.21 um 12:24 schrieb Sasha Levin:
>>> From: "Eric W. Biederman" 
>>>
>>> [ Upstream commit 4db4b1a0d1779dc159f7b87feb97030ec0b12597 ]
>>>
>>> Just like we don't allow normal signals to IO threads, don't deliver a
>>> STOP to a task that has PF_IO_WORKER set. The IO threads don't take
>>> signals in general, and have no means of flushing out a stop either.
>>>
>>> Longer term, we may want to look into allowing stop of these threads,
>>> as it relates to eg process freezing. For now, this prevents a spin
>>> issue if a SIGSTOP is delivered to the parent task.
>>>
>>> Reported-by: Stefan Metzmacher 
>>> Signed-off-by: Jens Axboe 
>>> Signed-off-by: "Eric W. Biederman" 
>>> Signed-off-by: Sasha Levin 
>>> ---
>>>  kernel/signal.c | 3 ++-
>>>  1 file changed, 2 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/kernel/signal.c b/kernel/signal.c
>>> index 55526b941011..00a3840f6037 100644
>>> --- a/kernel/signal.c
>>> +++ b/kernel/signal.c
>>> @@ -288,7 +288,8 @@ bool task_set_jobctl_pending(struct task_struct *task, 
>>> unsigned long mask)
>>> JOBCTL_STOP_SIGMASK | JOBCTL_TRAPPING));
>>> BUG_ON((mask & JOBCTL_TRAPPING) && !(mask & JOBCTL_PENDING_MASK));
>>>  
>>> -   if (unlikely(fatal_signal_pending(task) || (task->flags & PF_EXITING)))
>>> +   if (unlikely(fatal_signal_pending(task) ||
>>> +(task->flags & (PF_EXITING | PF_IO_WORKER
>>> return false;
>>>  
>>> if (mask & JOBCTL_STOP_SIGMASK)
>>>
>>
>> Again, why is this proposed for 5.11 and 5.10 already?
> 
> Has the bit about the io worker kthreads been backported?
> If so this isn't horrible.  If not this is nonsense.

I don't know, I hope not...

But I just tested v5.12-rc4 and attaching to
an application with iothreads with gdb is still not possible,
it still loops forever trying to attach to the iothreads.

And I tested 'kill -9 $pidofiothread', and it feezed the whole
machine...

So there's still work to do in order to get 5.12 stable.

I'm short on time currently, but I hope to send more details soon.

metze

Re: [PATCH AUTOSEL 5.11 42/44] signal: don't allow sending any signals to PF_IO_WORKER threads

[Stefan Metzmacher]

Am 25.03.21 um 12:24 schrieb Sasha Levin:
> From: Jens Axboe 
> 
> [ Upstream commit 5be28c8f85ce99ed2d329d2ad8bdd18ea19473a5 ]
> 
> They don't take signals individually, and even if they share signals with
> the parent task, don't allow them to be delivered through the worker
> thread. Linux does allow this kind of behavior for regular threads, but
> it's really a compatability thing that we need not care about for the IO
> threads.
> 
> Reported-by: Stefan Metzmacher 
> Signed-off-by: Jens Axboe 
> Signed-off-by: Sasha Levin 
> ---
>  kernel/signal.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/kernel/signal.c b/kernel/signal.c
> index 5ad8566534e7..55526b941011 100644
> --- a/kernel/signal.c
> +++ b/kernel/signal.c
> @@ -833,6 +833,9 @@ static int check_kill_permission(int sig, struct 
> kernel_siginfo *info,
>  
>   if (!valid_signal(sig))
>   return -EINVAL;
> + /* PF_IO_WORKER threads don't take any signals */
> + if (t->flags & PF_IO_WORKER)
> + return -ESRCH;

Why is that proposed for 5.11 and 5.10 now?

Are the create_io_thread() patches already backported?

I think we should hold on with the backports until
everything is stable in v5.12 final.

I'm still about to test on top of v5.12-rc4
and have a pending mail why I think this particular change is
wrong even in 5.12.

Jens, did you send these to stable?

metze

Re: [PATCH AUTOSEL 5.11 43/44] signal: don't allow STOP on PF_IO_WORKER threads

[Stefan Metzmacher]

Am 25.03.21 um 12:24 schrieb Sasha Levin:
> From: "Eric W. Biederman" 
> 
> [ Upstream commit 4db4b1a0d1779dc159f7b87feb97030ec0b12597 ]
> 
> Just like we don't allow normal signals to IO threads, don't deliver a
> STOP to a task that has PF_IO_WORKER set. The IO threads don't take
> signals in general, and have no means of flushing out a stop either.
> 
> Longer term, we may want to look into allowing stop of these threads,
> as it relates to eg process freezing. For now, this prevents a spin
> issue if a SIGSTOP is delivered to the parent task.
> 
> Reported-by: Stefan Metzmacher 
> Signed-off-by: Jens Axboe 
> Signed-off-by: "Eric W. Biederman" 
> Signed-off-by: Sasha Levin 
> ---
>  kernel/signal.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/kernel/signal.c b/kernel/signal.c
> index 55526b941011..00a3840f6037 100644
> --- a/kernel/signal.c
> +++ b/kernel/signal.c
> @@ -288,7 +288,8 @@ bool task_set_jobctl_pending(struct task_struct *task, 
> unsigned long mask)
>   JOBCTL_STOP_SIGMASK | JOBCTL_TRAPPING));
>   BUG_ON((mask & JOBCTL_TRAPPING) && !(mask & JOBCTL_PENDING_MASK));
>  
> - if (unlikely(fatal_signal_pending(task) || (task->flags & PF_EXITING)))
> + if (unlikely(fatal_signal_pending(task) ||
> +  (task->flags & (PF_EXITING | PF_IO_WORKER
>   return false;
>  
>   if (mask & JOBCTL_STOP_SIGMASK)
> 

Again, why is this proposed for 5.11 and 5.10 already?

metze

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  293ab5f20ca ldb: bump version to 2.4.0, in order to be used for 
Samba 4.15
   via  9532c44baea CVE-2020-27840: pytests: move Dn.validate test to ldb
   via  dbb3e65f7e3 CVE-2020-27840 ldb_dn: avoid head corruption in 
ldb_dn_explode
   via  1996b79f376 CVE-2020-27840: pytests:segfault: add ldb.Dn validate 
test
   via  1fe8c790b22 CVE-2021-20277 ldb/attrib_handlers casefold: stay in 
bounds
   via  ea4bd2c437f CVE-2021-20277 ldb tests: ldb_match tests with extra 
spaces
  from  bf1c294adb7 auth:creds: Free the uname pointer in 
cli_credentials_parse_string()

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 293ab5f20caa12b7aaafaac992d5ce89cae77d45
Author: Stefan Metzmacher 
Date:   Wed Mar 24 12:54:31 2021 +0100

ldb: bump version to 2.4.0, in order to be used for Samba 4.15

Signed-off-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Wed Mar 24 13:11:52 UTC 2021 on sn-devel-184

commit 9532c44baea130db74f866e1472cb871936cd3dd
Author: Douglas Bagnall 
Date:   Thu Feb 11 16:28:43 2021 +1300

CVE-2020-27840: pytests: move Dn.validate test to ldb

We had the test in the Samba Python segfault suite because
a) the signal catching infrastructure was there, and
b) the ldb tests lack Samba's knownfail mechanism, which allowed us to
   assert the failure.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14595

Signed-off-by: Douglas Bagnall 
Reviewed-by: Andrew Bartlett 

commit dbb3e65f7e382adf5fa6a6afb3d8684aca3f201a
Author: Douglas Bagnall 
Date:   Fri Dec 11 16:32:25 2020 +1300

CVE-2020-27840 ldb_dn: avoid head corruption in ldb_dn_explode

A DN string with lots of trailing space can cause ldb_dn_explode() to
put a zero byte in the wrong place in the heap.

When a DN string has a value represented with trailing spaces,
like this

 "CN=foo   ,DC=bar"

the whitespace is supposed to be ignored. We keep track of this in the
`t` pointer, which is NULL when we are not walking through trailing
spaces, and points to the first space when we are. We are walking with
the `p` pointer, writing the value to `d`, and keeping the length in
`l`.

 "CN=foo   ,DC= "   ==>   "foo   "
^  ^ ^
t  p d
   --l---

The value is finished when we encounter a comma or the end of the
string. If `t` is not NULL at that point, we assume there are trailing
spaces and wind `d and `l` back by the correct amount. Then we switch
to expecting an attribute name (e.g. "CN"), until we get to an "=",
which puts us back into looking for a value.

Unfortunately, we forget to immediately tell `t` that we'd finished
the last value, we can end up like this:

 "CN=foo   ,DC= "   ==>""
^  ^^
t  pd
l=0

where `p` is pointing to a new value that contains only spaces, while
`t` is still referring to the old value. `p` notices the value ends,
and we subtract `p - t` from `d`:

 "CN=foo   ,DC= "   ==>  ? ""
^   ^^
t   pd
  l ~= SIZE_MAX - 8

At that point `d` wants to terminate its string with a '\0', but
instead it terminates someone else's byte. This does not crash if the
number of trailing spaces is small, as `d` will point into a previous
value (a copy of "foo" in this example). Corrupting that value will
ultimately not matter, as we will soon try to allocate a buffer `l`
long, which will be greater than the available memory and the whole
operation will fail properly.

However, with more spaces, `d` will point into memory before the
beginning of the allocated buffer, with the exact offset depending on
the length of the earlier attributes and the number of spaces.

What about a longer DN with more attributes? For example,
"CN=foo ,DC= ,DC=example,DC=com" -- since `d` has moved out of
bounds, won't we continue to use it and write more DN values into
mystery memory? Fortunately not, because the aforementioned allocation
of `l` bytes must happen first, and `l` is now huge. The allocation
happens in a talloc_memdup(), which is by default restricted to
allocating 256MB.

So this allows a person who controls a string parsed by ldb_dn_e

[SCM] Samba Shared Repository - branch v4-14-test updated

[Stefan Metzmacher]

The branch, v4-14-test has been updated
   via  6e981465fce VERSION: Bump version up to 4.14.2...
   via  3dceb3ac569 Merge tag 'samba-4.14.2' into v4-14-test
   via  5b5f4deb88a WHATSNEW: Add release notes for Samba 4.14.2.
   via  e2409cb5480 VERSION: Bump version for Samba 4.14.2 release.
   via  f31a64c1333 ldb: version 2.3.0
   via  ed4a04eca53 VERSION: Disable GIT_SNAPSHOT for the 4.14.1 release.
   via  94b42a3a393 WHATSNEW: Add release notes for Samba 4.14.1.
   via  2d82f0e1b84 CVE-2020-27840: pytests: move Dn.validate test to ldb
   via  f89767bea73 CVE-2020-27840 ldb_dn: avoid head corruption in 
ldb_dn_explode
   via  c82bea2b723 CVE-2020-27840: pytests:segfault: add ldb.Dn validate 
test
   via  fab6b79b772 CVE-2021-20277 ldb/attrib_handlers casefold: stay in 
bounds
   via  50e44877c3d CVE-2021-20277 ldb: Remove tests from ldb_match_test 
that do not pass
   via  1d966cb12e7 CVE-2021-20277 ldb tests: ldb_match tests with extra 
spaces
   via  ff12bd2fa12 ldb: add tests for ldb_wildcard_compare
   via  72ca2fb73a9 VERSION: Bump version up to 4.14.1...
  from  3fa3608e8f0 VERSION: Bump version up to 4.14.1...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-14-test


- Log -
commit 6e981465fcea254e7523674978ac1434c64c86ed
Author: Stefan Metzmacher 
Date:   Wed Mar 24 11:55:22 2021 +0100

VERSION: Bump version up to 4.14.2...

GIT_SNAPSHOT is already 'yes'.

Signed-off-by: Stefan Metzmacher 

commit 3dceb3ac569b33613824e643c3f6003089fda7ce
Merge: 3fa3608e8f0 5b5f4deb88a
Author: Stefan Metzmacher 
Date:   Wed Mar 24 11:55:04 2021 +0100

Merge tag 'samba-4.14.2' into v4-14-test

samba: tag release samba-4.14.2
    
Signed-off-by: Stefan Metzmacher 

---

Summary of changes:
 VERSION|   2 +-
 WHATSNEW.txt   | 124 ++
 lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.3.0.sigs} |   0
 ...pyldb-util-2.1.0.sigs => pyldb-util-2.3.0.sigs} |   0
 lib/ldb/common/attrib_handlers.c   |   2 +-
 lib/ldb/common/ldb_dn.c|   1 +
 lib/ldb/tests/ldb_match_test.c | 138 +++--
 lib/ldb/tests/python/crash.py  |  45 +++
 lib/ldb/wscript|   3 +-
 9 files changed, 302 insertions(+), 13 deletions(-)
 copy lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.3.0.sigs} (100%)
 copy lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.3.0.sigs} (100%)
 create mode 100644 lib/ldb/tests/python/crash.py


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 626f0afffe6..43019d5a7f4 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=14
-SAMBA_VERSION_RELEASE=1
+SAMBA_VERSION_RELEASE=3
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 7e46022b2b9..1ef1779c841 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,127 @@
+   ==
+   Release Notes for Samba 4.14.2
+   March 24, 2021
+   ==
+
+
+This is a follow-up release to depend on the correct ldb version. This is only
+needed when building against a system ldb library.
+
+This is a security release in order to address the following defects:
+
+o CVE-2020-27840: Heap corruption via crafted DN strings.
+o CVE-2021-20277: Out of bounds read in AD DC LDAP server.
+
+
+===
+Details
+===
+
+o  CVE-2020-27840:
+   An anonymous attacker can crash the Samba AD DC LDAP server by sending 
easily
+   crafted DNs as part of a bind request. More serious heap corruption is 
likely
+   also possible.
+
+o  CVE-2021-20277:
+   User-controlled LDAP filter strings against the AD DC LDAP server may crash
+   the LDAP server.
+
+For more details, please refer to the security advisories.
+
+
+Changes since 4.14.1
+
+
+o  Release with dependency on ldb version 2.3.0.
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the proje

[SCM] Samba Shared Repository - branch v4-13-test updated

[Stefan Metzmacher]

The branch, v4-13-test has been updated
   via  5677103fe7b VERSION: Bump version up to 4.13.8...
   via  112d5f41718 Merge tag 'samba-4.13.7' into HEAD
   via  bf1d38a7a16 WHATSNEW: Add release notes for Samba 4.13.7.
   via  2afbb6d42e6 VERSION: Bump version for Samba 4.13.7 release.
   via  7cb60d4209a ldb: version 2.2.1
   via  440b75fda70 VERSION: Disable GIT_SNAPSHOT for the 4.13.6 release.
   via  ef48e861e84 WHATSNEW: Add release notes for Samba 4.13.6.
   via  56a72e2562a CVE-2020-27840: pytests: move Dn.validate test to ldb
   via  2193d840045 CVE-2020-27840 ldb_dn: avoid head corruption in 
ldb_dn_explode
   via  7924431e7e4 CVE-2020-27840: pytests:segfault: add ldb.Dn validate 
test
   via  e0901deb314 CVE-2021-20277 ldb/attrib_handlers casefold: stay in 
bounds
   via  309b18d53c1 CVE-2021-20277 ldb: Remove tests from ldb_match_test 
that do not pass
   via  736cdfad05c CVE-2021-20277 ldb tests: ldb_match tests with extra 
spaces
   via  99d849abc3b ldb: add tests for ldb_wildcard_compare
   via  b3f66d56baa VERSION: Bump version up to 4.13.6...
  from  b30c0416390 VERSION: Bump version up to 4.13.6...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test


- Log -
commit 5677103fe7b49ed7738d5df5e5231473c673e08c
Author: Stefan Metzmacher 
Date:   Wed Mar 24 11:52:22 2021 +0100

VERSION: Bump version up to 4.13.8...

GIT_SNAPSHOT is already 'yes'.

Signed-off-by: Stefan Metzmacher 

commit 112d5f417186f24483205866cafd3f1a2ad6b6d0
Merge: b30c0416390 bf1d38a7a16
Author: Stefan Metzmacher 
Date:   Wed Mar 24 11:51:33 2021 +0100

Merge tag 'samba-4.13.7' into HEAD

samba: tag release samba-4.13.7
    
Signed-off-by: Stefan Metzmacher 

---

Summary of changes:
 VERSION|   2 +-
 WHATSNEW.txt   | 127 ++-
 lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.2.1.sigs} |   0
 ...pyldb-util-2.1.0.sigs => pyldb-util-2.2.1.sigs} |   0
 lib/ldb/common/attrib_handlers.c   |   2 +-
 lib/ldb/common/ldb_dn.c|   1 +
 lib/ldb/tests/ldb_match_test.c | 138 +++--
 lib/ldb/tests/python/crash.py  |  45 +++
 lib/ldb/wscript|   3 +-
 9 files changed, 303 insertions(+), 15 deletions(-)
 copy lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.2.1.sigs} (100%)
 copy lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.2.1.sigs} (100%)
 create mode 100644 lib/ldb/tests/python/crash.py


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 2a2707bfcf2..ae39d7d1aac 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=13
-SAMBA_VERSION_RELEASE=6
+SAMBA_VERSION_RELEASE=8
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 8b8c349eaa5..7df21d367c1 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,127 @@
+   ==
+   Release Notes for Samba 4.13.7
+   March 24, 2021
+   ==
+
+
+This is a follow-up release to depend on the correct ldb version. This is only
+needed when building against a system ldb library.
+
+This is a security release in order to address the following defects:
+
+o CVE-2020-27840: Heap corruption via crafted DN strings.
+o CVE-2021-20277: Out of bounds read in AD DC LDAP server.
+
+
+===
+Details
+===
+
+o  CVE-2020-27840:
+   An anonymous attacker can crash the Samba AD DC LDAP server by sending 
easily
+   crafted DNs as part of a bind request. More serious heap corruption is 
likely
+   also possible.
+
+o  CVE-2021-20277:
+   User-controlled LDAP filter strings against the AD DC LDAP server may crash
+   the LDAP server.
+
+For more details, please refer to the security advisories.
+
+
+Changes since 4.13.6
+
+
+o  Release with dependency on ldb version 2.2.1.
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the proje

[SCM] Samba Shared Repository - branch v4-12-test updated

[Stefan Metzmacher]

The branch, v4-12-test has been updated
   via  deb7b32b437 VERSION: Bump version up to 4.12.15...
   via  4652bf73a89 Merge branch 'v4-12-stable' (samba-4.12.14) into 
'v4-12-test'
   via  94c36535bfd WHATSNEW: Add release notes for Samba 4.12.14.
   via  c7627de2c65 VERSION: Bump version for Samba 4.12.14 release.
   via  6e82957b969 ldb: version 2.1.5
   via  bb2f64babf1 VERSION: Disable GIT_SNAPSHOT for the Samba 4.12.13 
release.
   via  48b89864efa WHATSNEW: Add release notes for Samba 4.12.13.
   via  4d40e9ce9c7 CVE-2020-27840: pytests: move Dn.validate test to ldb
   via  4caf1ebc7a0 CVE-2020-27840 ldb_dn: avoid head corruption in 
ldb_dn_explode
   via  d59379853d8 CVE-2020-27840: pytests:segfault: add ldb.Dn validate 
test
   via  719c8484bf5 CVE-2021-20277 ldb/attrib_handlers casefold: stay in 
bounds
   via  93d0e1cbc27 CVE-2021-20277 ldb: Remove tests from ldb_match_test 
that do not pass
   via  bc967501aeb CVE-2021-20277 ldb tests: ldb_match tests with extra 
spaces
   via  c99c29e1e34 ldb: add tests for ldb_wildcard_compare
   via  0f911f85a8e WHATSNEW: Fix typo.
   via  1965283812e VERSION: Bump version up to 4.12.13...
  from  c464af42449 WHATSNEW: Fix typo.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-test


- Log -
commit deb7b32b4372625211a4d6ba26e3d00223e903ca
Author: Stefan Metzmacher 
Date:   Wed Mar 24 11:32:11 2021 +0100

VERSION: Bump version up to 4.12.15...

GIT_SNAPSHOT is already 'yes'.
    
Signed-off-by: Stefan Metzmacher 

commit 4652bf73a89df8fcf8972a2d47acfc522541e809
Merge: c464af42449 94c36535bfd
Author: Stefan Metzmacher 
Date:   Wed Mar 24 11:25:31 2021 +0100

Merge branch 'v4-12-stable' (samba-4.12.14) into 'v4-12-test'

Signed-off-by: Stefan Metzmacher 

---

Summary of changes:
 VERSION|   2 +-
 WHATSNEW.txt   | 127 ++-
 lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.1.5.sigs} |   0
 ...pyldb-util-2.1.0.sigs => pyldb-util-2.1.5.sigs} |   0
 lib/ldb/common/attrib_handlers.c   |   2 +-
 lib/ldb/common/ldb_dn.c|   1 +
 lib/ldb/tests/ldb_match_test.c | 138 +++--
 lib/ldb/tests/python/crash.py  |  45 +++
 lib/ldb/wscript|   3 +-
 9 files changed, 303 insertions(+), 15 deletions(-)
 copy lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.1.5.sigs} (100%)
 copy lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.1.5.sigs} (100%)
 create mode 100644 lib/ldb/tests/python/crash.py


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index f10a52e188b..1f011252804 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=12
-SAMBA_VERSION_RELEASE=13
+SAMBA_VERSION_RELEASE=15
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 4b522a6b74d..f3c64a7050c 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,127 @@
+   ===
+   Release Notes for Samba 4.12.14
+   March 24, 2021
+   ===
+
+
+This is a follow-up release to depend on the correct ldb version. This is only
+needed when building against a system ldb library.
+
+This is a security release in order to address the following defects:
+
+o CVE-2020-27840: Heap corruption via crafted DN strings.
+o CVE-2021-20277: Out of bounds read in AD DC LDAP server.
+
+
+===
+Details
+===
+
+o  CVE-2020-27840:
+   An anonymous attacker can crash the Samba AD DC LDAP server by sending 
easily
+   crafted DNs as part of a bind request. More serious heap corruption is 
likely
+   also possible.
+
+o  CVE-2021-20277:
+   User-controlled LDAP filter strings against the AD DC LDAP server may crash
+   the LDAP server.
+
+For more details, please refer to the security advisories.
+
+
+Changes since 4.12.13
+-
+
+o  Release with dependency on ldb version 2.1.5.
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the

[SCM] Samba Shared Repository - branch v4-14-stable updated

[Stefan Metzmacher]

The branch, v4-14-stable has been updated
   via  e2409cb5480 VERSION: Bump version for Samba 4.14.2 release.
   via  f31a64c1333 ldb: version 2.3.0
  from  ed4a04eca53 VERSION: Disable GIT_SNAPSHOT for the 4.14.1 release.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-14-stable


- Log -
commit e2409cb5480b705ee167f34ae00c7c91a2f9c0a0
Author: Stefan Metzmacher 
Date:   Wed Mar 24 10:24:47 2021 +0100

VERSION: Bump version for Samba 4.14.2 release.

o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings.
o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server.

Note this is exactly the same as 4.14.1, except that it
has a dependency on ldb version 2.3.0, which is needed if
someone builds against a system libldb.

Signed-off-by: Stefan Metzmacher 
Signed-off-by: Karolin Seeger 

commit f31a64c133388e4b40bc4e54f3d72f64e13aea86
Author: Stefan Metzmacher 
Date:   Wed Mar 24 10:23:06 2021 +0100

ldb: version 2.3.0

o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings.
o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server.

Signed-off-by: Stefan Metzmacher 
Signed-off-by: Karolin Seeger 

---

Summary of changes:
 VERSION  | 2 +-
 lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.3.0.sigs}   | 0
 lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.3.0.sigs} | 0
 lib/ldb/wscript  | 2 +-
 4 files changed, 2 insertions(+), 2 deletions(-)
 copy lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.3.0.sigs} (100%)
 copy lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.3.0.sigs} (100%)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 01b91528239..a1b3f67bdd1 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=14
-SAMBA_VERSION_RELEASE=1
+SAMBA_VERSION_RELEASE=2
 
 
 # If a official release has a serious bug  #
diff --git a/lib/ldb/ABI/ldb-2.0.5.sigs b/lib/ldb/ABI/ldb-2.3.0.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-2.0.5.sigs
copy to lib/ldb/ABI/ldb-2.3.0.sigs
diff --git a/lib/ldb/ABI/pyldb-util-2.1.0.sigs 
b/lib/ldb/ABI/pyldb-util-2.3.0.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-2.1.0.sigs
copy to lib/ldb/ABI/pyldb-util-2.3.0.sigs
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 32a1a2e0ec0..bf6129bd6fa 100644
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 
 APPNAME = 'ldb'
-VERSION = '2.2.0'
+VERSION = '2.3.0'
 
 import sys, os
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-13-stable updated

[Stefan Metzmacher]

The branch, v4-13-stable has been updated
   via  2afbb6d42e6 VERSION: Bump version for Samba 4.13.7 release.
   via  7cb60d4209a ldb: version 2.2.1
  from  440b75fda70 VERSION: Disable GIT_SNAPSHOT for the 4.13.6 release.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-stable


- Log -
commit 2afbb6d42e6c1a75a49c2682c461224fcfd20bb4
Author: Stefan Metzmacher 
Date:   Wed Mar 24 10:24:47 2021 +0100

VERSION: Bump version for Samba 4.13.7 release.

o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings.
o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server.

Note this is exactly the same as 4.13.6, except that it
has a dependency on ldb version 2.2.1, which is needed if
someone builds against a system libldb.

Signed-off-by: Stefan Metzmacher 
Signed-off-by: Karolin Seeger 

commit 7cb60d4209ab416d37896f8dd6a3175fd3c6d657
Author: Stefan Metzmacher 
Date:   Wed Mar 24 10:21:56 2021 +0100

ldb: version 2.2.1

o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings.
o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server.

Signed-off-by: Stefan Metzmacher 
Signed-off-by: Karolin Seeger 

---

Summary of changes:
 VERSION  | 2 +-
 lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.2.1.sigs}   | 0
 lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.2.1.sigs} | 0
 lib/ldb/wscript  | 2 +-
 4 files changed, 2 insertions(+), 2 deletions(-)
 copy lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.2.1.sigs} (100%)
 copy lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.2.1.sigs} (100%)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index de7894516ff..9f3a9e91308 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=13
-SAMBA_VERSION_RELEASE=6
+SAMBA_VERSION_RELEASE=7
 
 
 # If a official release has a serious bug  #
diff --git a/lib/ldb/ABI/ldb-2.0.5.sigs b/lib/ldb/ABI/ldb-2.2.1.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-2.0.5.sigs
copy to lib/ldb/ABI/ldb-2.2.1.sigs
diff --git a/lib/ldb/ABI/pyldb-util-2.1.0.sigs 
b/lib/ldb/ABI/pyldb-util-2.2.1.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-2.1.0.sigs
copy to lib/ldb/ABI/pyldb-util-2.2.1.sigs
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 32a1a2e0ec0..164065ab79a 100644
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 
 APPNAME = 'ldb'
-VERSION = '2.2.0'
+VERSION = '2.2.1'
 
 import sys, os
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-12-stable updated

[Stefan Metzmacher]

The branch, v4-12-stable has been updated
   via  c7627de2c65 VERSION: Bump version for Samba 4.12.14 release.
   via  6e82957b969 ldb: version 2.1.5
  from  bb2f64babf1 VERSION: Disable GIT_SNAPSHOT for the Samba 4.12.13 
release.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable


- Log -
commit c7627de2c654eee34126011f3fe5174b6143486d
Author: Stefan Metzmacher 
Date:   Wed Mar 24 10:24:47 2021 +0100

VERSION: Bump version for Samba 4.12.14 release.

o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings.
o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server.

Note this is exactly the same as 4.12.13, except that it
has a dependency on ldb version 2.1.5, which is needed if
someone builds against a system libldb.

Signed-off-by: Stefan Metzmacher 
Signed-off-by: Karolin Seeger 

commit 6e82957b969036fc4670d2d7e500c09e5b880112
Author: Stefan Metzmacher 
Date:   Wed Mar 24 10:19:53 2021 +0100

ldb: version 2.1.5

o BUG #14595: CVE-2020-27840: Heap corruption via crafted DN strings.
o BUG #14655: CVE-2021-20277: Out of bounds read in AD DC LDAP server.

Signed-off-by: Stefan Metzmacher 
Signed-off-by: Karolin Seeger 

---

Summary of changes:
 VERSION  | 2 +-
 lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.1.5.sigs}   | 0
 lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.1.5.sigs} | 0
 lib/ldb/wscript  | 2 +-
 4 files changed, 2 insertions(+), 2 deletions(-)
 copy lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.1.5.sigs} (100%)
 copy lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.1.5.sigs} (100%)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 94138794cdc..b3cc915133d 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=12
-SAMBA_VERSION_RELEASE=13
+SAMBA_VERSION_RELEASE=14
 
 
 # If a official release has a serious bug  #
diff --git a/lib/ldb/ABI/ldb-2.0.5.sigs b/lib/ldb/ABI/ldb-2.1.5.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-2.0.5.sigs
copy to lib/ldb/ABI/ldb-2.1.5.sigs
diff --git a/lib/ldb/ABI/pyldb-util-2.1.0.sigs 
b/lib/ldb/ABI/pyldb-util-2.1.5.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-2.1.0.sigs
copy to lib/ldb/ABI/pyldb-util-2.1.5.sigs
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 33265da373a..493fd7c5d77 100644
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 
 APPNAME = 'ldb'
-VERSION = '2.1.4'
+VERSION = '2.1.5'
 
 import sys, os
 


-- 
Samba Shared Repository

Re: [Linux-cifsd-devel] [PATCH 2/5] cifsd: add server-side procedures for SMB3

[Stefan Metzmacher]

Am 22.03.21 um 07:50 schrieb Christoph Hellwig:
> On Mon, Mar 22, 2021 at 09:47:13AM +0300, Dan Carpenter wrote:
>> On Mon, Mar 22, 2021 at 02:13:41PM +0900, Namjae Jeon wrote:
>>> +static unsigned char
>>> +asn1_octet_decode(struct asn1_ctx *ctx, unsigned char *ch)
>>> +{
>>> +   if (ctx->pointer >= ctx->end) {
>>> +   ctx->error = ASN1_ERR_DEC_EMPTY;
>>> +   return 0;
>>> +   }
>>> +   *ch = *(ctx->pointer)++;
>>> +   return 1;
>>> +}
>>
>>
>> Make this bool.
>>
> 
> More importantly don't add another ANS1 parser, but use the generic
> one in lib/asn1_decoder.c instead.  CIFS should also really use it.

I think the best would be to avoid asn1 completely in the kernel
and do the whole authentication in userspace.

The kernel can only deal this blobs here, I don't there's need to
look inside the blobs.

1. ksmbd-mount would provide a fixed initial blob that's always
   the same and will be returned in the
   "2.2.4 SMB2 NEGOTIATE Response" PDU as SecurityBuffer

2. The kernel just blindly forwards the SecurityBuffer
   of "2.2.5 SMB2 SESSION_SETUP Request" to userspace
   together with the client provided SessionId (from
   2.2.1.2 SMB2 Packet Header - SYNC) as well as
   negotiated signing and encryption algorithm ids
   and the latest preauth hash.

3. Userspace passes a NTSTATUS together with SecurityBuffer blob for the
   2.2.6 SMB2 SESSION_SETUP Response back to the kernel:

   - NT_STATUS_MORE_PROCESSING_REQUIRED (more authentication legs are required)
 SecurityBuffer is most likely a non empty buffer

   - NT_STATUS_OK - The authentication is complete:
 SecurityBuffer might be empty or not
 It also pass a channel signing key, a decryption and encrytion key
 as well as the unix token ( I guess in the current form it's only uid/gid)
 down to the kernel

   - Any other status means the authentication failed, which is a hard error 
for the client

The PDU definitions are defined here:
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/6eaf6e75-9c23-4eda-be99-c9223c60b181

I think everything else belongs to userspace.

Such a "simple" design for the kernel part, would mean that ksmbd-mount would 
do what the
kernel part is currently doing, but it also means it will be trivial to plug 
the userspace
part to samba's winbindd in future order to get domain wide authentication.

metze



OpenPGP_signature
Description: OpenPGP digital signature

Re: [PATCH v2 1/1] io_uring: call req_set_fail_links() on short send[msg]()/recv[msg]() with MSG_WAITALL

[Stefan Metzmacher]

Am 20.03.21 um 23:57 schrieb Jens Axboe:
> On 3/20/21 1:33 PM, Stefan Metzmacher wrote:
>> Without that it's not safe to use them in a linked combination with
>> others.
>>
>> Now combinations like IORING_OP_SENDMSG followed by IORING_OP_SPLICE
>> should be possible.
>>
>> We already handle short reads and writes for the following opcodes:
>>
>> - IORING_OP_READV
>> - IORING_OP_READ_FIXED
>> - IORING_OP_READ
>> - IORING_OP_WRITEV
>> - IORING_OP_WRITE_FIXED
>> - IORING_OP_WRITE
>> - IORING_OP_SPLICE
>> - IORING_OP_TEE
>>
>> Now we have it for these as well:
>>
>> - IORING_OP_SENDMSG
>> - IORING_OP_SEND
>> - IORING_OP_RECVMSG
>> - IORING_OP_RECV
>>
>> For IORING_OP_RECVMSG we also check for the MSG_TRUNC and MSG_CTRUNC
>> flags in order to call req_set_fail_links().
>>
>> There might be applications arround depending on the behavior
>> that even short send[msg]()/recv[msg]() retuns continue an
>> IOSQE_IO_LINK chain.
>>
>> It's very unlikely that such applications pass in MSG_WAITALL,
>> which is only defined in 'man 2 recvmsg', but not in 'man 2 sendmsg'.
>>
>> It's expected that the low level sock_sendmsg() call just ignores
>> MSG_WAITALL, as MSG_ZEROCOPY is also ignored without explicitly set
>> SO_ZEROCOPY.
>>
>> We also expect the caller to know about the implicit truncation to
>> MAX_RW_COUNT, which we don't detect.
> 
> Thanks, I do think this is much better and I feel comfortable getting
> htis applied for 5.12 (and stable).
> 

Great thanks!

Related to that I have a questing regarding the IOSQE_IO_LINK behavior.
(Assuming I have a dedicated ring for the send-path of each socket.)

Is it possible to just set IOSQE_IO_LINK on every sqe in order to create
an endless chain of requests so that userspace can pass as much sqes as possible
which all need to be submitted in the exact correct order. And if any request
is short, then all remaining get ECANCELED, without the risk of running any 
later
request out of order.

Are such link chains possible also over multiple io_uring_submit() calls?
Is there still a race between, having an iothread removing the request from
from the list and fill in a cqe with ECANCELED, that userspace is not awaire
of yet, which then starts a new independed link chain with a request that
ought to be submitted after all the canceled once.

Or do I have to submit a link chain with just a single __io_uring_flush_sq()
and then strictly need to wait until I got a cqe for the last request in
the chain?

Thanks!
metze

[PATCH v2 1/1] io_uring: call req_set_fail_links() on short send[msg]()/recv[msg]() with MSG_WAITALL

[Stefan Metzmacher]

Without that it's not safe to use them in a linked combination with
others.

Now combinations like IORING_OP_SENDMSG followed by IORING_OP_SPLICE
should be possible.

We already handle short reads and writes for the following opcodes:

- IORING_OP_READV
- IORING_OP_READ_FIXED
- IORING_OP_READ
- IORING_OP_WRITEV
- IORING_OP_WRITE_FIXED
- IORING_OP_WRITE
- IORING_OP_SPLICE
- IORING_OP_TEE

Now we have it for these as well:

- IORING_OP_SENDMSG
- IORING_OP_SEND
- IORING_OP_RECVMSG
- IORING_OP_RECV

For IORING_OP_RECVMSG we also check for the MSG_TRUNC and MSG_CTRUNC
flags in order to call req_set_fail_links().

There might be applications arround depending on the behavior
that even short send[msg]()/recv[msg]() retuns continue an
IOSQE_IO_LINK chain.

It's very unlikely that such applications pass in MSG_WAITALL,
which is only defined in 'man 2 recvmsg', but not in 'man 2 sendmsg'.

It's expected that the low level sock_sendmsg() call just ignores
MSG_WAITALL, as MSG_ZEROCOPY is also ignored without explicitly set
SO_ZEROCOPY.

We also expect the caller to know about the implicit truncation to
MAX_RW_COUNT, which we don't detect.

cc: netdev@vger.kernel.org
Link: 
https://lore.kernel.org/r/c4e1a4cc0d905314f4d5dc567e65a7b09621aab3.1615908477.git.me...@samba.org
Signed-off-by: Stefan Metzmacher 
---
 fs/io_uring.c | 24 
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/fs/io_uring.c b/fs/io_uring.c
index 75b791ff21ec..746435e3f534 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -4386,6 +4386,7 @@ static int io_sendmsg(struct io_kiocb *req, unsigned int 
issue_flags)
struct io_async_msghdr iomsg, *kmsg;
struct socket *sock;
unsigned flags;
+   int min_ret = 0;
int ret;
 
sock = sock_from_file(req->file);
@@ -4406,6 +4407,9 @@ static int io_sendmsg(struct io_kiocb *req, unsigned int 
issue_flags)
else if (issue_flags & IO_URING_F_NONBLOCK)
flags |= MSG_DONTWAIT;
 
+   if (flags & MSG_WAITALL)
+   min_ret = iov_iter_count(&kmsg->msg.msg_iter);
+
ret = __sys_sendmsg_sock(sock, &kmsg->msg, flags);
if ((issue_flags & IO_URING_F_NONBLOCK) && ret == -EAGAIN)
return io_setup_async_msg(req, kmsg);
@@ -4416,7 +4420,7 @@ static int io_sendmsg(struct io_kiocb *req, unsigned int 
issue_flags)
if (kmsg->free_iov)
kfree(kmsg->free_iov);
req->flags &= ~REQ_F_NEED_CLEANUP;
-   if (ret < 0)
+   if (ret < min_ret)
req_set_fail_links(req);
__io_req_complete(req, issue_flags, ret, 0);
return 0;
@@ -4429,6 +4433,7 @@ static int io_send(struct io_kiocb *req, unsigned int 
issue_flags)
struct iovec iov;
struct socket *sock;
unsigned flags;
+   int min_ret = 0;
int ret;
 
sock = sock_from_file(req->file);
@@ -4450,6 +4455,9 @@ static int io_send(struct io_kiocb *req, unsigned int 
issue_flags)
else if (issue_flags & IO_URING_F_NONBLOCK)
flags |= MSG_DONTWAIT;
 
+   if (flags & MSG_WAITALL)
+   min_ret = iov_iter_count(&msg.msg_iter);
+
msg.msg_flags = flags;
ret = sock_sendmsg(sock, &msg);
if ((issue_flags & IO_URING_F_NONBLOCK) && ret == -EAGAIN)
@@ -4457,7 +4465,7 @@ static int io_send(struct io_kiocb *req, unsigned int 
issue_flags)
if (ret == -ERESTARTSYS)
ret = -EINTR;
 
-   if (ret < 0)
+   if (ret < min_ret)
req_set_fail_links(req);
__io_req_complete(req, issue_flags, ret, 0);
return 0;
@@ -4609,6 +4617,7 @@ static int io_recvmsg(struct io_kiocb *req, unsigned int 
issue_flags)
struct socket *sock;
struct io_buffer *kbuf;
unsigned flags;
+   int min_ret = 0;
int ret, cflags = 0;
bool force_nonblock = issue_flags & IO_URING_F_NONBLOCK;
 
@@ -4640,6 +4649,9 @@ static int io_recvmsg(struct io_kiocb *req, unsigned int 
issue_flags)
else if (force_nonblock)
flags |= MSG_DONTWAIT;
 
+   if (flags & MSG_WAITALL)
+   min_ret = iov_iter_count(&kmsg->msg.msg_iter);
+
ret = __sys_recvmsg_sock(sock, &kmsg->msg, req->sr_msg.umsg,
kmsg->uaddr, flags);
if (force_nonblock && ret == -EAGAIN)
@@ -4653,7 +4665,7 @@ static int io_recvmsg(struct io_kiocb *req, unsigned int 
issue_flags)
if (kmsg->free_iov)
kfree(kmsg->free_iov);
req->flags &= ~REQ_F_NEED_CLEANUP;
-   if (ret < 0)
+   if (ret < min_ret || ((flags & MSG_WAITALL) && (kmsg->msg.msg_flags & 
(MSG_TRUNC | MSG_CTRUNC
req_set_fail_links(req);
__io_req_complete(req, issue_flags, ret, cflags);

Re: linux-next: Signed-off-by missing for commit in the block tree

[Stefan Metzmacher]

Am 19.03.21 um 14:08 schrieb Jens Axboe:
> On 3/19/21 2:02 AM, Stefan Metzmacher wrote:
>>
>> Am 19.03.21 um 00:25 schrieb Jens Axboe:
>>> On 3/18/21 5:16 PM, Stephen Rothwell wrote:
>>>> Hi all,
>>>>
>>>> Commit
>>>>
>>>>   c2c6c067c050 ("io_uring: remove structures from 
>>>> include/linux/io_uring.h")
>>>>
>>>> is missing a Signed-off-by from its author.
>>>
>>> Stefan, let me know if you're OK with me adding that, not sure how I missed
>>> that.
>>
>> Yes, sure :-)
>> I guess you removed it while adding 'Link:'
> 
> That was b4, I don't add those manually. But maybe it stripped those too,
> annoying...
> 
>> You may want to remove cc: stable from 
>> 3aab52c9a708f7183460d368700181ef0c2a09e6
>> ("io_uring: imply MSG_NOSIGNAL for send[msg]()/recv[msg]() calls")
>> for now.
>>
>> I'll want to do some more test with it on 5.12,
>> I guess we'd then have to backport it to stable as part of the
>> io_thread worker backport. I'll post some more details later
>> to the io-uring list.
> 
> Sure, let's do that. I also dropped the short link sever as well for now.
> I do like it on principle, but it does have a risk of breaking valid
> use cases.

Thanks, I'll resubmit that with the MSG_WAITALL logic.

metze

Re: linux-next: Signed-off-by missing for commit in the block tree

[Stefan Metzmacher]

Am 19.03.21 um 00:25 schrieb Jens Axboe:
> On 3/18/21 5:16 PM, Stephen Rothwell wrote:
>> Hi all,
>>
>> Commit
>>
>>   c2c6c067c050 ("io_uring: remove structures from include/linux/io_uring.h")
>>
>> is missing a Signed-off-by from its author.
> 
> Stefan, let me know if you're OK with me adding that, not sure how I missed
> that.

Yes, sure :-)
I guess you removed it while adding 'Link:'

You may want to remove cc: stable from 3aab52c9a708f7183460d368700181ef0c2a09e6
("io_uring: imply MSG_NOSIGNAL for send[msg]()/recv[msg]() calls")
for now.

I'll want to do some more test with it on 5.12,
I guess we'd then have to backport it to stable as part of the
io_thread worker backport. I'll post some more details later
to the io-uring list.

Thanks!
metze

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  12b8dbd0bbd s3: tests: Change logfile for printing expansion tests.
  from  10c198827d9 third_party: Update socket_wrapper to version 1.3.3

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 12b8dbd0bbd7ab3fef8a7e31346679bc24ea78d2
Author: Jeremy Allison 
Date:   Wed Mar 17 15:44:37 2021 -0700

s3: tests: Change logfile for printing expansion tests.

logfile=/tmp/$USER_printing_var_exp.log -> 
logfile="${SELFTEST_TMPDIR}/${USER}_printing_var_exp.log"

Signed-off-by: Jeremy Allison 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Thu Mar 18 02:57:08 UTC 2021 on sn-devel-184

---

Summary of changes:
 source3/script/tests/printing/printing_var_exp_lpr_cmd.sh | 2 +-
 source3/script/tests/test_printing_var_exp.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/script/tests/printing/printing_var_exp_lpr_cmd.sh 
b/source3/script/tests/printing/printing_var_exp_lpr_cmd.sh
index 0d99b8ac01e..ce039bb8fb3 100755
--- a/source3/script/tests/printing/printing_var_exp_lpr_cmd.sh
+++ b/source3/script/tests/printing/printing_var_exp_lpr_cmd.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-logfile=/tmp/$USER_printing_var_exp.log
+logfile="${SELFTEST_TMPDIR}/${USER}_printing_var_exp.log"
 
 rm -f "$logfile"
 
diff --git a/source3/script/tests/test_printing_var_exp.sh 
b/source3/script/tests/test_printing_var_exp.sh
index 21fe5b4913f..12231c82c41 100755
--- a/source3/script/tests/test_printing_var_exp.sh
+++ b/source3/script/tests/test_printing_var_exp.sh
@@ -22,7 +22,7 @@ incdir=`dirname $0`/../../../testprogs/blackbox
 smbclient="$BINDIR/smbclient"
 
 test_var_expansion() {
-   logfile=/tmp/$USER_printing_var_exp.log
+   logfile="${SELFTEST_TMPDIR}/${USER}_printing_var_exp.log"
 
$smbclient -U $DOMAIN/$USERNAME%$PASSWORD \
   //$SERVER_IP/print_var_exp \


-- 
Samba Shared Repository

Re: [PATCH 0/2] send[msg]()/recv[msg]() fixes/improvements

[Stefan Metzmacher]

Hi Pavel,

> here're patches which fix linking of send[msg]()/recv[msg]() calls
> and make sure io_uring_enter() never generate a SIGPIPE.
>>>
>>> 1/2 breaks userspace.
>>
>> Can you explain that a bit please, how could some application ever
>> have a useful use of IOSQE_IO_LINK with these socket calls?
> 
> Packet delivery of variable size, i.e. recv(max_size). Byte stream
> that consumes whatever you've got and links something (e.g. notification
> delivery, or poll). Not sure about netlink, but maybe. Or some
> "create a file via send" crap, or some made-up custom protocols

Ok, then we need a flag or a new opcode to provide that behavior?

For recv() and recvmsg() MSG_WAITALL might be usable.

It's not defined in 'man 2 sendmsg', but should we use it anyway
for IORING_OP_SEND[MSG] in order to activate the short send check
as the low level sock_sendmsg() call seem to ignore unused flags,
which seems to be the reason for the following logic in tcp_sendmsg_locked:

if (flags & MSG_ZEROCOPY && size && sock_flag(sk, SOCK_ZEROCOPY)) {

You need to set SOCK_ZEROCOPY in the socket in order to give a meaning
to MSG_ZEROCOPY.

Should I prepare an add-on patch to make the short send/recv logic depend
on MSG_WAITALL?

I'm cc'ing netdev@vger.kernel.org in order to more feedback of
MSG_WAITALL can be passed to sendmsg without fear to trigger
-EINVAL.

The example for io_sendmsg() would look like this:

--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -4383,7 +4383,7 @@ static int io_sendmsg(struct io_kiocb *req, unsigned int 
issue_flags)
struct io_async_msghdr iomsg, *kmsg;
struct socket *sock;
unsigned flags;
-   int expected_ret;
+   int min_ret = 0;
int ret;

sock = sock_from_file(req->file);
@@ -4404,9 +4404,11 @@ static int io_sendmsg(struct io_kiocb *req, unsigned int 
issue_flags)
else if (issue_flags & IO_URING_F_NONBLOCK)
flags |= MSG_DONTWAIT;

-   expected_ret = iov_iter_count(&kmsg->msg.msg_iter);
-   if (unlikely(expected_ret == MAX_RW_COUNT))
-   expected_ret += 1;
+   if (flags & MSG_WAITALL) {
+   min_ret = iov_iter_count(&kmsg->msg.msg_iter);
+   if (unlikely(min_ret == MAX_RW_COUNT))
+   min_ret += 1;
+   }
ret = __sys_sendmsg_sock(sock, &kmsg->msg, flags);
if ((issue_flags & IO_URING_F_NONBLOCK) && ret == -EAGAIN)
return io_setup_async_msg(req, kmsg);
@@ -4417,7 +4419,7 @@ static int io_sendmsg(struct io_kiocb *req, unsigned int 
issue_flags)
if (kmsg->free_iov)
kfree(kmsg->free_iov);
req->flags &= ~REQ_F_NEED_CLEANUP;
-   if (ret != expected_ret)
+   if (ret < min_ret)
req_set_fail_links(req);
__io_req_complete(req, issue_flags, ret, 0);
return 0;

Which means the default of min_ret = 0 would result in:

if (ret < 0)
req_set_fail_links(req);

again...

>>> Sounds like 2/2 might too, does it?
>>
>> Do you think any application really expects to get a SIGPIPE
>> when calling io_uring_enter()?
> 
> If it was about what I think I would remove lots of old garbage :)
> I doubt it wasn't working well before, e.g. because of iowq, but
> who knows

Yes, it was inconsistent before and now it's reliable.

metze

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  10c198827d9 third_party: Update socket_wrapper to version 1.3.3
  from  8aef8992a81 py.join: remove unused untested get_naming_master

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 10c198827d977e07b411897556578d3aedce2184
Author: Stefan Metzmacher 
Date:   Wed Feb 17 12:57:01 2021 +0100

third_party: Update socket_wrapper to version 1.3.3

This fixes a deadlock abort() when SOCKET_WRAPPER_KEEP_PCAP=1
is used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14640

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Wed Mar 17 23:53:04 UTC 2021 on sn-devel-184

---

Summary of changes:
 buildtools/wafsamba/samba_third_party.py|   2 +-
 third_party/socket_wrapper/socket_wrapper.c | 157 +++-
 third_party/socket_wrapper/socket_wrapper.h |  89 
 third_party/socket_wrapper/wscript  |   3 +-
 4 files changed, 197 insertions(+), 54 deletions(-)
 create mode 100644 third_party/socket_wrapper/socket_wrapper.h


Changeset truncated at 500 lines:

diff --git a/buildtools/wafsamba/samba_third_party.py 
b/buildtools/wafsamba/samba_third_party.py
index d4d8f7a8dd0..1c027cb6870 100644
--- a/buildtools/wafsamba/samba_third_party.py
+++ b/buildtools/wafsamba/samba_third_party.py
@@ -24,7 +24,7 @@ Build.BuildContext.CHECK_CMOCKA = CHECK_CMOCKA
 
 @conf
 def CHECK_SOCKET_WRAPPER(conf):
-return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.3.2')
+return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.3.3')
 Build.BuildContext.CHECK_SOCKET_WRAPPER = CHECK_SOCKET_WRAPPER
 
 @conf
diff --git a/third_party/socket_wrapper/socket_wrapper.c 
b/third_party/socket_wrapper/socket_wrapper.c
index a950a0a0dbc..44cfad8c6cf 100644
--- a/third_party/socket_wrapper/socket_wrapper.c
+++ b/third_party/socket_wrapper/socket_wrapper.c
@@ -2,8 +2,8 @@
  * BSD 3-Clause License
  *
  * Copyright (c) 2005-2008, Jelmer Vernooij 
- * Copyright (c) 2006-2018, Stefan Metzmacher 
- * Copyright (c) 2013-2018, Andreas Schneider 
+ * Copyright (c) 2006-2021, Stefan Metzmacher 
+ * Copyright (c) 2013-2021, Andreas Schneider 
  * Copyright (c) 2014-2017, Michael Adam 
  * Copyright (c) 2016-2018, Anoop C S 
  * All rights reserved.
@@ -86,6 +86,8 @@
 #endif
 #include 
 
+#include "socket_wrapper.h"
+
 enum swrap_dbglvl_e {
SWRAP_LOG_ERROR = 0,
SWRAP_LOG_WARN,
@@ -370,7 +372,7 @@ static pthread_mutex_t autobind_start_mutex = 
PTHREAD_MUTEX_INITIALIZER;
 /* Mutex to guard the initialization of array of socket_info structures */
 static pthread_mutex_t sockets_mutex = PTHREAD_MUTEX_INITIALIZER;
 
-/* Mutex to guard the socket reset in swrap_close() and swrap_remove_stale() */
+/* Mutex to guard the socket reset in swrap_remove_wrapper() */
 static pthread_mutex_t socket_reset_mutex = PTHREAD_MUTEX_INITIALIZER;
 
 /* Mutex to synchronize access to first free index in socket_info array */
@@ -392,8 +394,6 @@ static pthread_mutex_t mtu_update_mutex = 
PTHREAD_MUTEX_INITIALIZER;
 
 /* Function prototypes */
 
-bool socket_wrapper_enabled(void);
-
 #if ! defined(HAVE_CONSTRUCTOR_ATTRIBUTE) && defined(HAVE_PRAGMA_INIT)
 /* xlC and other oldschool compilers support (only) this */
 #pragma init (swrap_constructor)
@@ -492,6 +492,9 @@ typedef int (*__libc_bind)(int sockfd,
   const struct sockaddr *addr,
   socklen_t addrlen);
 typedef int (*__libc_close)(int fd);
+#ifdef HAVE___CLOSE_NOCANCEL
+typedef int (*__libc___close_nocancel)(int fd);
+#endif
 typedef int (*__libc_connect)(int sockfd,
  const struct sockaddr *addr,
  socklen_t addrlen);
@@ -572,6 +575,9 @@ struct swrap_libc_symbols {
 #endif
SWRAP_SYMBOL_ENTRY(bind);
SWRAP_SYMBOL_ENTRY(close);
+#ifdef HAVE___CLOSE_NOCANCEL
+   SWRAP_SYMBOL_ENTRY(__close_nocancel);
+#endif
SWRAP_SYMBOL_ENTRY(connect);
SWRAP_SYMBOL_ENTRY(dup);
SWRAP_SYMBOL_ENTRY(dup2);
@@ -851,6 +857,15 @@ static int libc_close(int fd)
return swrap.libc.symbols._libc_close.f(fd);
 }
 
+#ifdef HAVE___CLOSE_NOCANCEL
+static int libc___close_nocancel(int fd)
+{
+   swrap_bind_symbol_all();
+
+   return swrap.libc.symbols._libc___close_nocancel.f(fd);
+}
+#endif /* HAVE___CLOSE_NOCANCEL */
+
 static int libc_connect(int sockfd,
const struct sockaddr *addr,
socklen_t addrlen)
@@ -1199,6 +1214,9 @@ static void __swrap_bind_symbol_all_once(void)
 #endif
swrap_bind_symbol_libsocket(bind);
swrap_bind_symbol_libc(close);
+#ifdef HAVE___CLOS

Re: [RFC PATCH v2 00/13] Add futex2 syscall

[Stefan Metzmacher]

Am 08.03.21 um 12:11 schrieb David Laight:
> From: Stefan Metzmacher
>> Sent: 07 March 2021 11:35
>>
>> Hi André,
>>>  ** The wait on multiple problem
>>>
>>>  The use case lies in the Wine implementation of the Windows NT interface
>>>  WaitMultipleObjects. This Windows API function allows a thread to sleep
>>>  waiting on the first of a set of event sources (mutexes, timers, signal,
>>>  console input, etc) to signal.
> 
> They are all events.
> You can only wait on either events or sockets (using select).
> There is a socket api to signal an event when data arrives (etc).
> There is also the insane (these days) restriction of 64 events.

Ok.

>> With that in mind would it be good to have some interaction with epoll (and 
>> similar calls)?
> 
> Or hook something up so that pollwakeup can kick a futex as well
> as waking up poll() and adding an event to epoll().

I guess as FUTEX_FD was already there and was removed we can stop this 
discussion.

If there will every be the need to an async call, I guess a io_uring based one 
would
be the best...

metze

Re: [RFC PATCH v2 00/13] Add futex2 syscall

[Stefan Metzmacher]

Am 07.03.21 um 12:56 schrieb Daurnimator:
> On Sun, 7 Mar 2021 at 22:35, Stefan Metzmacher  wrote:
>> Instead of having a blocked futex_waitv() waiting on an fd (maybe a generic 
>> eventfd() or a new futex2fd())
>> would be a better interface?
> 
> Like bring back FUTEX_FD? (which was removed back in 2.6.25)

Ah, ok, yes something like that.

But as that was removed because of races, but might not be a good idea to bring 
it back.

metze

Re: [RFC PATCH v2 00/13] Add futex2 syscall

[Stefan Metzmacher]

Hi André,
>  ** The wait on multiple problem
> 
>  The use case lies in the Wine implementation of the Windows NT interface
>  WaitMultipleObjects. This Windows API function allows a thread to sleep
>  waiting on the first of a set of event sources (mutexes, timers, signal,
>  console input, etc) to signal.  

With that in mind would it be good to have some interaction with epoll (and 
similar calls)?

Instead of having a blocked futex_waitv() waiting on an fd (maybe a generic 
eventfd() or a new futex2fd())
would be a better interface?

Or instead introduce an IORING_OP_FUTEX2_WAITV? Then the futex_waitv logic wait
in an io-wq kernel thread...

I guess the io_uring way would mean we could have that in mind as future 
addition, which can be implemented
later...

metze

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  654c18a244f g_lock: Fix uninitalized variable reads
   via  84b634c6133 locking: Fix an uninitialized variable read
  from  29992fdbfbb vfs_aixacl2: Fix "mem_ctx" and "ppdesc" 
smb_fget_nt_acl_nfs4 args

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 654c18a244f060d81280493a324b98602a69dbbf
Author: Volker Lendecke 
Date:   Wed Mar 3 19:15:31 2021 +0100

g_lock: Fix uninitalized variable reads

If dbwrap_watched_watch_recv() returns IO_TIMEOUT, "blockerdead" might
be an uninitialized non-false, and further down we'll remove the wrong
exclusive locker.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14636
Signed-off-by: Volker Lendecke 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Fri Mar  5 11:22:07 UTC 2021 on sn-devel-184

commit 84b634c613352fc1da8e1525d72597c526d534d2
Author: Volker Lendecke 
Date:   Wed Mar 3 19:19:23 2021 +0100

locking: Fix an uninitialized variable read

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14636
Signed-off-by: Volker Lendecke 
Reviewed-by: Stefan Metzmacher 

---

Summary of changes:
 source3/lib/g_lock.c  | 4 ++--
 source3/locking/share_mode_lock.c | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/lib/g_lock.c b/source3/lib/g_lock.c
index c36539393e1..36b527706da 100644
--- a/source3/lib/g_lock.c
+++ b/source3/lib/g_lock.c
@@ -646,8 +646,8 @@ static void g_lock_lock_retry(struct tevent_req *subreq)
struct g_lock_lock_state *state = tevent_req_data(
req, struct g_lock_lock_state);
struct g_lock_lock_fn_state fn_state;
-   struct server_id blocker;
-   bool blockerdead;
+   struct server_id blocker = { .pid = 0 };
+   bool blockerdead = false;
NTSTATUS status;
 
status = dbwrap_watched_watch_recv(subreq, &blockerdead, &blocker);
diff --git a/source3/locking/share_mode_lock.c 
b/source3/locking/share_mode_lock.c
index e8bb3e58e1f..d8c5222d70a 100644
--- a/source3/locking/share_mode_lock.c
+++ b/source3/locking/share_mode_lock.c
@@ -2167,7 +2167,7 @@ static bool share_mode_entry_do(
struct locking_tdb_data *ltdb = NULL;
size_t idx;
bool found = false;
-   bool modified;
+   bool modified = false;
struct share_mode_entry e;
uint8_t *e_ptr = NULL;
bool had_share_entries, have_share_entries;


-- 
Samba Shared Repository

Re: [GIT PULL] cifs fixes

[Stefan Metzmacher]

Hi Linus,

>> Do you know about the Zen3 status, I was thinking to replace the system
>> by this one with AMD Ryzen 9 5950X:
> 
> I have heard nothing but good things about Zen3 so far (apart from
> apparently people complaining about availability), but it's only been
> out a few months, so obviously coverage is somewhat limited.
> 
> I wish AMD hadn't decimated their Linux team (several years ago), and
> they definitely had some embarrassing issues early on with Zen (apart
> from the Zen 1 stability issues, they've screwed up rdrand at least
> three times, iirc). But I've yet to hear of any Zen 3 issues, and I
> suspect I'll upgrade when Threadripper comes out (I've become quite
> spoiled by the build speeds of my Threadripper 3970X - the only thing
> I miss is the better 'perf' support from Intel PEBS).
> 
> Note that I'm not necessarily the person who would hear about any
> issues first, though, so take the above with a pinch of salt.

Thanks for the hints! While we're waiting for the Ryzen 9 5950X machine
to get ready, I upgraded the Ryzen Threadripper 2950X to a 5.10 kernel
and we didn't had a freeze yet again.

Do you think 5.10 would be good for the Ryzen 9 5950X too?

Thanks!
metze





signature.asc
Description: OpenPGP digital signature

Re: [GIT PULL] cifs fixes

[Stefan Metzmacher]

Hi Linus,

>> The machine is running a 'AMD Ryzen Threadripper 2950X 16-Core Processor'
>> and is freezing without any trace every view days.
> 
> I don't think the first-gen Zen issues ever really got solved. There
> were multiple ones, with random segfaults for the early ones (but
> afaik those were fixed by an RMA process with AMD), but the "it
> randomly locks up" ones never had a satisfactory resolution afaik.
> 
> There were lots of random workarounds, but judging by your email:
> 
>> We played with various boot parameters (currently we're using
>> 'mem_encrypt=off rcu_nocbs=0-31 processor.max_cstate=1 idle=nomwait 
>> nomodeset consoleblank=0',
> 
> I suspect you've seen all the bugzilla threads on this issue (kernel
> bugzilla 196683 is probably the main one, but it was discussed
> elsewhere too).

I just found that one, I'll have a closer look at the details in the next days.

> I assume you've updated to latest BIOS and looked at various BIOS
> power management settings too?

No, but I'll have a look at that.

> Zen 2 seems to have fixed things (knock wood - it's certainly working
> for me), But many people obviously never saw any issues with Zen 1
> either.

Do you know about the Zen3 status, I was thinking to replace the system
by this one with AMD Ryzen 9 5950X:
https://www.hetzner.com/dedicated-rootserver/ax101

Thanks!
metze




signature.asc
Description: OpenPGP digital signature

Re: [GIT PULL] cifs fixes

[Stefan Metzmacher]

Am 12.02.21 um 21:39 schrieb Steve French:
> Metze/Bjorn,
> Linus is right - samba.org is down for me (I also verified with JRA).
> Any ETA on when it gets back up?
> 
> On Fri, Feb 12, 2021 at 2:05 PM Linus Torvalds
>  wrote:
>>
>> On Fri, Feb 12, 2021 at 10:16 AM Steve French  wrote:
>>>
>>>   git://git.samba.org/sfrench/cifs-2.6.git tags/5.11-rc7-smb3
>>
>> It looks like git.samba.org is feeling very sick and is not answering.
>> Not git, not ping (but maybe icmp ping is blocked).
>>
>> Please give it a kick, or provide some other hosting mirror?


It's online again.

The machine is running a 'AMD Ryzen Threadripper 2950X 16-Core Processor'
and is freezing without any trace every view days.

We played with various boot parameters (currently we're using
'mem_encrypt=off rcu_nocbs=0-31 processor.max_cstate=1 idle=nomwait nomodeset 
consoleblank=0',
with the ubuntu 20.04 5.8 kernel, we also tried 5.4 before), but nothing seems 
to help.

metze




signature.asc
Description: OpenPGP digital signature

Conflicting public symbols... (Re: [SCM] Samba Shared Repository - branch master updated)

[Stefan Metzmacher]

Hi,

> - Log -
> commit 551532d007970ab11dca71b532754728a6a78496
> Author: xzhao9 
> Date:   Sun Jan 3 13:02:18 2021 -0500
> 
> s3:registry Renaming get_charset() to smbreg_get_charset()
> 
> Rename to smbreg_get_charset() function to avoid naming conflict
> with MariaDB.
> 
> Signed-off-by: xzhao9 
> Reviewed-by: Jeremy Allison 
> Reviewed-by: David Mulder 
> 
> Autobuild-User(master): Jeremy Allison 
> Autobuild-Date(master): Wed Feb 10 21:00:28 UTC 2021 on sn-devel-184

Do we need a bug report to backport this?

There's a similar problem reported here:
https://www.downtowndougbrown.com/2021/01/tracking-down-a-segfault-that-suddenly-started-happening/

Does anyone have time to have a deeper look?

Thanks!
metze



signature.asc
Description: OpenPGP digital signature

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  df75d82c9de classicupgrade: treat old never expires value right
   via  d8fa464a2df s3:pysmbd: fix fd leak in py_smbd_create_file()
   via  ab943babc3e third_party: Update socket_wrapper to version 1.3.2
   via  9178e72dccc selftest/gdb_backtrace: use 'unset LD_PRELOAD'
   via  cc6102915b2 examples/fuse/smb2mount: fix compiler warning on 
ubuntu20.04 with -O3
  from  d0529682605 samba-tool: Add a gpo command for setting VGP OpenSSH 
Group Policy

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit df75d82c9de6977c466ee9f01886cb012a9c5fef
Author: Björn Jacke 
Date:   Fri Feb 5 12:47:01 2021 +0100

classicupgrade: treat old never expires value right

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14624

Signed-off-by: Bjoern Jacke 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Wed Feb 10 15:06:49 UTC 2021 on sn-devel-184

commit d8fa464a2dfb11df4e1db4ebffe8bd28ff118c75
Author: Stefan Metzmacher 
Date:   Tue Feb 9 13:48:36 2021 +0100

s3:pysmbd: fix fd leak in py_smbd_create_file()

Various 'samba-tool domain backup' commands use this and will
fail if there's over ~1000 files in the sysvol folder.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13898

    Signed-off-by: Stefan Metzmacher 

commit ab943babc3eb454186558f6e863996dfcf7a20ea
Author: Stefan Metzmacher 
Date:   Tue Feb 9 08:56:42 2021 +0100

third_party: Update socket_wrapper to version 1.3.2

This brings support for fd-passing of INET sockets.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11899

    Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

commit 9178e72dccc548f2e2e573f97f78a834f35b142d
Author: Stefan Metzmacher 
Date:   Tue Feb 9 16:22:37 2021 +0100

selftest/gdb_backtrace: use 'unset LD_PRELOAD'

We may have bugs in socket_wrapper and others, we don't want
to inject these bugs into the debugger.
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

commit cc6102915b20088cfadb9d63b3c4784d8b3d9717
Author: Stefan Metzmacher 
Date:   Wed Feb 3 17:55:14 2021 +0100

examples/fuse/smb2mount: fix compiler warning on ubuntu20.04 with -O3
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

---

Summary of changes:
 buildtools/wafsamba/samba_third_party.py|2 +-
 examples/fuse/smb2mount.c   |2 +-
 python/samba/upgrade.py |2 +-
 selftest/gdb_backtrace  |2 +
 source3/smbd/pysmbd.c   |3 +
 third_party/socket_wrapper/socket_wrapper.c | 1605 ++-
 third_party/socket_wrapper/wscript  |7 +-
 7 files changed, 1356 insertions(+), 267 deletions(-)


Changeset truncated at 500 lines:

diff --git a/buildtools/wafsamba/samba_third_party.py 
b/buildtools/wafsamba/samba_third_party.py
index bc2b21f2a55..d4d8f7a8dd0 100644
--- a/buildtools/wafsamba/samba_third_party.py
+++ b/buildtools/wafsamba/samba_third_party.py
@@ -24,7 +24,7 @@ Build.BuildContext.CHECK_CMOCKA = CHECK_CMOCKA
 
 @conf
 def CHECK_SOCKET_WRAPPER(conf):
-return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.2.5')
+return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.3.2')
 Build.BuildContext.CHECK_SOCKET_WRAPPER = CHECK_SOCKET_WRAPPER
 
 @conf
diff --git a/examples/fuse/smb2mount.c b/examples/fuse/smb2mount.c
index c64be573462..aefa90c4c78 100644
--- a/examples/fuse/smb2mount.c
+++ b/examples/fuse/smb2mount.c
@@ -115,7 +115,7 @@ int main(int argc, char *argv[])
}
share = strchr_m(server,'\\');
if (!share) {
-   fprintf(stderr, "Invalid argument: %s\n", share);
+   fprintf(stderr, "Invalid argument: %s\n", server);
return -1;
}
 
diff --git a/python/samba/upgrade.py b/python/samba/upgrade.py
index 8511bed2868..dff856a8d7c 100644
--- a/python/samba/upgrade.py
+++ b/python/samba/upgrade.py
@@ -74,7 +74,7 @@ def import_sam_policy(samdb, policy, logger):
 
 if 'maximum password age' in policy:
 max_pw_age_unix = policy['maximum password age']
-if max_pw_age_unix == -1 or max_pw_age_unix == 0:
+if max_pw_age_unix == -1 or max_pw_age_unix == 0 or max_pw_age_unix == 
0x:
 max_pw_age_nt = -0x8000
 else:
 max_pw_age_nt = int(-max_pw_age_unix * (1e7))
diff --git a/selftest/gdb_backtrace b/selftest/gdb_backtrace
index ef02e784efc..4fe5f57353a 100755
--- a/selftest/gdb_backtrace
+++ b/selftest/gdb_backtrac

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  9883ac45939 script/autobuild.py: let cleanup() ignore errors from 
rmdir_force() by default
   via  7a5df2deaaf script/autobuild.py: split out a rmdir_force() helper 
function
   via  86343125a55 selftest: make/use a copy of GNUPGHOME
  from  d06f2c22d72 s4:selftest: use plansmbtorture4testsuite() for 
'rpc.echo'

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 9883ac45939f253a63f3ff312fc3912c5f02cdac
Author: Stefan Metzmacher 
Date:   Fri Nov 20 09:20:14 2020 +

script/autobuild.py: let cleanup() ignore errors from rmdir_force() by 
default

It's not useful to generate a python backtrace from within the cleanup code.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Wed Jan 27 18:17:17 UTC 2021 on sn-devel-184

commit 7a5df2deaaf62a7edd7c64251f75ab15abe94c07
Author: Stefan Metzmacher 
Date:   Fri Nov 20 09:20:14 2020 +

script/autobuild.py: split out a rmdir_force() helper function

That also tries to re-add write permissions before removing.
In future we'll have jobs changing there directory to read-only.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Ralph Boehme 

commit 86343125a55d184c15aa94cd01f4c8893a5a0917
Author: Stefan Metzmacher 
Date:   Sun Nov 22 23:28:31 2020 +0100

selftest: make/use a copy of GNUPGHOME

That makes it possible to run tests from a read only source tree.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Ralph Boehme 

---

Summary of changes:
 script/autobuild.py   | 38 +-
 selftest/selftest.pl  |  5 -
 selftest/target/Samba.pm  | 26 ++
 selftest/target/Samba4.pm |  6 ++
 4 files changed, 65 insertions(+), 10 deletions(-)


Changeset truncated at 500 lines:

diff --git a/script/autobuild.py b/script/autobuild.py
index 444bc156f48..dded5c9dec9 100755
--- a/script/autobuild.py
+++ b/script/autobuild.py
@@ -4,7 +4,7 @@
 # released under GNU GPL v3 or later
 
 from __future__ import print_function
-from subprocess import call, check_call, check_output, Popen, PIPE
+from subprocess import call, check_call, check_output, Popen, PIPE, 
CalledProcessError
 import os
 import tarfile
 import sys
@@ -846,6 +846,17 @@ def run_cmd(cmd, dir=".", show=None, output=False, 
checkfail=True):
 else:
 return call(cmd, shell=True, cwd=dir)
 
+def rmdir_force(dirname, re_raise=True):
+try:
+run_cmd("test -d %s && chmod -R +w %s; rm -rf %s" % (
+dirname, dirname, dirname), output=True, show=True)
+except CalledProcessError as e:
+do_print("Failed: '%s'" % (str(e)))
+run_cmd("tree %s" % dirname, output=True, show=True)
+if re_raise:
+raise
+return False
+return True
 
 class builder(object):
 '''handle build of one directory'''
@@ -868,8 +879,8 @@ class builder(object):
 self.test_source_dir = "%s/%s" % (testbase, self.tag)
 self.cwd = "%s/%s" % (self.test_source_dir, self.dir)
 self.prefix = "%s/%s" % (test_prefix, self.tag)
-run_cmd("rm -rf %s" % self.test_source_dir)
-run_cmd("rm -rf %s" % self.prefix)
+rmdir_force(self.test_source_dir)
+rmdir_force(self.prefix)
 if cp:
 run_cmd("cp -R -a -l %s %s" % (test_master, self.test_source_dir), 
dir=test_master, show=True)
 else:
@@ -879,8 +890,8 @@ class builder(object):
 def start_next(self):
 if self.next == len(self.sequence):
 if not options.nocleanup:
-run_cmd("rm -rf %s" % self.test_source_dir)
-run_cmd("rm -rf %s" % self.prefix)
+rmdir_force(self.test_source_dir)
+rmdir_force(self.prefix)
 do_print('%s: Completed OK' % self.name)
 self.done = True
 return
@@ -1004,7 +1015,7 @@ class buildlist(object):
 'df -m %s' % testbase]:
 try:
 out = run_cmd(cmd, output=True, checkfail=False)
-except subprocess.CalledProcessError as e:
+except CalledProcessError as e:
 out = "" % str(e)
 print('### %s' % cmd, file=f)
 print(out, file=f)
@@ -1034,14 +1045,23 @@ class buildlist(object):
 self.tail_proc = Popen(cmd, close_fds=True)
 
 
-def cleanup():
+def cleanup(do_raise=False):
 if options.nocleanup:
 re

[SCM] Samba Shared Repository - annotated tag talloc-2.3.2 created

[Stefan Metzmacher]

The annotated tag, talloc-2.3.2 has been created
at  dda8e729d5b1e7c24e5bc8c7f09130b4ec42d217 (tag)
   tagging  6598e00e129bc8b36d6d38345b67aba48b3eb26d (commit)
  replaces  samba-4.13.0rc1
 tagged by  Stefan Metzmacher
on  Mon Jan 25 09:39:00 2021 +0100

- Log -
talloc: tag release talloc-2.3.2
-BEGIN PGP SIGNATURE-

iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAmAOg6QACgkQR5ORYRMI
QCU1xAgApLBuMc0gKnHRbxv5W6NA26IhxxkknC+JtDDfvK0mgvBqRRm05tFXMjsI
WL2TU89nM6X8n9HLDZYs6z4ATqR4W78u+nzcHhAVb37h6ISQFb55lfCSon70Lzk3
llV1EIHAhOk4gds/MpXkswSF/AZUNntHLS10Dv3me+Qx4pW02fgxbpC9lnIn/bbn
lwhk9uH3KmQtsqOlOnpCizNRq2EF2HRcRl+LEuIR9gdJFNZJAjaWckan22neeoHz
A1EW33mFs2UbeG4mlffPzW/r6xeADqUvhzw+SXtw6vV+WW80/POLzrRJdnc2w2oQ
qqEhx4UtgYdXcqzQ/FQwQ8IPi2djlA==
=uVG5
-END PGP SIGNATURE-

Alexander Bokovoy (10):
  Fix build after removal of an extra safe_string.h
  smb.conf.5: add clarification how configuration changes reflected by Samba
  DNS Resolver: support both dnspython before and after 2.0.0
  daemons: report status to systemd even when running in foreground
  cli_credentials_parse_string: fix parsing of principals
  cli_credentials: add a helper to parse user or group names
  lookup_name: allow lookup for own realm
  Revert "cli_credentials_parse_string: fix parsing of principals"
  Revert "cli_credentials: add a helper to parse user or group names"
  Revert "lookup_name: allow lookup for own realm"

Amitay Isaacs (10):
  bind9-dlz: Bind 9.13.x switched to using bool as isc_boolean_t instead of 
int.
  provision: BIND 9.13.x is not supported
  bind9-dlz: Add support for BIND 9.14.x
  provision: Add support for BIND 9.14.x
  provision: BIND 9.15.x is not supported
  bind9-dlz: Add support for BIND 9.16.x
  provision: Add support for BIND 9.16.x
  provision: BIND 9.17.x is not supported
  ctdb-common: Avoid aliasing errors during code optimization
  libndr: Avoid assigning duplicate versions to symbols

Andreas Schneider (114):
  docs: Fix documentation for require_membership_of of pam_winbind
  docs: Fix documentation for require_membership_of of pam_winbind.conf
  s3:tests: Add test for 'valid users = DOMAIN\%U'
  s3:smbd: Fix %U substitutions if it contains a domain name
  libcli:smb2: Do not leak ptext on error
  libcli:smb2: Use talloc NULL context if we don't have a stackframe
  param: Add 'server smb encrypt' parameter
  param: Create and use enum_smb_encryption_vals
  s3:smbd: Use 'enum smb_encryption_setting' values
  docs-xml: Add 'client smb encrypt'
  lib:param: Add lpcfg_parse_enum_vals()
  libcli:smb: Add smb_signing_setting_translate()
  libcli:smb: Add smb_encryption_setting_translate()
  s3:lib: Use smb_signing_setting_translate for cmdline parsing
  auth:creds: Remove unused credentials autoproto header
  auth:creds: Add cli_credentials_(get|set)_smb_signing()
  auth:creds: Add python bindings for (get|set)_smb_signing
  auth:creds: Add cli_credentials_(get|set)_smb_ipc_signing()
  auth:creds: Add python bindings for (get|set)_smb_ipc_signing
  auth:creds: Add cli_credentials_(get|set)_smb_encryption()
  auth:creds: Add python bindings for (get|set)_smb_encryption
  auth:creds: Add python bindings for cli_credentials_set_conf()
  auth:creds: Bump library version
  s3:lib: Use cli_credential_(get|set)_smb_signing()
  s3:lib: Set smb encryption also via cli creds API
  python: Remove unused sign argument from smb_connection()
  python: Set smb signing via the creds API
  s3:libsmb: Introduce CLI_FULL_CONNECTION_IPC
  s3:pylibsmb: Add ipc=True support for CLI_FULL_CONNECTION_IPC
  python:tests: Mark libsmb connection as an IPC connection
  python:tests: Set smb ipc signing via the creds API
  s3:libsmb: Use 'enum smb_signing_setting' in cliconnect.c
  s3:client: Turn off smb signing for message op
  s3:libsmb: Remove signing_state from cli_full_connection_creds_send()
  s3:libsmb: Remove signing_state from cli_full_connection_creds()
  python: Add a test for SMB encryption
  s3:net: Use cli_credentials_set_smb_encryption()
  s3:libsmb: Use cli_credentials_set_smb_encryption()
  s3:client: Remove unused smb encryption code
  s3:utils: Remove obsolete force encryption from smbacls
  s3:utils: Remove obsolete force encryption from mdfind
  s3:utils: Remove obsolete force encryption from smbcquotas
  s3:rpcclient: Remove obsolete force encryption from rpcclient
  examples: Remove obsolete force encryption from smb2mount
  s3:libsmb: Make cli_cm_force_encryption_creds() static
  s4:libcli: Return NTSTATUS errors for smb_composite_connect_send()
  s4:libcli: Return if encryptio

[SCM] Samba Shared Repository - branch v4-14-test updated

[Stefan Metzmacher]

The branch, v4-14-test has been updated
   via  c74fc2ab69a VERSION: Bump version up to 4.14.0rc2...
  from  60cae14db1b VERSION: Disable GIT_SNAPSHOT for the 4.14.0rc1 release.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-14-test


- Log -
commit c74fc2ab69a62b11f25b19a3de1462f0f9d97570
Author: Stefan Metzmacher 
Date:   Fri Jan 22 13:31:58 2021 +0100

VERSION: Bump version up to 4.14.0rc2...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Stefan Metzmacher 

Autobuild-User(v4-14-test): Stefan Metzmacher 
Autobuild-Date(v4-14-test): Fri Jan 22 16:23:55 UTC 2021 on sn-devel-184

---

Summary of changes:
 VERSION | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 8be5a378951..04ae4811446 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
 # e.g. SAMBA_VERSION_RC_RELEASE=1  #
 #  ->  "3.0.0rc1"  #
 
-SAMBA_VERSION_RC_RELEASE=1
+SAMBA_VERSION_RC_RELEASE=2
 
 
 # To mark SVN snapshots this should be set to 'yes'#
@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE=1
 # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes   #
 #  ->  "3.0.0-SVN-build-199"   #
 
-SAMBA_VERSION_IS_GIT_SNAPSHOT=no
+SAMBA_VERSION_IS_GIT_SNAPSHOT=yes
 
 
 # This is for specifying a release nickname#


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  d8339056eef s3:idmap_hash: reliable return ID_TYPE_BOTH
  from  73528f26eea winbind: remove legacy flags fallback

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit d8339056eef2845805f573bd8b0f3323370ecc8f
Author: Stefan Metzmacher 
Date:   Fri Oct 23 12:21:57 2020 +0200

s3:idmap_hash: reliable return ID_TYPE_BOTH

idmap_hash used to bounce back the requested type,
which was ID_TYPE_UID, ID_TYPE_GID or ID_TYPE_NOT_SPECIFIED
before as the winbindd parent always used a lookupsids.
When the lookupsids failed because of an unknown domain,
the idmap child weren't requested at all and the caller
sees ID_TYPE_NOT_SPECIFIED.

This module should have supported ID_TYPE_BOTH since
samba-4.1.0, similar to idmap_rid and idmap_autorid.

Now that the winbindd parent will pass ID_TYPE_BOTH in order to
indicate that the domain exists, it's better to always return
ID_TYPE_BOTH instead of a random mix of ID_TYPE_UID, ID_TYPE_GID
or ID_TYPE_BOTH. In order to request a type_hint it will return
ID_REQUIRE_TYPE for ID_TYPE_NOT_SPECIFIED, which means that
the parent at least assures that the domain sid exists.
And the caller still gets ID_TYPE_NOT_SPECIFIED if the
domain doesn't exist.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539

Signed-off-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Fri Jan 22 11:32:46 UTC 2021 on sn-devel-184

---

Summary of changes:
 source3/winbindd/idmap_hash/idmap_hash.c | 35 
 1 file changed, 35 insertions(+)


Changeset truncated at 500 lines:

diff --git a/source3/winbindd/idmap_hash/idmap_hash.c 
b/source3/winbindd/idmap_hash/idmap_hash.c
index be0ba45a044..d0bed7631a6 100644
--- a/source3/winbindd/idmap_hash/idmap_hash.c
+++ b/source3/winbindd/idmap_hash/idmap_hash.c
@@ -261,6 +261,25 @@ static NTSTATUS sids_to_unixids(struct idmap_domain *dom,
 
ids[i]->status = ID_UNMAPPED;
 
+   if (ids[i]->xid.type == ID_TYPE_NOT_SPECIFIED) {
+   /*
+* idmap_hash used to bounce back the requested type,
+* which was ID_TYPE_UID, ID_TYPE_GID or
+* ID_TYPE_NOT_SPECIFIED before as the winbindd parent
+* always used a lookupsids.  When the lookupsids
+* failed because of an unknown domain, the idmap child
+* weren't requested at all and the caller sees
+* ID_TYPE_NOT_SPECIFIED.
+*
+* Now that the winbindd parent will pass ID_TYPE_BOTH
+* in order to indicate that the domain exists.
+* We should ask the parent to fallback to lookupsids
+* if the domain is not known yet.
+*/
+   ids[i]->status = ID_REQUIRE_TYPE;
+   continue;
+   }
+
sid_copy(&sid, ids[i]->sid);
sid_split_rid(&sid, &rid);
 
@@ -270,6 +289,22 @@ static NTSTATUS sids_to_unixids(struct idmap_domain *dom,
/* Check that both hashes are non-zero*/
 
if (h_domain && h_rid) {
+   /*
+* idmap_hash used to bounce back the requested type,
+* which was ID_TYPE_UID, ID_TYPE_GID or
+* ID_TYPE_NOT_SPECIFIED before as the winbindd parent
+* always used a lookupsids.
+*
+* This module should have supported ID_TYPE_BOTH since
+* samba-4.1.0, similar to idmap_rid and idmap_autorid.
+*
+* Now that the winbindd parent will pass ID_TYPE_BOTH
+* in order to indicate that the domain exists, it's
+* better to always return ID_TYPE_BOTH instead of a
+* random mix of ID_TYPE_UID, ID_TYPE_GID or
+* ID_TYPE_BOTH.
+*/
+   ids[i]->xid.type = ID_TYPE_BOTH;
ids[i]->xid.id = combine_hashes(h_domain, h_rid);
ids[i]->status = ID_MAPPED;
}


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  da052dde8a9 s3:smbd: simplify the error handling in 
create_file_unixpath()
   via  9c277b27dec s3:smbd: allow close_file() with a non-fsa fsp for 
{SHUTDOWN,ERROR}_CLOSE
   via  20187c6f54c s3:smbd: make sure a SHUTDOWN_CLOSE applies to a stream 
fsp before its base fsp
   via  930b6bb3b87 s3:smbd: make use of fsp_set_base_fsp() when changing 
fsp->base_fsp
   via  928382f2700 s3:smbd: add fsp_set_base_fsp() helper
   via  42c60703f2e s3:smbd: remove duplicate assignment of base_fsp in 
create_file_unixpath()
   via  87b4a8f35a8 s3:smbd: fix the error cleanup in create_file_unixpath()
   via  22bebaf8589 s3:smbd: split out create_internal_fsp() from 
create_internal_dirfsp()
   via  7dc9a84bb5c s3:smbd: make fsp_free() static, it should only ever be 
called by file_free()
   via  81b6931be0c s3:smbd: let vfs_default_durable_reconnect() use 
file_free()
   via  bcac1dab694 s3:smbd: close pathref fsp in call_trans2findfirst()
   via  eae7ce8a2e0 s3:smbd: turn assignment into assert check in 
call_trans2findfirst()
   via  e1a10b58171 s3:smbd: let call_trans2findfirst() use file_free() 
instead of fsp_free()
   via  9b1dc2a4ca6 s3:smbd: make sure openat_pathref_fsp() calls 
fd_close(fsp->base_fsp);
   via  8d79764ad3e s3:smbd: introduce a reopen_from_fsp() helper function
   via  38ae1599a0c s3:smbd: don't pass an unused smb_fname to 
reopen_from_procfd()
   via  d6949f0f93f s3:smbd: let open_directory() also use fd_open_atomic() 
as reopen_from_procfd() fallback
   via  30134630988 s3:smbd: let open_pathref_base_fsp() make use of 
smb_fname_fsp_unlink()
   via  c2e7256b1e0 s3:smbd: let openat_pathref_fsp() make use of 
fsp_attach_smb_fname()
   via  cff29e58ffa s3:smbd: let openat_pathref_fsp() allocate 
fsp->fsp_name directly on fsp
   via  347edf7ee00 s3:smbd: split out a fsp_attach_smb_fname() helper 
function
   via  1ab038b77a8 s3:smbd: let fsp_set_smb_fname() always link fsp to 
fsp->fsp_name->fsp
   via  932c27e290e s3:smbd: let fsp_smb_fname_link() set both sides of the 
link
   via  3fdfb79a12b s3:smbd: rearrange move_smb_fname_fsp_link a bit
  from  4e624478dcd s4 auth ntlm: Fix integer overflow in 
authsam_password_check_and_record

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit da052dde8a9801063e74d036d15f516d079d3720
Author: Stefan Metzmacher 
Date:   Mon Dec 21 16:49:03 2020 +0100

s3:smbd: simplify the error handling in create_file_unixpath()

We can just call close_file(req, fsp, ERROR_CLOSE), as it handles
non-fsa fsp's and base_fsp's just fine.
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 
    
Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Thu Jan 14 12:40:56 UTC 2021 on sn-devel-184

commit 9c277b27dec568677c0b407497da6eb95ae7cb8d
Author: Stefan Metzmacher 
Date:   Wed Dec 23 12:10:37 2020 +0100

s3:smbd: allow close_file() with a non-fsa fsp for {SHUTDOWN,ERROR}_CLOSE

Such an fsp was typically created via create_internal_fsp() and
opened via fd_openat() without going through SMB_VFS_CREATE_FILE(),
so they should be closed via fd_close().
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 

commit 20187c6f54c85131bcdc7979a649d1a575d3a8e0
Author: Stefan Metzmacher 
Date:   Wed Dec 23 11:50:34 2020 +0100

s3:smbd: make sure a SHUTDOWN_CLOSE applies to a stream fsp before its base 
fsp

Before we had open_pathref_fsp() we had the stream fsp before the base
fsp in the linked list we traverse for SHUTDOWN_CLOSE.

Now the order has changed. I could have used some DLIST_PROMOTE()
hacks, but that's still fragile.

Now we reference both fsp's via ->base_fsp and ->stream_fsp.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 

commit 930b6bb3b87f600757266b34a9bb1ca3764177fd
Author: Stefan Metzmacher 
Date:   Mon Dec 21 16:35:11 2020 +0100

s3:smbd: make use of fsp_set_base_fsp() when changing fsp->base_fsp

This allows us to add some more logic for bi-directional linking between
base and stream fsp in the next commits.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 

commit 928382f27000ce93aa29080f06cb7445b0b8c281
Author: Stefan Metzmacher 
Date:   Mon Dec 21 15:44:22 2020 +0100

s3:smbd: add fsp_set_base_fsp() helper

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 

commit 42c60703f2e7417168774f7b5a0ff25299e3b6a2
Author: Stefan Metzmacher 
Date:   Mon Jan 4 16:33:09 2021 +0100

s3:smbd: remove duplica

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  54963d246ea Happy New Year 2021!
  from  542ae1055cd vfs_gpfs:Logging filename for smbd_gpfs_set_times_path()

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 54963d246ead84e2c845ee47d2ede5cf15920a8e
Author: Stefan Metzmacher 
Date:   Fri Jan 1 10:44:37 2021 +

Happy New Year 2021!

Signed-off-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Fri Jan  1 11:56:23 UTC 2021 on sn-devel-184

---

Summary of changes:
 source3/include/smb.h  | 2 +-
 source4/samba/server.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/include/smb.h b/source3/include/smb.h
index ec4b9cf5f4b..8638c80bf95 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -30,7 +30,7 @@
 #include "libds/common/roles.h"
 
 /* logged when starting the various Samba daemons */
-#define COPYRIGHT_STARTUP_MESSAGE  "Copyright Andrew Tridgell and the 
Samba Team 1992-2020"
+#define COPYRIGHT_STARTUP_MESSAGE  "Copyright Andrew Tridgell and the 
Samba Team 1992-2021"
 
 #define SAFETY_MARGIN 1024
 #define LARGE_WRITEX_HDR_SIZE 65
diff --git a/source4/samba/server.c b/source4/samba/server.c
index 6e07f048c0f..6cf4e4fb77e 100644
--- a/source4/samba/server.c
+++ b/source4/samba/server.c
@@ -645,7 +645,7 @@ static int binary_smbd_main(const char *binary_name,
binary_name,
SAMBA_VERSION_STRING));
DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team"
-   " 1992-2020\n"));
+   " 1992-2021\n"));
 
if (sizeof(uint16_t) < 2 ||
sizeof(uint32_t) < 4 ||


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  6c95e467817 smbd/notify: add option "honor change notify privilege"
   via  bcfce0ecd31 selftest: add tests for smb notify, using the a special 
share
   via  3e9f0e97255 selftest: add option to pass args to tests to 
planpythontestsuite()
   via  0133c17c099 python/tests: add tests for smb notify and the 
dependency to the TRAVERSE privilege
   via  f4e578aa24b python/ntacls.py: add SMBHelper.set_acl() helper 
function
   via  b082cf321e4 python/ntacls.py: let SMBHelper.get_acl() use the 
default values of self.smb_conn.get_acl()
   via  18dd953d83a libsmb_samba_internal: calculate the access_mask for 
{g,s}et_acl() based on the secinfo flags
   via  0ccdce67d3a libsmb_samba_internal: don't send 
SECINFO_[UN]PROTECTED_{S,D}ACL by default
   via  752a8f870de s3:pylibsmb: remove unused SECINFO_DEFAULT_FLAGS
   via  3ffb817506c s3:pylibsmb: add notify() support
   via  fde65c2f293 s3:pylibsmb: add echo() support
   via  084c22403f0 s3:pylibsmb: PyErr_NTSTATUS_IS_ERR_RAISE => 
PyErr_NTSTATUS_NOT_OK_RAISE
   via  560e4b1b32f libcli/smb: add smbXcli_conn_send_queue()
   via  76121ae7cf4 s3:libsmb: set correct min and max smb protocol when 
smb2 is enforced on connect
   via  f40da74e145 s3:libsmb: set min smb protocol when enforcing smb1 on 
connect
   via  98119189cfe blackbox/test_samba-tool_ntacl.sh: script requires two 
arguments
   via  577d4f1a60c docs:smbdotconf: fix a typo in 
oldpasswordallowedperiod.xml
  from  8004cf7a4af pep8 tidy up config

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 6c95e467817b246a0eab626cac10b6120f6c88f8
Author: Björn Baumbach 
Date:   Tue Nov 6 15:21:37 2018 +0100

smbd/notify: add option "honor change notify privilege"

This option can be used to make use of the change notify privilege.
By default notify results are not checked against the file system
permissions.

If "honor change notify privilege" is enabled, a user will only
receive notify results, if he has change notify privilege or sufficient
file system permissions. If a user has the change notify privilege, he
will receive all requested notify results, even if the user does not
have the permissions on the file system.

Pair-Programmed-With: Stefan Metzmacher 

Signed-off-by: Björn Baumbach 
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 
    
Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Thu Dec 17 15:01:53 UTC 2020 on sn-devel-184

commit bcfce0ecd3153d158f712ff548a1ccd005031bc8
Author: Björn Baumbach 
Date:   Mon Jul 20 16:49:39 2020 +0200

selftest: add tests for smb notify, using the a special share

That share will get the "honor change notify privilege = yes" option
once it's implemented. For now it's marked as knownfail.

Pair-Programmed-With: Stefan Metzmacher 
    
    Signed-off-by: Björn Baumbach 
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 

commit 3e9f0e97255de1b4235c4dca6912635386328746
Author: Björn Baumbach 
Date:   Fri Jul 24 12:18:11 2020 +0200

selftest: add option to pass args to tests to planpythontestsuite()

The logic is basically a copy from planoldpythontestsuite().

Pair-Programmed-With: Stefan Metzmacher 
    
    Signed-off-by: Björn Baumbach 
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 

commit 0133c17c099f6a482e2941a2254c983ec0188592
Author: Björn Baumbach 
Date:   Mon Jul 20 16:49:39 2020 +0200

python/tests: add tests for smb notify and the dependency to the TRAVERSE 
privilege

The easiest way to run this against Windows was to use a domain
controller and configure an enforce group policy and grant the
"Bypass Traverse Checking" only to the "BUILTIN\Administrators" group.
(Note that "LOCAL SERVICE" and "NETWORK SERVICE" are always added in
the local security policy.

The test runs like this:

  SMB_CONF_PATH=/dev/null \
  SERVER=172.31.9.188 \
  TARGET_HOSTNAME=w2012r2-188.w2012r2-l6.base \
  USERNAME=administrator \
  PASSWORD=A1b2C3d4 \
  NOTIFY_SHARE=torture \
  USERNAME_UNPRIV=ldaptestuser \
  PASSWORD_UNPRIV=a1B2c3D4 \
  python/samba/tests/smb-notify.py -v -f SMBNotifyTests

Pair-Programmed-With: Stefan Metzmacher 

Signed-off-by: Björn Baumbach 
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 

commit f4e578aa24bc020d87716915ea5037d7677b75e9
Author: Björn Baumbach 
Date:   Tue Jul 21 12:34:19 2020 +0200

    python/ntacls.py: add SMBHelper.set_acl() helper function

Pair-Programmed-With: Stefan Metzmacher 

Signed-off-

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  ed21259358e WHATSNEW.txt: fix version to 4.14
  from  bbd94522b1e smbd: Remove "have_share_modes" from "struct 
share_mode_data"

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit ed21259358e43594b655debb30dfc0e70aa9ed40
Author: Stefan Metzmacher 
Date:   Sat Dec 5 22:19:07 2020 +0100

WHATSNEW.txt: fix version to 4.14

Signed-off-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Sat Dec  5 22:35:04 UTC 2020 on sn-devel-184

---

Summary of changes:
 WHATSNEW.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 7651b0af564..9cfd2840b17 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -6,7 +6,7 @@ intended for production environments and is designed for testing
 purposes only.  Please report any defects via the Samba bug reporting
 system at https://bugzilla.samba.org/.
 
-Samba 4.13 will be the next version of the Samba suite.
+Samba 4.14 will be the next version of the Samba suite.
 
 
 UPGRADING


-- 
Samba Shared Repository

Re: [RFC 0/1] whitelisting UDP GSO and GRO cmsgs

[Stefan Metzmacher]

Hi Soheil,

> Thank you for CCing us.
> 
> The reason for PROTO_CMSG_DATA_ONLY is explained in the paragraph
> above in the commit message.  PROTO_CMSG_DATA_ONLY is basically to
> allow-list a protocol that is guaranteed not to have the privilege
> escalation in https://crbug.com/project-zero/1975.  TCP doesn't have
> that issue, and I believe UDP doesn't have that issue either (but
> please audit and confirm that with +Jann Horn).
> 
> If you couldn't find any non-data CMSGs for UDP, you should just add
> PROTO_CMSG_DATA_ONLY to inet dgram sockets instead of introducing
> __sys_whitelisted_cmsghdrs as Stefan mentioned.

Was there a specific reason why you only added the PROTO_CMSG_DATA_ONLY check
in __sys_recvmsg_sock(), but not in __sys_sendmsg_sock()?

metze





signature.asc
Description: OpenPGP digital signature

Re: [RFC 0/1] whitelisting UDP GSO and GRO cmsgs

[Stefan Metzmacher]

Am 28.11.20 um 20:03 schrieb Victor Stewart:
> On Thu, Nov 26, 2020 at 7:36 AM Stefan Metzmacher  wrote:
>>
>> Am 23.11.20 um 17:29 schrieb Victor Stewart:
>>> On Mon, Nov 23, 2020 at 4:13 PM Stefan Metzmacher  wrote:
>>>>
>>>> Hi Victor,
>>>>
>>>> wouldn't it be enough to port the PROTO_CMSG_DATA_ONLY check to the 
>>>> sendmsg path?
>>>>
>>>> UDP sockets should have PROTO_CMSG_DATA_ONLY set.
>>>>
>>>> I guess that would fix your current problem.
>>>
>>> that would definitely solve the problem and is the easiest solution.
>>>
>>> but PROTO_CMSG_DATA_ONLY is only set on inet_stream_ops and
>>> inet6_stream_ops but dgram?
>>
>> I guess PROTO_CMSG_DATA_ONLY should be added also for dgram sockets.
>>
>> Did you intend to remove the cc for the mailing list?
>>
>> I think in addition to the io-uring list, cc'ing netdev@vger.kernel.org
>> would also be good.
> 
> whoops forgot to reply all.
> 
> before I CC netdev, what does PROTO_CMSG_DATA_ONLY actually mean?

I don't really know, but I guess it means that, any supported CMSG type
on that socket won't do any magic depending on the process state, like
fd passing with SOL_SOCKET/SCM_RIGHTS or SCM_CREDENTIALS. The CMSG buffer
would just be a plain byte array, which may only reference state attached
to the specific socket or packet.

I'd guess that the author and/or reviewers can clarify that, let's see what
they'll answer.

> I didn't find a clear explanation anywhere by searching the kernel, only
> that it was defined as 1 and flagged on inet_stream_ops and
> inet6_stream_ops.
> 
> there must be a reason it was not initially included for dgrams?

I can't think of any difference I guess the author just tried to get add 
support for the specific usecase
that didn't work (MSG_ZEROCOPY in this case, most likely only tested with a tcp 
workload):

commit 583bbf0624dfd8fc45f1049be1d4980be59451ff
Author: Luke Hsiao 
Date:   Fri Aug 21 21:41:04 2020 -0700

io_uring: allow tcp ancillary data for __sys_recvmsg_sock()

For TCP tx zero-copy, the kernel notifies the process of completions by
queuing completion notifications on the socket error queue. This patch
allows reading these notifications via recvmsg to support TCP tx
zero-copy.

Ancillary data was originally disallowed due to privilege escalation
via io_uring's offloading of sendmsg() onto a kernel thread with kernel
credentials (https://crbug.com/project-zero/1975). So, we must ensure
that the socket type is one where the ancillary data types that are
delivered on recvmsg are plain data (no file descriptors or values that
are translated based on the identity of the calling process).

This was tested by using io_uring to call recvmsg on the MSG_ERRQUEUE
with tx zero-copy enabled. Before this patch, we received -EINVALID from
this specific code path. After this patch, we could read tcp tx
zero-copy completion notifications from the MSG_ERRQUEUE.

Signed-off-by: Soheil Hassas Yeganeh 
Signed-off-by: Arjun Roy 
Acked-by: Eric Dumazet 
Reviewed-by: Jann Horn 
Reviewed-by: Jens Axboe 
Signed-off-by: Luke Hsiao 
Signed-off-by: David S. Miller 

> but yes if there's nothing standing in the way of adding it for
> dgrams, and it covers UDP_SEGMENT and UDP_GRO then that's of course
> the least friction solution here.

Yes, it would avoid whitelisting new specific usecases.

metze




signature.asc
Description: OpenPGP digital signature

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  53274d11488 samba_upgradedns: Do not print confusing logs about 
missing .zone files
   via  a31891c7424 Test password removal via python proctitle
   via  9ec698954d5 Remove password from samba-tool proctitle
   via  d49e96bc45e Do not create an empty DB when accessing a sam.ldb
   via  f226bea5de8 torture: Do not call destroy_dlz() on uninitialised 
memory
   via  6718b5e6d05 waf: upgrade to 2.0.21
   via  5ef3b6deba4 s3:lib: Check return code of set_blocking()
   via  c79b3e2e8a7 s3:smbd: Check return code of set_blocking()
   via  8d5d968ddef libcli:smb: Check return code of set_blocking
   via  7fa75b69933 s3:winbind: Check return code of set_blocking()
   via  17a72ab531e s3:smbd: Fix a possible null pointer deref in oplock 
code
   via  15609cb9198 samba-tool domain backup: Confirm the sidForRestore we 
will put into the backup is free
  from  53c39a26197 s3: smbd: Fix misleading comment I added for commit 
382a5c4e7ec08ec9291453ffad9541ab36aca274

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 53274d114884d85959f268ca89b561ef0c102bf7
Author: Andrew Bartlett 
Date:   Tue Nov 24 10:15:43 2020 +1300

samba_upgradedns: Do not print confusing logs about missing .zone files

samba_upgradedns prints confusing logs about upgrading zone files
and automatically creating DNS zones when the zone already exists.

We need to move the logging to later when we know we what we are
using the parsed information for.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14580

Reviewed-by: Douglas Bagnall 
Signed-off-by: Andrew Bartlett 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Thu Nov 26 08:16:04 UTC 2020 on sn-devel-184

commit a31891c7424f22a970c91611e7beb1fa6ee75c49
Author: David Mulder 
Date:   Fri Nov 8 20:06:53 2019 +

Test password removal via python proctitle

Signed-off-by: David Mulder 
Reviewed-by: Andrew Bartlett 

commit 9ec698954d54ddf5ea38439ab335b14181bed34a
Author: Heiko Baumann 
Date:   Tue Sep 3 14:30:18 2019 +0200

Remove password from samba-tool proctitle

This fix makes sure the password is removed from the proctitle
of samba-tool so it cannot be exposed by e.g. ps(1).
- Moved code to python/samba/getopt.py as suggested by David Mulder
- Except ModuleNotFoundError when trying to load setproctitle module
- Improved code to keep option separator (space or equal sign) while
  removing password from proctitle.

Signed-off-by: Heiko Baumann 
Reviewed-by: Andrew Bartlett 
Reviewed-by: David Mulder 

commit d49e96bc45ea5e2d3364242dad36fe9094b7cc42
Author: Andrew Bartlett 
Date:   Mon Nov 23 19:35:37 2020 +1300

Do not create an empty DB when accessing a sam.ldb

Samba already does this for samba-tool and doing this should make
our errors more sensible, particularly in BIND9 if not provisioned
with the correct --dns-backend=DLZ_BIND9

The old error was like:

 named[62954]: samba_dlz: Unable to get basedn for
 /var/lib/samba/private/dns/sam.ldb
  - NULL Base DN invalid for a base search.

The new error will be like (in this case from the torture test):
 Failed to connect to Failed to connect to
 ldb:///home/abartlet/samba/st/chgdcpass/bind-dns/dns/sam.ldb:
 Unable to open tdb 
'/home/abartlet/samba/st/chgdcpass/bind-dns/dns/sam.ldb':
 No such file or directory: Operations error

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14579

Reviewed-by: Andreas Schneider 
Signed-off-by: Andrew Bartlett 

commit f226bea5de892e3dbda3c0737edf054399ec0104
Author: Andrew Bartlett 
Date:   Mon Nov 23 20:27:51 2020 +1300

torture: Do not call destroy_dlz() on uninitialised memory

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14579

Reviewed-by: Andreas Schneider 
Signed-off-by: Andrew Bartlett 

commit 6718b5e6d059e5668fc538be802ebd9fbe5ce9af
Author: Stefan Metzmacher 
Date:   Wed Nov 25 16:29:06 2020 +0100

waf: upgrade to 2.0.21

This commit message was wrong:

commit 5fc3a71d0f54b176d3cb2e399718d0468507e797
Author: David Mulder 
Date:   Mon Aug 24 13:12:46 2020 -0600

waf: upgrade to 2.0.20

This contain an important change:
"Fix gccdeps.scan() returning nodes that no longer exist on disk."
https://gitlab.com/ita1024/waf/-/merge_requests/2293

Signed-off-by: David Mulder 
    Reviewed-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 

The fix was in in waf master, but not included in 2.0.20,
but it's now included in 2.0.21.

    Signed-off-by: Stefan Metzmacher 
Reviewed-by:

cli_credentials_parse_name... (Re: [SCM] Samba Shared Repository - branch master updated)

[Stefan Metzmacher]

Am 04.11.20 um 17:24 schrieb Alexander Bokovoy:
> The branch, master has been updated
>via  f9016912098 lookup_name: allow lookup for own realm
>via  00f4262ed0b cli_credentials: add a helper to parse user or group 
> names
>via  eb0474d27ba cli_credentials_parse_string: fix parsing of 
> principals
>   from  a1b021200e3 selftest: add test for new "samba-tool user unlock" 
> command
> 
> https://git.samba.org/?p=samba.git;a=shortlog;h=master
> 
> 
> - Log -
> commit f901691209867b32c2d7c5c9274eee196f541654
> Author: Alexander Bokovoy 
> Date:   Wed Nov 4 14:21:33 2020 +0200
> 
> lookup_name: allow lookup for own realm
> 
> When using a security tab in Windows Explorer, a lookup over a trusted
> forest might come as realm\name instead of NetBIOS domain name:
> 
> 
> [2020/01/13 11:12:39.859134,  1, pid=33253, effective(1732401004, 
> 1732401004), real(1732401004, 0), class=rpc_parse] 
> ../../librpc/ndr/ndr.c:471(ndr_print_function_debug)
>lsa_LookupNames3: struct lsa_LookupNames3
>   in: struct lsa_LookupNames3
>   handle   : *
>   handle: struct policy_handle
>   handle_type  : 0x (0)
>   uuid : 
> 000e---1c5e-a750e581
>   num_names: 0x0001 (1)
>   names: ARRAY(1)
>   names: struct lsa_String
>   length   : 0x001e (30)
>   size : 0x0020 (32)
>   string   : *
>   string   : 'ipa.test\admins'
>   sids : *
>   sids: struct lsa_TransSidArray3
>   count: 0x (0)
>   sids : NULL
>   level: 
> LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 (6)
>   count: *
>   count: 0x (0)
>   lookup_options   : 
> LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES (0)
>   client_revision  : LSA_CLIENT_REVISION_2 (2)
>
> ...
>
> diff --git a/auth/credentials/tests/test_creds.c 
> b/auth/credentials/tests/test_creds.c
> index d2d3d30d73d..38550d6ecf9 100644
> --- a/auth/credentials/tests/test_creds.c
> +++ b/auth/credentials/tests/test_creds.c
> @@ -187,7 +187,7 @@ static void torture_creds_parse_string(void **state)
>   assert_string_equal(creds->domain, "");
>   assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
>  
> - assert_string_equal(creds->username, "wurst@brot.realm");
> + assert_string_equal(creds->username, "wurst");

I'm sorry but this is wrong!
I'm wondering why this wasn't covered by any high level test.

This needs to result in domain="" and username="wurst@brot.realm"
and that's exactly what we need to use for NTLMSSP.
Also note that "brot.realm" may not be a realm and "wurst" may not
be a sAMAccountName. A userPrincipalName can be 
anything@anydomain-of-msDS-SPNSuffixes.

I fear we need to revert these changes.
From the merge request 
(https://gitlab.com/samba-team/samba/-/merge_requests/1658)
I didn't really look at the whole patchset (with behavior change)
I only focused on CRED_NO_PASSWORD.

I think we need to logic we have in wb_irpc_lsa_LookupNames4_call() and/or 
parse_domain_user() here.

metze



signature.asc
Description: OpenPGP digital signature

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  7223f6453b1 s4:dsdb:acl_read: Implement "List Object" mode feature
   via  ffc0bdc6d49 s4:dsdb:util: add dsdb_do_list_object() helper
   via  e1529bedb2b s4:dsdb:acl_read: defer LDB_ERR_NO_SUCH_OBJECT
   via  faff8e6c897 s4:dsdb:acl_read: make use of 
aclread_check_object_visible() for the search base
   via  c4a3028de72 s4:dsdb:acl_read: fully set up 'struct aclread_context' 
before the search base acl check
   via  d2dd7c2a5c1 s4:dsdb:acl_read: introduce 
aclread_check_object_visible() helper
   via  06d13440673 s4:dsdb:tests: add AclVisibiltyTests
   via  80347deb544 python/tests: add DynamicTestCase 
setUpDynamicTestCases() infrastructure
  from  6aa396b0cd1 ctdb-common: Avoid aliasing errors during code 
optimization

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 7223f6453b1b38c933c9480c637ffd06d9f39b97
Author: Stefan Metzmacher 
Date:   Tue Oct 13 12:43:39 2020 +0200

s4:dsdb:acl_read: Implement "List Object" mode feature

See [MS-ADTS] 5.1.3.3.6 Checking Object Visibility

I tried to avoid any possible overhead for the common cases:

- SEC_ADS_LIST (List Children) is already granted by default
- fDoListObject is off by default

Overhead is only added if the administrator turned on
the fDoListObject feature and removed SEC_ADS_LIST (List Children)
from a parent object.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Douglas Bagnall 
    
Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Wed Oct 21 08:48:02 UTC 2020 on sn-devel-184

commit ffc0bdc6d49e88da1ee408956365da163ff3e1b2
Author: Stefan Metzmacher 
Date:   Tue Oct 6 11:21:34 2020 +0200

s4:dsdb:util: add dsdb_do_list_object() helper

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Douglas Bagnall 

commit e1529bedb2b6c8553e69a42537ac0cffd03af6d6
Author: Stefan Metzmacher 
Date:   Mon Oct 12 17:59:34 2020 +0200

s4:dsdb:acl_read: defer LDB_ERR_NO_SUCH_OBJECT

We may need to return child objects even if the base dn
is invisible.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Douglas Bagnall 

commit faff8e6c89777c38443e561235073c336cfb2e9c
Author: Stefan Metzmacher 
Date:   Tue Oct 6 15:10:33 2020 +0200

s4:dsdb:acl_read: make use of aclread_check_object_visible() for the search 
base

We should only have one place to do access checks.

Use 'git show -w' to see the minimal diff.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Douglas Bagnall 

commit c4a3028de726d6708f57d02f9162a4d62d1b6ae7
Author: Stefan Metzmacher 
Date:   Tue Oct 6 15:10:33 2020 +0200

s4:dsdb:acl_read: fully set up 'struct aclread_context' before the search 
base acl check

This makes further change much easier.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Douglas Bagnall 

commit d2dd7c2a5c1f8ee30f0f3b41f933d082b0c75f7c
Author: Stefan Metzmacher 
Date:   Tue Oct 6 15:07:19 2020 +0200

s4:dsdb:acl_read: introduce aclread_check_object_visible() helper

In future this will do more than aclread_check_parent(),
if we implement fDoListObject and SEC_ADS_LIST_OBJECT handling.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Douglas Bagnall 

commit 06d134406739e76b97273db3023855150dbaebbc
Author: Stefan Metzmacher 
Date:   Wed Oct 7 13:21:06 2020 +0200

s4:dsdb:tests: add AclVisibiltyTests

This tests a sorts of combinations in order to
demonstrate the visibility of objects depending on:

- with or without fDoListObject
- with or without explicit DENY ACEs
- A hierachy of objects with 4 levels from the base dn
- SEC_ADS_LIST (List Children)
- SEC_ADS_LIST_LIST_OBJECT (List Object)
- SEC_ADS_READ_PROP
- all possible scopes and basedns

This demonstrates that NO_SUCH_OBJECT doesn't depend purely
on the visibility of the base dn, it's still possible to
get children returned und an invisible base dn.

It also demonstrates the additional behavior with "List Object" mode.
See [MS-ADTS] 5.1.3.3.6 Checking Object Visibility

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Douglas Bagnall 

commit 80347deb544b38be6c6814e5d1b82e48ebe83fd1
Author: Stefan Metzmacher 
Date:   Mon Apr 20 20:00:51 2020 +0200

python/tests: ad

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  6b9564c1084 s3:ctdbd_conn: simplify get_public_ips() / 
find_in_public_ips() API
   via  0253ba159b9 s3:smbd: rename has_ctdb_public_ip to 
has_cluster_movable_ip
   via  55dad704116 smb2_ioctl_network_fs: fix minor leak in error path
   via  b78ff571765 interface: fix if_index is not parsed correctly
  from  74fbe0b987a vfs_shadow_copy2: Avoid closing snapsdir twice

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 6b9564c1084d8dc7319857fac984808571ef0eb9
Author: David Disseldorp 
Date:   Mon Sep 7 00:17:11 2020 +0200

s3:ctdbd_conn: simplify get_public_ips() / find_in_public_ips() API

These calls are used to check whether an IP address is static to the
host, or whether it could be migrated by ctdb.

Combine the calls into a simple ctdbd_public_ip_foreach(cb) function,
which avoids the need to expose struct ctdb_public_ip_list_old.

Signed-off-by: David Disseldorp 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Wed Oct 14 12:29:56 UTC 2020 on sn-devel-184

commit 0253ba159b9a5017a11c63e362d70c9fea637ca2
Author: David Disseldorp 
Date:   Sun Sep 6 22:59:20 2020 +0200

s3:smbd: rename has_ctdb_public_ip to has_cluster_movable_ip

This provides a little more detail to what's actually being tracked
with this boolean.

Signed-off-by: David Disseldorp 
Reviewed-by: Stefan Metzmacher 

commit 55dad704116b31249bd8004241ea4e1d0b481512
Author: David Disseldorp 
Date:   Sun Sep 6 23:59:04 2020 +0200

smb2_ioctl_network_fs: fix minor leak in error path

The struct fsctl_net_iface_info array needs to be cleaned up.

Signed-off-by: David Disseldorp 
Reviewed-by: Stefan Metzmacher 

commit b78ff5717654064c8a4facc54a8e9833e5843c21
Author: Jones Syue 
Date:   Mon Sep 28 09:10:03 2020 +0800

interface: fix if_index is not parsed correctly

Replace probed_ifaces[i] with ifs.

In SDC 2020 SMB3 Virtual IO Lab,
run Windows Protocol Test Suite to test FileServer multichannel test cases.
Samba server has 2 virtual interfaces for VPN connection:
> name=tun2001, ip/mask=192.168.144.9/22
> name=tun2002, ip/mask=192.168.144.10/22
test suite client can ping these 2 ip addresses and browse shares.
Then client try to use IOCTL FSCTL_QUERY_NETWORK_INTERFACE_INFO to get the
virtual ip addresses of samba server, but samba server responded it
without the virtual ip addresses. My VPN setup is point-to-point and the
virtual interfaces 'tun2001' & 'tun2002' are without flag IFF_BROADCAST.
So edit smb.conf and add
"interfaces = ${virtual_ip}/${mask_length};if_index=${id}", like this:
> interfaces = eth4 eth8 eth11 eth10 qvs0 "192.168.144.9/22;if_index=50" 
"192.168.144.10/22;if_index=51"
then samba server IOCTL response could return the virtual ip addresses,
but found a issue:
the interface index of virtual ip addresses is always 4294967295
(0x, -1).

Quote Metze: 
https://gitlab.com/samba-team/devel/samba/-/commit/6cadb55d975a6348a417caed8b3258f5be2acba4#note_419181789
This looks good, I think that also explains
the possible memory corruption/crash I mentioned in the bug report.
As 'i' is most likely the same as 'total_probed' and
probed_ifaces[i] is not valid, so we overwrite unrelated memory.
Later I see 'realloc(): invalid pointer' and this backtrace:
  BACKTRACE:
   #0 log_stack_trace + 0x29 [ip=0x7f2f1b6fffa9] [sp=0x7ffcd0ab53e0]
   #1 smb_panic + 0x11 [ip=0x7f2f1b700301] [sp=0x7ffcd0ab5d10]
   #2 sig_fault + 0x54 [ip=0x7f2f1b7004f4] [sp=0x7ffcd0ab5e20]
   #3 funlockfile + 0x50 [ip=0x7f2f17ce6dd0] [sp=0x7ffcd0ab5ec0]
   #4 gsignal + 0x10f [ip=0x7f2f1794970f] [sp=0x7ffcd0ab6b90]
   #5 abort + 0x127 [ip=0x7f2f17933b25] [sp=0x7ffcd0ab6cb0]
   #6 __libc_message + 0x297 [ip=0x7f2f1798c897] [sp=0x7ffcd0ab6de0]
   #7 malloc_printerr + 0x1c [ip=0x7f2f17992fdc] [sp=0x7ffcd0ab6ef0]
   #8 realloc + 0x23a [ip=0x7f2f17997f6a] [sp=0x7ffcd0ab6f00]
   #9 _talloc_realloc + 0xee [ip=0x7f2f1a365d2e] [sp=0x7ffcd0ab6f50]
   #10 messaging_filtered_read_send + 0x18c [ip=0x7f2f1a10f54c] 
[sp=0x7ffcd0ab6fb0]
   #11 messaging_read_send + 0x55 [ip=0x7f2f1a10f705] [sp=0x7ffcd0ab7000]
   #12 smb2srv_session_table_init + 0x83 [ip=0x7f2f1b3a6cd3] 
[sp=0x7ffcd0ab7040]
   #13 smbXsrv_connection_init_tables + 0x2d [ip=0x7f2f1b373f4d] 
[sp=0x7ffcd0ab7060]
   #14 smbd_smb2_request_process_negprot + 0x827 [ip=0x7f2f1b38cb47] 
[sp=0x7ffcd0ab7080]
   #15 smbd_smb2_request_dispatch + 0x19db [ip=0x7f2f1b38921b] 
[sp=0x7ffcd0ab71d0]
   #16 smbd_smb2_process_negprot + 0x298 [ip=0x7f2f1b

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  9945f3e3548 CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated 
bytes in client challenge
   via  4b262b03e1e CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty 
machine acct pwd
   via  d1790a0b5ae CVE-2020-1472(ZeroLogon): docs-xml: document 'server 
require schannel:COMPUTERACCOUNT'
   via  b8e4b0f4306 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log 
warnings about unsecure configurations
   via  b74017d2dd1 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
support "server require schannel:WORKSTATION$ = no"
   via  9ef5b63e7a1 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
refactor dcesrv_netr_creds_server_step_check()
   via  ca8a0098ac2 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log 
warnings about unsecure configurations
   via  f9b772bf286 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
support "server require schannel:WORKSTATION$ = no"
   via  be8e6394990 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
refactor dcesrv_netr_creds_server_step_check()
   via  82d41977a8b CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
protect netr_ServerPasswordSet2 against unencrypted passwords
   via  9ec8b59bdea CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Fix 
mem leak onto p->mem_ctx in error path of _netr_ServerPasswordSet2().
   via  d8a6e6549c1 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
protect netr_ServerPasswordSet2 against unencrypted passwords
   via  d3123858fb5 CVE-2020-1472(ZeroLogon): libcli/auth: reject weak 
client challenges in netlogon_creds_server_init()
   via  53528c71ffd CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_is_random_challenge() to avoid weak values
   via  74eb448adf7 CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make 
use of netlogon_creds_random_challenge()
   via  caba2d8082d CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make 
use of netlogon_creds_random_challenge()
   via  46642fd32d9 CVE-2020-1472(ZeroLogon): libcli/auth: make use of 
netlogon_creds_random_challenge() in netlogon_creds_cli.c
   via  355efadc6a1 CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of 
netlogon_creds_random_challenge()
   via  b813cdcac37 CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_random_challenge()
  from  380938b00fb nt_printing_ads: add missing printShareName attribute 
when publishing printers

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 9945f3e3548657c33cc2e5ef97eedd1dfe2edf71
Author: Gary Lockyer 
Date:   Fri Sep 18 15:57:34 2020 +1200

CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge

Ensure that client challenges with the first 5 bytes identical are
rejected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Gary Lockyer 
    Reviewed-by: Stefan Metzmacher 

    Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Fri Sep 18 14:13:17 UTC 2020 on sn-devel-184

commit 4b262b03e1e8285c399338895832a115953d3f23
Author: Gary Lockyer 
Date:   Fri Sep 18 12:39:54 2020 +1200

CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty machine acct pwd

Ensure that an empty machine account password can't be set by
netr_ServerPasswordSet2

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Gary Lockyer 
Reviewed-by: Stefan Metzmacher 

commit d1790a0b5ae7160f6707c6c4fbf2217b251584ea
Author: Stefan Metzmacher 
Date:   Thu Sep 17 17:27:54 2020 +0200

CVE-2020-1472(ZeroLogon): docs-xml: document 'server require 
schannel:COMPUTERACCOUNT'

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Gary Lockyer 

commit b8e4b0f4306e2d0b4b7c7c443d97abf46d7f9aca
Author: Günther Deschner 
Date:   Thu Sep 17 14:42:52 2020 +0200

CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log warnings about 
unsecure configurations

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Pair-Programmed-With: Stefan Metzmacher 

Signed-off-by: Günther Deschner 
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Gary Lockyer 

commit b74017d2dd15006f4bec899aa38191a3b44800e4
Author: Günther Deschner 
Date:   Thu Sep 17 14:23:16 2020 +0200

CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: support "server require 
schannel:WORKSTATION$ = no"

This allows to add expections for individual workstations, when using 
"server schannel = yes".
"server schannel = auto" is very insecure and will be removed soon.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Pair-Programmed-With: Stefan Metzmacher 

Signed-off-by: Günther Deschner 
Signed-off-by: Stefan Metzmacher 
 

[SCM] Samba Shared Repository - branch v4-12-test updated

[Stefan Metzmacher]

The branch, v4-12-test has been updated
   via  ba63dd8867f VERSION: Bump version up to 4.12.8...
   via  155e6c0b855 Merge tag 'samba-4.12.7' into v4-12-test
   via  356c036ef15 VERSION: Disable GIT_SNAPSHOT for 4.12.7 release.
   via  527a5df295d WHATSNEW: Add release notes for Samba 4.12.7.
   via  04d316f3d51 CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated 
bytes in client challenge
   via  3eeb5671b80 CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty 
machine acct pwd
   via  512060e37ee CVE-2020-1472(ZeroLogon): docs-xml: document 'server 
require schannel:COMPUTERACCOUNT'
   via  a26ee2bf94a CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log 
warnings about unsecure configurations
   via  f3f792b8eab CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
support "server require schannel:WORKSTATION$ = no"
   via  2462fa5f30e CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
refactor dcesrv_netr_creds_server_step_check()
   via  8c5940223e1 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log 
warnings about unsecure configurations
   via  e4e0094fdbd CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
support "server require schannel:WORKSTATION$ = no"
   via  1a03f011914 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
refactor dcesrv_netr_creds_server_step_check()
   via  e75cfccb1c5 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
protect netr_ServerPasswordSet2 against unencrypted passwords
   via  dac81bdde6a CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Fix 
mem leak onto p->mem_ctx in error path of _netr_ServerPasswordSet2().
   via  0f4d98c1a2e CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
protect netr_ServerPasswordSet2 against unencrypted passwords
   via  e0e2d5911f5 CVE-2020-1472(ZeroLogon): libcli/auth: reject weak 
client challenges in netlogon_creds_server_init()
   via  ef49b5d0911 CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_is_random_challenge() to avoid weak values
   via  0371ca12772 CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make 
use of netlogon_creds_random_challenge()
   via  88d4e02c6b1 CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make 
use of netlogon_creds_random_challenge()
   via  daeb1bebcea CVE-2020-1472(ZeroLogon): libcli/auth: make use of 
netlogon_creds_random_challenge() in netlogon_creds_cli.c
   via  d92c031f69a CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of 
netlogon_creds_random_challenge()
   via  e862b4ce567 CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_random_challenge()
  from  02ee82f6e4d waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS 
> 3.6.14

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-test


- Log -
commit ba63dd8867f93332d4f9ed4dfd158e0d742ebe7a
Author: Stefan Metzmacher 
Date:   Fri Sep 18 15:42:53 2020 +0200

VERSION: Bump version up to 4.12.8...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Stefan Metzmacher 

commit 155e6c0b855209e562258f96d60efdd32e7a7d8d
Merge: 02ee82f6e4d 356c036ef15
Author: Stefan Metzmacher 
Date:   Fri Sep 18 15:42:20 2020 +0200

Merge tag 'samba-4.12.7' into v4-12-test

samba: tag release samba-4.12.7

Signed-off-by: Stefan Metzmacher 

---

Summary of changes:
 VERSION |   2 +-
 WHATSNEW.txt| 107 +-
 docs-xml/smbdotconf/security/serverschannel.xml |  69 +++-
 libcli/auth/credentials.c   |  44 ++-
 libcli/auth/netlogon_creds_cli.c|   3 +-
 libcli/auth/proto.h |   3 +
 libcli/auth/wscript_build   |   2 +-
 source3/rpc_server/netlogon/srv_netlog_nt.c | 212 +++-
 source4/rpc_server/netlogon/dcerpc_netlogon.c   | 175 +-
 source4/torture/rpc/lsa.c   |   2 +-
 source4/torture/rpc/netlogon.c  | 433 
 11 files changed, 941 insertions(+), 111 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index f986eaa4dee..c010f9c735d 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=12
-SAMBA_VERSION_RELEASE=7
+SAMBA_VERSION_RELEASE=8
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index dfeb80b6a6b..4eac328a7c1 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,106 @@
+   ==
+   Release Notes for Samba 4.12.7
+ September 18, 2020
+   ==

[SCM] Samba Shared Repository - branch v4-11-test updated

[Stefan Metzmacher]

The branch, v4-11-test has been updated
   via  cd50a5329a0 VERSION: Bump version up to 4.11.14...
   via  70e9e595121 Merge tag 'samba-4.11.13' into v4-11-test
   via  ef64fc24b31 VERSION: Disable GIT_SNAPSHOT for the 4.11.13 release.
   via  e7dd032e320 WHATSNEW: Add release notes for Samba 4.11.13.
   via  db344db0efb CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated 
bytes in client challenge
   via  337e4da4daa CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty 
machine acct pwd
   via  572a41b24e7 CVE-2020-1472(ZeroLogon): docs-xml: document 'server 
require schannel:COMPUTERACCOUNT'
   via  86c54d3a270 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log 
warnings about unsecure configurations
   via  615cc75074b CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
support "server require schannel:WORKSTATION$ = no"
   via  5ee9480a898 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
refactor dcesrv_netr_creds_server_step_check()
   via  c836fc24b9c CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log 
warnings about unsecure configurations
   via  92d7e9f7f92 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
support "server require schannel:WORKSTATION$ = no"
   via  f867164dc57 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
refactor dcesrv_netr_creds_server_step_check()
   via  0da2f3e2455 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
protect netr_ServerPasswordSet2 against unencrypted passwords
   via  d5926ad40ff CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Fix 
mem leak onto p->mem_ctx in error path of _netr_ServerPasswordSet2().
   via  9b174d71541 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
protect netr_ServerPasswordSet2 against unencrypted passwords
   via  fd05519caa2 CVE-2020-1472(ZeroLogon): libcli/auth: reject weak 
client challenges in netlogon_creds_server_init()
   via  13185dd8356 CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_is_random_challenge() to avoid weak values
   via  35277995d39 CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make 
use of netlogon_creds_random_challenge()
   via  a71bc6c974d CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make 
use of netlogon_creds_random_challenge()
   via  f7b0e7a6dde CVE-2020-1472(ZeroLogon): libcli/auth: make use of 
netlogon_creds_random_challenge() in netlogon_creds_cli.c
   via  691d854c141 CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of 
netlogon_creds_random_challenge()
   via  6941fa1ff83 CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_random_challenge()
  from  061d484f6da smbd: don't log success as error

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-11-test


- Log -
commit cd50a5329a0c65344dcf4cfe3620e84e02e3b435
Author: Stefan Metzmacher 
Date:   Fri Sep 18 15:39:47 2020 +0200

VERSION: Bump version up to 4.11.14...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Stefan Metzmacher 

commit 70e9e595121161778efae0118cad1e0895dce372
Merge: 061d484f6da ef64fc24b31
Author: Stefan Metzmacher 
Date:   Fri Sep 18 15:38:14 2020 +0200

Merge tag 'samba-4.11.13' into v4-11-test

    samba: tag release samba-4.11.13

Signed-off-by: Stefan Metzmacher 

---

Summary of changes:
 VERSION |   2 +-
 WHATSNEW.txt| 107 +-
 docs-xml/smbdotconf/security/serverschannel.xml |  69 +++-
 libcli/auth/credentials.c   |  44 +++
 libcli/auth/netlogon_creds_cli.c|   3 +-
 libcli/auth/proto.h |   4 +
 libcli/auth/wscript_build   |   2 +-
 source3/rpc_server/netlogon/srv_netlog_nt.c | 212 +++-
 source4/rpc_server/netlogon/dcerpc_netlogon.c   | 175 +-
 source4/torture/rpc/lsa.c   |   2 +-
 source4/torture/rpc/netlogon.c  | 433 
 11 files changed, 943 insertions(+), 110 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 5885b36fd71..5fa1c53e286 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=11
-SAMBA_VERSION_RELEASE=13
+SAMBA_VERSION_RELEASE=14
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 80e5f32b1a0..76dc4cc0d5a 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,106 @@
+   ===
+   Release Notes for Samba 4.11.13
+  September 18, 2020
+   ===
+
+
+Th

[SCM] Samba Shared Repository - branch v4-10-test updated

[Stefan Metzmacher]

The branch, v4-10-test has been updated
   via  aa658ca962c VERSION: Disable GIT_SNAPSHOT for the 4.10.18 release.
   via  1d3bbd71736 WHATSNEW: Add release notes for Samba 4.10.18.
   via  a414d149503 CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated 
bytes in client challenge
   via  4809d018dea CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty 
machine acct pwd
   via  4c0ad865d40 CVE-2020-1472(ZeroLogon): docs-xml: document 'server 
require schannel:COMPUTERACCOUNT'
   via  54fb5e12d68 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log 
warnings about unsecure configurations
   via  912cc29a995 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
support "server require schannel:WORKSTATION$ = no"
   via  6a6f64fc8c3 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
refactor dcesrv_netr_creds_server_step_check()
   via  bfb70388c1c CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log 
warnings about unsecure configurations
   via  1a1ecc5fc31 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
support "server require schannel:WORKSTATION$ = no"
   via  b33d4dff5f5 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
refactor dcesrv_netr_creds_server_step_check()
   via  59f88cb36eb CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
protect netr_ServerPasswordSet2 against unencrypted passwords
   via  e799c47b6e0 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
protect netr_ServerPasswordSet2 against unencrypted passwords
   via  bffdfb129ce CVE-2020-1472(ZeroLogon): libcli/auth: reject weak 
client challenges in netlogon_creds_server_init()
   via  1665085bb3a CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_is_random_challenge() to avoid weak values
   via  36824951f3a CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make 
use of netlogon_creds_random_challenge()
   via  8aa00858571 CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make 
use of netlogon_creds_random_challenge()
   via  520216a051a CVE-2020-1472(ZeroLogon): libcli/auth: make use of 
netlogon_creds_random_challenge() in netlogon_creds_cli.c
   via  0b45e084a45 CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of 
netlogon_creds_random_challenge()
   via  e3e81644347 CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_random_challenge()
  from  40d23ea50ce util: fix build on AIX by fixing the order of replace.h 
include

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-10-test


- Log -
commit aa658ca962cfe9057741495ce9eda5d6b6965882
Author: Karolin Seeger 
Date:   Fri Sep 18 12:59:51 2020 +0200

VERSION: Disable GIT_SNAPSHOT for the 4.10.18 release.

Signed-off-by: Karolin Seeger 

commit 1d3bbd71736365b745a29f4e6bfafc2537d7aa71
Author: Karolin Seeger 
Date:   Fri Sep 18 13:18:55 2020 +0200

WHATSNEW: Add release notes for Samba 4.10.18.

CVE-2020-1472: Samba impact of "ZeroLogon".

Signed-off-by: Karolin Seeger 

commit a414d149503718650bf2bdd049a92b04472ef267
Author: Gary Lockyer 
Date:   Fri Sep 18 15:57:34 2020 +1200

CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge

Ensure that client challenges with the first 5 bytes identical are
rejected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Gary Lockyer 

[abart...@samba.org: backported from master as test order was flipped]

commit 4809d018dea336dd50e84f713778c53ed85fef20
Author: Gary Lockyer 
Date:   Fri Sep 18 12:39:54 2020 +1200

CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty machine acct pwd

Ensure that an empty machine account password can't be set by
netr_ServerPasswordSet2

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Gary Lockyer 

commit 4c0ad865d400739106c624beb1494128f885fce6
Author: Stefan Metzmacher 
Date:   Thu Sep 17 17:27:54 2020 +0200

CVE-2020-1472(ZeroLogon): docs-xml: document 'server require 
schannel:COMPUTERACCOUNT'

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher 

commit 54fb5e12d6805e687e8840209a2d4af26294ee18
Author: Günther Deschner 
Date:   Thu Sep 17 14:42:52 2020 +0200

CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log warnings about 
unsecure configurations

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Pair-Programmed-With: Stefan Metzmacher 

    Signed-off-by: Günther Deschner 
Signed-off-by: Stefan Metzmacher 

commit 912cc29a9950d6385f4e372b5141900f87a464b7
Author: Günther Deschner 
Date:   Thu Sep 17 14:23:16 2020 +0200

CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: support "server require 
schannel:WORKSTATION$ = no"

This allows to add expections for individual workstations, when using 
"server scha

[SCM] Samba Shared Repository - branch v4-13-stable updated

[Stefan Metzmacher]

ticated domain takeover via netlogon ("ZeroLogon").
+
+The following applies to Samba used as domain controller only (most
+seriously the Active Directory DC, but also the classic/NT4-style DC).
+
+Installations running Samba as a file server only are not directly
+affected by this flaw, though they may need configuration changes to
+continue to talk to domain controllers (see "file servers and domain
+members" below).
+
+The netlogon protocol contains a flaw that allows an authentication
+bypass. This was reported and patched by Microsoft as CVE-2020-1472.
+Since the bug is a protocol level flaw, and Samba implements the
+protocol, Samba is also vulnerable.
+
+However, since version 4.8 (released in March 2018), the default
+behaviour of Samba has been to insist on a secure netlogon channel,
+which is a sufficient fix against the known exploits. This default is
+equivalent to having 'server schannel = yes' in the smb.conf.
+
+Therefore versions 4.8 and above are not vulnerable unless they have
+the smb.conf lines 'server schannel = no' or 'server schannel = auto'.
+
+Samba versions 4.7 and below are vulnerable unless they have 'server
+schannel = yes' in the smb.conf.
+
+Note each domain controller needs the correct settings in its smb.conf.
+
+Vendors supporting Samba 4.7 and below are advised to patch their
+installations and packages to add this line to the [global] section if
+their smb.conf file.
+
+The 'server schannel = yes' smb.conf line is equivalent to Microsoft's
+'FullSecureChannelProtection=1' registry key, the introduction of
+which we understand forms the core of Microsoft's fix.
+
+Some domains employ third-party software that will not work with a
+'server schannel = yes'. For these cases patches are available that
+allow specific machines to use insecure netlogon. For example, the
+following smb.conf:
+
+   server schannel = yes
+   server require schannel:triceratops$ = no
+   server require schannel:greywacke$ = no
+
+will allow only "triceratops$" and "greywacke$" to avoid schannel.
+
+More details can be found here:
+https://www.samba.org/samba/security/CVE-2020-1472.html
+
 
 UPGRADING
 =
@@ -78,19 +131,47 @@ REMOVED FEATURES
 
 The deprecated "ldap ssl ads" smb.conf option has been removed.
 
+The deprecated "server schannel" smb.conf option will very likely
+removed in the final 4.13.0 release.
+
+
 smb.conf changes
 
 
-  Parameter Name DescriptionDefault
-  -- ------
-  ldap ssl ads   removed
-  smb2 disable lock sequence checking  No
-  domain logons  Deprecated no
-  raw NTLMv2 authDeprecated no
-  client plaintext auth  Deprecated no
-  client NTLMv2 auth Deprecated yes
-  client lanman auth Deprecated no
-  client use spnego  Deprecated yes
+  Parameter Name  DescriptionDefault
+  --  ------
+  ldap ssl adsRemoved
+  smb2 disable lock sequence checking Added  No
+  smb2 disable oplock break retry Added  No
+  domain logons   Deprecated no
+  raw NTLMv2 auth Deprecated no
+  client plaintext auth   Deprecated no
+  client NTLMv2 auth  Deprecated yes
+  client lanman auth  Deprecated no
+  client use spnego   Deprecated yes
+  server schannel To be removed in 4.13.0
+  server require schannel:COMPUTERAdded
+
+
+CHANGES SINCE 4.13.0rc5
+===
+
+o  Jeremy Allison 
+   * BUG 14497: CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Protect
+ netr_ServerPasswordSet2 against unencrypted passwords.
+
+o  Günther Deschner 
+   * BUG 14497: CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Support
+ "server require schannel:WORKSTATION$ = no" about unsecure configurations.
+
+o  Gary Lockyer 
+   * BUG 14497: CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in
+ client challenge.
+
+o  Stefan Metzmacher 
+   * BUG 14497: CVE-2020-1472(ZeroLogon): libcli/auth: Reject weak client
+ challenges in netlogon_creds_server_init()
+ "server require schannel:WORKSTATION$ = no".
 
 
 CHANGES SINCE 4.13.0rc4
diff --git a/docs-xml/smbdotconf/security/serverschannel.xml 
b/docs-xml/smbdotconf/security/serverschannel.xml
index 489492d79b1..b682d086f76 100644
--- a/do

[Announce] Samba 4.13.0rc6 Available for Download

[Stefan Metzmacher via samba-announce]

Domain Controller to a Samba Active Directory DC
to ensure full operation with modern windows clients.

SMBv1 only protocol options deprecated
--

A number of smb.conf parameters for less-secure authentication methods
which are only possible over SMBv1 are deprecated in this release.

REMOVED FEATURES


The deprecated "ldap ssl ads" smb.conf option has been removed.

The deprecated "server schannel" smb.conf option will very likely
removed in the final 4.13.0 release.


smb.conf changes


  Parameter Name  DescriptionDefault
  --  ------
  ldap ssl adsRemoved
  smb2 disable lock sequence checking Added  No
  smb2 disable oplock break retry Added  No
  domain logons   Deprecated no
  raw NTLMv2 auth Deprecated no
  client plaintext auth   Deprecated no
  client NTLMv2 auth  Deprecated yes
  client lanman auth  Deprecated no
  client use spnego   Deprecated yes
  server schannel To be removed in 4.13.0
  server require schannel:COMPUTERAdded


CHANGES SINCE 4.13.0rc5
===

o  Jeremy Allison 
   * BUG 14497: CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Protect
 netr_ServerPasswordSet2 against unencrypted passwords.

o  Günther Deschner 
   * BUG 14497: CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Support
 "server require schannel:WORKSTATION$ = no" about unsecure configurations.

o  Gary Lockyer 
   * BUG 14497: CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in
 client challenge.

o  Stefan Metzmacher 
   * BUG 14497: CVE-2020-1472(ZeroLogon): libcli/auth: Reject weak client
 challenges in netlogon_creds_server_init()
 "server require schannel:WORKSTATION$ = no".


CHANGES SINCE 4.13.0rc4
===

o  Andreas Schneider 
   * BUG 14399: waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS >
 3.6.14.
   * BUG 14467: s3:smbd: Fix %U substitutions if it contains a domain name.
   * BUG 14479: The created krb5.conf for 'net ads join' doesn't have a domain
 entry.

o  Stefan Metzmacher 
   * BUG 14482: Fix build problem if libbsd-dev is not installed.


CHANGES SINCE 4.13.0rc3
===

o  David Disseldorp 
   * BUG 14437: build: Toggle vfs_snapper using "--with-shared-modules".

o  Volker Lendecke 
   * BUG 14465: idmap_ad does not deal properly with a RFC4511 section 4.4.1
 response.

o  Stefan Metzmacher 
   * BUG 14428: PANIC: Assert failed in get_lease_type().
   * BUG 14465: idmap_ad does not deal properly with a RFC4511 section 4.4.1
 response.


CHANGES SINCE 4.13.0rc2
===

o  Andrew Bartlett 
   * BUG 14460: Deprecate domain logons, SMBv1 things.

o  Günther Deschner 
   * BUG 14318: docs: Add missing winexe manpage.

o  Christof Schmitt 
   * BUG 14166: util: Allow symlinks in directory_create_or_exist.

o  Martin Schwenke 
   * BUG 14466: ctdb disable/enable can fail due to race condition.


CHANGES SINCE 4.13.0rc1
===

o  Andrew Bartlett 
   * BUG 14450: dbcheck: Allow a dangling forward link outside our known NCs.

o  Isaac Boukris 
   * BUG 14462: Remove deprecated "ldap ssl ads" smb.conf option.

o  Volker Lendecke 
   * BUG 14435: winbind: Fix lookuprids cache problem.

o  Stefan Metzmacher 
   * BUG 14354: kdc:db-glue: Ignore KRB5_PROG_ETYPE_NOSUPP also for
 Primary:Kerberos.

o  Andreas Schneider 
   * BUG 14358: docs: Fix documentation for require_membership_of of
 pam_winbind.conf.

o  Martin Schwenke 
   * BUG 1: ctdb-scripts: Use nfsconf as a last resort get nfsd thread
 count.


KNOWN ISSUES


https://wiki.samba.org/index.php/Release_Planning_for_Samba_4.13#Release_blocking_bugs


###
Reporting bugs & Development Discussion
###

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.  All bug reports should
be filed under the Samba 4.1 and newer product in the project's Bugzilla
database (https://bugzilla.samba.org/).


==
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
==



Download Details

[SCM] Samba Website Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  d4b14c9 NEWS[4.13.0rc6]: Samba 4.13.0rc6 Available for Download
  from  bfb8593 Samba 4.12.7, 4.11.13 and 4.10.18 Security Releases.

https://git.samba.org/?p=samba-web.git;a=shortlog;h=master


- Log -
commit d4b14c91d82b75c611b104bb572d7d353310c3da
Author: Stefan Metzmacher 
Date:   Fri Sep 18 15:14:31 2020 +0200

NEWS[4.13.0rc6]: Samba 4.13.0rc6 Available for Download

Signed-off-by: Stefan Metzmacher 

---

Summary of changes:
 posted_news/20200918-131644.4.13.0rc6.body.html | 12 
 posted_news/20200918-131644.4.13.0rc6.headline.html |  3 +++
 2 files changed, 15 insertions(+)
 create mode 100644 posted_news/20200918-131644.4.13.0rc6.body.html
 create mode 100644 posted_news/20200918-131644.4.13.0rc6.headline.html


Changeset truncated at 500 lines:

diff --git a/posted_news/20200918-131644.4.13.0rc6.body.html 
b/posted_news/20200918-131644.4.13.0rc6.body.html
new file mode 100644
index 000..514ca4b
--- /dev/null
+++ b/posted_news/20200918-131644.4.13.0rc6.body.html
@@ -0,0 +1,12 @@
+
+18 September 2020
+Samba 4.13.0rc6 Available for Download
+
+This is the 6th release candidate of the upcoming Samba 4.13 release series.
+
+
+The uncompressed tarball has been signed using GnuPG (ID 6F33915B6568B7EA).
+The source code can be https://download.samba.org/pub/samba/rc/samba-4.13.0rc6.tar.gz";>downloaded
 now.
+See https://download.samba.org/pub/samba/rc/samba-4.13.0rc6.WHATSNEW.txt";>the 
release notes for more info.
+
+
diff --git a/posted_news/20200918-131644.4.13.0rc6.headline.html 
b/posted_news/20200918-131644.4.13.0rc6.headline.html
new file mode 100644
index 000..4fb3d26
--- /dev/null
+++ b/posted_news/20200918-131644.4.13.0rc6.headline.html
@@ -0,0 +1,3 @@
+
+ 18 September 2020 Samba 4.13.0rc6 Available for 
Download
+


-- 
Samba Website Repository

[SCM] Samba Shared Repository - annotated tag samba-4.13.0rc6 created

[Stefan Metzmacher]

The annotated tag, samba-4.13.0rc6 has been created
at  490dae0a691b97957ade16b43576feb7f64ab60d (tag)
   tagging  09ef8ab5099ce8fe42638c351ba8ccd4507361e1 (commit)
  replaces  samba-4.13.0rc5
 tagged by  Stefan Metzmacher
on  Fri Sep 18 15:14:14 2020 +0200

- Log -
samba: tag release samba-4.13.0rc6
-BEGIN PGP SIGNATURE-

iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCX2SypgAKCRBvM5FbZWi3
6kRlAJ9dGZFO56fCaUCPDZNxgQJA3/cRaQCguidXoLtL5LnC6+xT5Hc64XZReMk=
=GP36
-END PGP SIGNATURE-

Gary Lockyer (2):
  CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty machine acct pwd
  CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client 
challenge

Günther Deschner (3):
  CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: refactor 
dcesrv_netr_creds_server_step_check()
  CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: support "server require 
schannel:WORKSTATION$ = no"
  CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log warnings about 
unsecure configurations

Jeremy Allison (2):
  CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Fix mem leak onto 
p->mem_ctx in error path of _netr_ServerPasswordSet2().
  CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: protect 
netr_ServerPasswordSet2 against unencrypted passwords

Karolin Seeger (1):
  VERSION: Bump version up to 4.13.0rc5...

Stefan Metzmacher (16):
  CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_random_challenge()
  CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of 
netlogon_creds_random_challenge()
  CVE-2020-1472(ZeroLogon): libcli/auth: make use of 
netlogon_creds_random_challenge() in netlogon_creds_cli.c
  CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make use of 
netlogon_creds_random_challenge()
  CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make use of 
netlogon_creds_random_challenge()
  CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_is_random_challenge() to avoid weak values
  CVE-2020-1472(ZeroLogon): libcli/auth: reject weak client challenges in 
netlogon_creds_server_init()
  CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: protect 
netr_ServerPasswordSet2 against unencrypted passwords
  CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: refactor 
dcesrv_netr_creds_server_step_check()
  CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: support "server require 
schannel:WORKSTATION$ = no"
  CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log warnings about 
unsecure configurations
  CVE-2020-1472(ZeroLogon): docs-xml: document 'server require 
schannel:COMPUTERACCOUNT'
  WHATSNEW: document the 'smb2 disable oplock break retry' option
  WHATSNEW: document the planed removal of "server schannel"
  WHATSNEW: Add release notes for Samba 4.13.0rc6.
  VERSION: Disable GIT_SNAPSHOT for the 4.13.0rc6 release.

---


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-13-test updated

[Stefan Metzmacher]

The branch, v4-13-test has been updated
   via  d8b4efed45c VERSION: Bump version up to 4.13.0rc7...
   via  09ef8ab5099 VERSION: Disable GIT_SNAPSHOT for the 4.13.0rc6 release.
   via  de91bb3d467 WHATSNEW: Add release notes for Samba 4.13.0rc6.
   via  049388aeb94 WHATSNEW: document the planed removal of "server 
schannel"
   via  ba279325b7a WHATSNEW: document the 'smb2 disable oplock break 
retry' option
   via  e4dc8227ae1 CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated 
bytes in client challenge
   via  7c88d85ca8c CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty 
machine acct pwd
   via  e5c7800b096 CVE-2020-1472(ZeroLogon): docs-xml: document 'server 
require schannel:COMPUTERACCOUNT'
   via  6192153da9a CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log 
warnings about unsecure configurations
   via  b93e1dcd154 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
support "server require schannel:WORKSTATION$ = no"
   via  7ab19ec5a10 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
refactor dcesrv_netr_creds_server_step_check()
   via  32dd379f30a CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log 
warnings about unsecure configurations
   via  b6f91e77ef4 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
support "server require schannel:WORKSTATION$ = no"
   via  befc2aca239 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
refactor dcesrv_netr_creds_server_step_check()
   via  6e8f1830382 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: 
protect netr_ServerPasswordSet2 against unencrypted passwords
   via  4ad58d61ba1 CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Fix 
mem leak onto p->mem_ctx in error path of _netr_ServerPasswordSet2().
   via  ed94cb18f01 CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: 
protect netr_ServerPasswordSet2 against unencrypted passwords
   via  ba9110a17d7 CVE-2020-1472(ZeroLogon): libcli/auth: reject weak 
client challenges in netlogon_creds_server_init()
   via  fdac15704f9 CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_is_random_challenge() to avoid weak values
   via  afa0ec41cbb CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make 
use of netlogon_creds_random_challenge()
   via  5f28e4f7473 CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make 
use of netlogon_creds_random_challenge()
   via  acf80197316 CVE-2020-1472(ZeroLogon): libcli/auth: make use of 
netlogon_creds_random_challenge() in netlogon_creds_cli.c
   via  9d90cd2b509 CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of 
netlogon_creds_random_challenge()
   via  b57b6004db8 CVE-2020-1472(ZeroLogon): libcli/auth: add 
netlogon_creds_random_challenge()
  from  45d4e546067 VERSION: Bump version up to 4.13.0rc5...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test


- Log -
commit d8b4efed45cb45ba61b48308e713d3cbe240a500
Author: Stefan Metzmacher 
Date:   Fri Sep 18 14:05:27 2020 +0200

VERSION: Bump version up to 4.13.0rc7...

    and re-enable GIT_SNAPSHOT.

Signed-off-by: Stefan Metzmacher 

commit 09ef8ab5099ce8fe42638c351ba8ccd4507361e1
Author: Stefan Metzmacher 
Date:   Fri Sep 18 14:04:45 2020 +0200

VERSION: Disable GIT_SNAPSHOT for the 4.13.0rc6 release.

Signed-off-by: Stefan Metzmacher 

commit de91bb3d467f9562138370882befb9c4f2e77d12
Author: Stefan Metzmacher 
Date:   Fri Sep 18 14:03:37 2020 +0200

WHATSNEW: Add release notes for Samba 4.13.0rc6.

CVE-2020-1472: Samba impact of "ZeroLogon".

Signed-off-by: Stefan Metzmacher 

commit 049388aeb94a69adba08da0e4169071e3354fedd
Author: Stefan Metzmacher 
Date:   Fri Sep 18 14:01:29 2020 +0200

WHATSNEW: document the planed removal of "server schannel"

Also add "server require schannel:COMPUTER"

Signed-off-by: Stefan Metzmacher 

commit ba279325b7afcb610a716839c3db3b139593ad5a
Author: Stefan Metzmacher 
Date:   Fri Sep 18 13:59:26 2020 +0200

WHATSNEW: document the 'smb2 disable oplock break retry' option

Signed-off-by: Stefan Metzmacher 

commit e4dc8227ae1e28ef7f49d0903d057c7f7912ca27
Author: Gary Lockyer 
Date:   Fri Sep 18 15:57:34 2020 +1200

CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge

Ensure that client challenges with the first 5 bytes identical are
rejected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Gary Lockyer 

[abart...@samba.org: backported from master as test order was flipped]

commit 7c88d85ca8c513f0fe967f91f4ea64d8f63d0aee
Author: Gary Lockyer 
Date:   Fri Sep 18 12:39:54 2020 +1200

CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty machine acct pwd

Ensure that an empty machine account password can't be set by
netr_Ser

[SCM] Samba Shared Repository - branch v4-13-stable updated

[Stefan Metzmacher]

p/session_expiry.c  | 121 +
 source4/torture/wscript_build  |  13 +-
 wscript_configure_system_gnutls|   5 +-
 25 files changed, 674 insertions(+), 98 deletions(-)
 create mode 100755 nsswitch/tests/test_ticket_expiry.sh
 create mode 100644 source4/torture/ldap/session_expiry.c


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 2d5192ae9fa..7f954aee9e0 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
 # e.g. SAMBA_VERSION_RC_RELEASE=1  #
 #  ->  "3.0.0rc1"  #
 
-SAMBA_VERSION_RC_RELEASE=3
+SAMBA_VERSION_RC_RELEASE=5
 
 
 # To mark SVN snapshots this should be set to 'yes'#
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 81d9300df94..467d4c0dfc5 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
 Release Announcements
 =
 
-This is the third release condidate of Samba 4.13.  This is *not*
+This is the fifth release condidate of Samba 4.13.  This is *not*
 intended for production environments and is designed for testing
 purposes only.  Please report any defects via the Samba bug reporting
 system at https://bugzilla.samba.org/.
@@ -16,16 +16,22 @@ UPGRADING
 NEW FEATURES/CHANGES
 
 
-Python 3.6 Required

+Python 3.6 or later required
+
 
 Samba's minimum runtime requirement for python was raised to Python
 3.5 with samba 4.12.  Samba 4.13 raises this minimum version to Python
 3.6 both to access new features and because this is the oldest version
 we test with in our CI infrastructure.
 
-(Build time support for the file server with Python 2.6 has not
-changed)
+This is also the last release where it will be possible to build Samba
+(just the file server) with Python versions 2.6 and 2.7.
+
+As Python 2.7 has been End Of Life upstream since April 2020, Samba
+is dropping ALL Python 2.x support in the NEXT release.
+
+Samba 4.14 to be released in March 2021 will require Python 3.6 or
+later to build.
 
 wide links functionality
 
@@ -87,6 +93,36 @@ smb.conf changes
   client use spnego  Deprecated yes
 
 
+CHANGES SINCE 4.13.0rc4
+===
+
+o  Andreas Schneider 
+   * BUG 14399: waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS >
+ 3.6.14.
+   * BUG 14467: s3:smbd: Fix %U substitutions if it contains a domain name.
+   * BUG 14479: The created krb5.conf for 'net ads join' doesn't have a domain
+ entry.
+
+o  Stefan Metzmacher 
+   * BUG 14482: Fix build problem if libbsd-dev is not installed.
+
+
+CHANGES SINCE 4.13.0rc3
+===
+
+o  David Disseldorp 
+   * BUG 14437: build: Toggle vfs_snapper using "--with-shared-modules".
+
+o  Volker Lendecke 
+   * BUG 14465: idmap_ad does not deal properly with a RFC4511 section 4.4.1
+ response.
+
+o  Stefan Metzmacher 
+   * BUG 14428: PANIC: Assert failed in get_lease_type().
+   * BUG 14465: idmap_ad does not deal properly with a RFC4511 section 4.4.1
+ response.
+
+
 CHANGES SINCE 4.13.0rc2
 ===
 
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 55c8903f1c8..64f305d6df0 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -876,6 +876,9 @@ def build(bld):
 if bld.CONFIG_SET('HAVE_LIBRT'): extra_libs += ' rt'
 if bld.CONFIG_SET('REPLACE_REQUIRES_LIBSOCKET_LIBNSL'): extra_libs += ' 
socket nsl'
 
+if not bld.CONFIG_SET('HAVE_CLOSEFROM'):
+REPLACE_HOSTCC_SOURCE += ' closefrom.c'
+
 bld.SAMBA_SUBSYSTEM('LIBREPLACE_HOSTCC',
 REPLACE_HOSTCC_SOURCE,
 use_hostcc=True,
diff --git a/nsswitch/tests/test_ticket_expiry.sh 
b/nsswitch/tests/test_ticket_expiry.sh
new file mode 100755
index 000..3b98b0fe87a
--- /dev/null
+++ b/nsswitch/tests/test_ticket_expiry.sh
@@ -0,0 +1,74 @@
+#!/bin/sh
+# Test winbind ad backend behaviour when the kerberos ticket expires
+
+if [ $# -ne 1 ]; then
+echo Usage: $0 DOMAIN
+exit 1
+fi
+
+DOMAIN="$1"
+
+wbinfo="$VALGRIND $BINDIR/wbinfo"
+net="$VALGRIND $BINDIR/net"
+
+failed=0
+
+. `dirname $0`/../../testprogs/blackbox/subunit.sh
+
+DOMAIN_SID=$($wbinfo -n "$DOMAIN/" | cut -f 1 -d " ")
+if [ $? -ne 0 ] ; then
+echo "Could not find domain SID" | subunit_fail_test "test_idmap_ad"
+exit 1
+fi
+ADMINS_SID="$DOMAIN_SID-512"
+
+# Previous tests might have put in a mapping
+$net cache del IDMAP/SID2XID/"$ADMINS_SID"
+
+# Trigger a winbind ad connection with a 5-second ticket lifetime,
+# see the smb.conf for the ad_member_idmap_ad environment

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  0022cd94587 lib/replace: move lib/replace/closefrom.c from 
ROKEN_HOSTCC_SOURCE to REPLACE_HOSTCC_SOURCE
  from  c760ed61907 gitlab-ci: Fix the sha1sum

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 0022cd94587b805a525b0b9ef71ff0f15780424a
Author: Stefan Metzmacher 
Date:   Tue Sep 8 10:13:20 2020 +

lib/replace: move lib/replace/closefrom.c from ROKEN_HOSTCC_SOURCE to 
REPLACE_HOSTCC_SOURCE

This is where it really belongs and we avoid the strange interaction
with source4/heimdal_build/config.h. This a follow up for commit
f31333d40e6fa38daa32a3ebb32d5a317c06fc62.

This fixes a build problem if libbsd-dev is not installed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14482

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Alexander Bokovoy 
Reviewed-by: Andreas Schneider 
Reviewed-by: Björn Jacke 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Tue Sep  8 13:59:58 UTC 2020 on sn-devel-184

---

Summary of changes:
 lib/replace/wscript | 3 +++
 source4/heimdal_build/wscript_build | 7 +--
 2 files changed, 4 insertions(+), 6 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/replace/wscript b/lib/replace/wscript
index 25461153749..85bc11d2f01 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -874,6 +874,9 @@ def build(bld):
 if bld.CONFIG_SET('HAVE_LIBRT'): extra_libs += ' rt'
 if bld.CONFIG_SET('REPLACE_REQUIRES_LIBSOCKET_LIBNSL'): extra_libs += ' 
socket nsl'
 
+if not bld.CONFIG_SET('HAVE_CLOSEFROM'):
+REPLACE_HOSTCC_SOURCE += ' closefrom.c'
+
 bld.SAMBA_SUBSYSTEM('LIBREPLACE_HOSTCC',
 REPLACE_HOSTCC_SOURCE,
 use_hostcc=True,
diff --git a/source4/heimdal_build/wscript_build 
b/source4/heimdal_build/wscript_build
index f7ff33160ca..09c525c2957 100644
--- a/source4/heimdal_build/wscript_build
+++ b/source4/heimdal_build/wscript_build
@@ -391,12 +391,7 @@ if not bld.CONFIG_SET('USING_SYSTEM_ROKEN'):
 ../heimdal_build/replace.c
 '''
 
-if not bld.CONFIG_SET('HAVE_CLOSEFROM'):
-ROKEN_HOSTCC_SOURCE = ROKEN_COMMON_SOURCE + '''
-../../lib/replace/closefrom.c
-'''
-else:
-ROKEN_HOSTCC_SOURCE = ROKEN_COMMON_SOURCE
+ROKEN_HOSTCC_SOURCE = ROKEN_COMMON_SOURCE
 
 ROKEN_SOURCE = ROKEN_COMMON_SOURCE + '''
 lib/roken/resolve.c


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  0b742ec6a05 s4:smb_server: Use cli_credentials_init_server() for 
negprot
   via  6c94ebf77fd s4:rpc_server: Use cli_credentials_init_server()
   via  2c00bea2aef auth:creds: Add cli_credentials_init_server()
   via  515cffb1f20 auth:gensec: If Kerberos is required, keep schannel for 
machine account auth
   via  a33a40bbc84 auth:gensec: Pass use_kerberos and keep_schannel to 
gensec_use_kerberos_mechs()
   via  2186d4131ad auth:gensec: Make gensec_use_kerberos_mechs() a static 
function
   via  5e3363e0b82 s4:ldap_server: Use samba_server_gensec_start() in 
ldapsrv_backend_Init()
   via  b34e8dc8982 auth:gensec: Add gensec_security_sasl_names()
   via  5fc3a71d0f5 waf: upgrade to 2.0.20
   via  896b7bbcf25 bootstrap: install perl-JSON on on rpm distributions
   via  e0e51632cf7 bootstrap: document git push -o 
ci.variable='SAMBA_CI_REBUILD_IMAGES=yes'
   via  b716dbc9768 python/tests/gpo: this should fix a Popen deadlock
  from  6444a743525 s3:libads: Also add a realm entry for the domain name

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 0b742ec6a0558397d5cf01b99a401f8e2bc0e2e0
Author: Andreas Schneider 
Date:   Mon Sep 7 09:19:43 2020 +0200

s4:smb_server: Use cli_credentials_init_server() for negprot

Signed-off-by: Andreas Schneider 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Mon Sep  7 13:22:26 UTC 2020 on sn-devel-184

commit 6c94ebf77fdb7383be2042f5e20ba2ef598cd4a4
Author: Andreas Schneider 
Date:   Fri Sep 4 12:21:36 2020 +0200

s4:rpc_server: Use cli_credentials_init_server()

Signed-off-by: Andreas Schneider 

commit 2c00bea2aefdcc69608dffdafa7ce581d31f9354
Author: Andreas Schneider 
Date:   Fri Sep 4 12:21:21 2020 +0200

auth:creds: Add cli_credentials_init_server()

Signed-off-by: Andreas Schneider 
Reviewed-by: Stefan Metzmacher 

commit 515cffb1f20eacb041ff7b3d43f8a122a82ddfbd
Author: Stefan Metzmacher 
Date:   Fri Sep 4 17:00:45 2020 +0200

auth:gensec: If Kerberos is required, keep schannel for machine account auth

Signed-off-by: Stefan Metzmacher 
Signed-off-by: Andreas Schneider 

commit a33a40bbc848e5691869cf264009d23a03128f31
Author: Stefan Metzmacher 
Date:   Fri Sep 4 14:41:43 2020 +0200

auth:gensec: Pass use_kerberos and keep_schannel to 
gensec_use_kerberos_mechs()

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

commit 2186d4131ad4c7961d0c830bf9d48f3d06d27924
Author: Stefan Metzmacher 
Date:   Fri Sep 4 14:39:15 2020 +0200

auth:gensec: Make gensec_use_kerberos_mechs() a static function

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

commit 5e3363e0b82193700f91a9bae5080aae0b744e5c
Author: Stefan Metzmacher 
Date:   Fri Sep 4 10:48:27 2020 +0200

s4:ldap_server: Use samba_server_gensec_start() in ldapsrv_backend_Init()

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

commit b34e8dc8982b625d946e2ac8794ee41311bc41c2
Author: Stefan Metzmacher 
Date:   Fri Sep 4 10:47:54 2020 +0200

auth:gensec: Add gensec_security_sasl_names()

Pair-Programmed-With: Andreas Schneider 

Signed-off-by: Andreas Schneider 
Signed-off-by: Stefan Metzmacher 

commit 5fc3a71d0f54b176d3cb2e399718d0468507e797
Author: David Mulder 
Date:   Mon Aug 24 13:12:46 2020 -0600

waf: upgrade to 2.0.20

This contain an important change:
"Fix gccdeps.scan() returning nodes that no longer exist on disk."
https://gitlab.com/ita1024/waf/-/merge_requests/2293

Signed-off-by: David Mulder 
    Reviewed-by: Stefan Metzmacher 

commit 896b7bbcf25b336a970441396d8e60c3d115a1b9
Author: Stefan Metzmacher 
Date:   Fri Apr 3 12:16:08 2020 +0200

bootstrap: install perl-JSON on on rpm distributions

This will be needed for the next heimdal import.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 

commit e0e51632cf77be439ebcbcba025a42e8558fa824
Author: Stefan Metzmacher 
Date:   Thu Aug 6 15:27:24 2020 +0200

bootstrap: document git push -o ci.variable='SAMBA_CI_REBUILD_IMAGES=yes'

This is much easier than going through the web interface.
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 

commit b716dbc9768bd6a0ef7d016a9c79e8759e383732
Author: Stefan Metzmacher 
Date:   Mon Sep 7 10:31:36 2020 +0200

python/tests/gpo: this should fix a Popen deadlock

It is inspired by commit 5dc773a5b00834c7a53130a73a48f49048bd55e8
   Author: Joe Guo 
   Date:   Fri Sep 15 16:13:26 2017 +1200

  python: use communicate to fix Popen deadlock

  `Popen.wait()` will deadlock when using stdout=PIPE and/or 
stderr=PIPE and the
  child process generates large output

[SCM] Samba Shared Repository - branch v4-13-test updated

[Stefan Metzmacher]

The branch, v4-13-test has been updated
   via  df1ff55deb9 s3:share_mode_lock: remove unused reproducer for bug 
#14428
   via  0a682a18986 s3:share_mode_lock: make sure 
share_mode_cleanup_disconnected() removes the record
   via  b83efaec198 s3:share_mode_lock: add missing 'goto done' in 
share_mode_cleanup_disconnected()
   via  8a8b90eba76 s3:share_mode_lock: consistently debug share_mode_entry 
records
   via  4aa4f12f533 s3:share_mode_lock: let 
share_mode_forall_entries/share_entry_forall evaluate e.stale first
   via  e62a37e9748 s3:share_mode_lock: reproduce problem with stale 
disconnected share mode entries
   via  431192896a2 s3:selftest: also run durable_v2_reconnect_delay_msec 
in samba3.blackbox.durable_v2_delay
   via  1549dc56280 tldap: Receiving "msgid == 0" means the connection is 
dead
   via  c785fc601de test: Test winbind idmap_ad ticket expiry behaviour
   via  725dda2b809 idmap_ad: Pass tldap debug messages on to DEBUG()
   via  4a4af2c2534 tldap: Add PRINTF_ATTRIBUTE declaration to tldap_debug()
   via  4f695a62055 tldap: Make sure all requests are cancelled on rundown
   via  468286f4c8a tldap: Centralize connection rundown on error
   via  4b02185ecc1 tldap: Maintain the ldap read request in tldap_context
   via  a3758fa56ec tldap: Always remove ourselves from ld->pending at 
cleanup time
   via  73deb8332a5 tldap: Fix tldap_msg_received()
   via  67676bc4f5e tldap: Only free() ld->pending if "req" is part of it
   via  3824ce0de3b ldap_server: Terminate LDAP connections on krb ticket 
expiry
   via  caf9cfa8653 ldap_server: Add the krb5 expiry to conn->limits
   via  6179ac98e6f torture: Test ldap session expiry
   via  fa74a0a2f66 build: Wrap a long line
  from  04630942058 VERSION: Bump version up to 4.13.0rc4...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test


- Log -
commit df1ff55deb92827eb502c1857a0039743752c6b3
Author: Stefan Metzmacher 
Date:   Fri Aug 28 16:28:41 2020 +0200

s3:share_mode_lock: remove unused reproducer for bug #14428

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Mon Aug 31 13:34:17 UTC 2020 on sn-devel-184

(cherry picked from commit b02f1d676f6e62a0a4b33b9b08f8f51a68b561ca)

Autobuild-User(v4-13-test): Stefan Metzmacher 
Autobuild-Date(v4-13-test): Thu Sep  3 14:55:14 UTC 2020 on sn-devel-184

commit 0a682a1898695839fe4933af61c8a1d4068005a3
Author: Stefan Metzmacher 
Date:   Fri Aug 28 16:28:41 2020 +0200

s3:share_mode_lock: make sure share_mode_cleanup_disconnected() removes the 
record

This fixes one possible trigger for "PANIC: assert failed in 
get_lease_type()"
https://bugzilla.samba.org/show_bug.cgi?id=14428

This is no longer enough to remove the record:

   d->have_share_modes = false;
   d->modified = true;

Note that we can remove it completely from
share_mode_cleanup_disconnected() as
share_mode_forall_entries() already sets it
when there are no entries left.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 
(cherry picked from commit b5c0874fd5d31e252cf9ac8b84bde5c536b1e8ef)

commit b83efaec1981600668fae5f67a483c2c698b6e68
Author: Stefan Metzmacher 
Date:   Fri Aug 28 15:56:35 2020 +0200

s3:share_mode_lock: add missing 'goto done' in 
share_mode_cleanup_disconnected()

When cleanup_disconnected_lease() fails we should stop,
at least we do that if brl_cleanup_disconnected() fails.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 1aa1ac97082f81f6dc62f345823d2dd345e0afd7)

commit 8a8b90eba76b94f3d7291ccc86fe1e80d4423ff3
Author: Stefan Metzmacher 
Date:   Fri Aug 28 15:56:35 2020 +0200

s3:share_mode_lock: consistently debug share_mode_entry records

share_mode_entry_do(), share_mode_forall_entries() and
share_entry_forall() print the record before the callback is called
and when it was modified or deleted.

This makes it much easier to debug problems.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 4d740ac2084a68c6d4836cd83ea5d5f1ee9d37a2)

commit 4aa4f12f5333bd4913989ae1f54027e480535eb4
Author: Stefan Metzmacher 
Date:   Fri Aug 28 15:56:35 2020 +0200

s3:share_mode_lock: let share_mode_forall_entries/share_entry_forall 
evaluate e.stale first

It's not really clear why e

[SCM] Samba Shared Repository - branch v4-13-test updated

[Stefan Metzmacher]

The branch, v4-13-test has been updated
   via  58627af19cc ctdb-recoverd: Rename update_local_flags() -> 
update_flags()
   via  98580fca5f6 ctdb-recoverd: Change update_local_flags() to use 
already retrieved nodemaps
   via  8e10b67f315 ctdb-recoverd: Get remote nodemaps earlier
   via  7fe08880958 ctdb-recoverd: Do not fetch the nodemap from the 
recovery master
   via  48ca1987350 ctdb-recoverd: Change get_remote_nodemaps() to use 
connected nodes
   via  a1f00ebef11 ctdb-recoverd: Fix node_pnn check and assignment of 
nodemap into array
   via  da94f78c55e ctdb-recoverd: Add fail callback to assign banning 
credits
   via  05b46fa631b ctdb-recoverd: Add an intermediate state struct for 
nodemap fetching
   via  092beb2f6f1 ctdb-recoverd: Move memory allocation into 
get_remote_nodemaps()
   via  97ed7d289c7 ctdb-recoverd: Change signature of get_remote_nodemaps()
   via  245f0043d88 ctdb-recoverd: Fix a local memory leak
   via  772dfb02d45 ctdb-recoverd: Basic cleanups for get_remote_nodemaps()
   via  3261adfc84f ctdb-recoverd: Simplify calculation of new flags
   via  991907cf217 ctdb-recoverd: Correctly find nodemap entry for pnn
   via  b0bf26df6c8 ctdb-recoverd: Do not retrieve nodemap from recovery 
master
   via  6d8271ff3b7 ctdb-recoverd: Flatten update_flags_on_all_nodes()
   via  267bb7faf22 ctdb-recoverd: Move ctdb_ctrl_modflags() to 
ctdb_recoverd.c
   via  299d4e3f3b0 ctdb-recoverd: Improve a call to 
update_flags_on_all_nodes()
   via  abc8222fa5d ctdb-recoverd: Use update_flags_on_all_nodes()
   via  6fc2ec1653a ctdb-recoverd: Introduce some local variables to 
improve readability
   via  3e3124afa3b ctdb-recoverd: Change update_flags_on_all_nodes() to 
take rec argument
   via  5ad1f837d65 ctdb-recoverd: Drop unused nodemap argument from 
update_flags_on_all_nodes()
   via  51f8ccf2887 docs: Add missing winexe manpage
  from  e0aa042c518 WHATSNEW: list deprecated parameters

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test


- Log -
commit 58627af19cc9d57d4d36d26406884c7e35036929
Author: Martin Schwenke 
Date:   Wed Jan 24 10:21:37 2018 +1100

ctdb-recoverd: Rename update_local_flags() -> update_flags()

This also updates remote flags so the name is misleading.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke 
Reviewed-by: Amitay Isaacs 
(cherry picked from commit 4aa8e72d60e92951b35190d2ffcfdb1bfb756609)

Autobuild-User(v4-13-test): Stefan Metzmacher 
Autobuild-Date(v4-13-test): Thu Aug 27 12:11:01 UTC 2020 on sn-devel-184

commit 98580fca5f681e19d7310006f6e85607a3f7871c
Author: Martin Schwenke 
Date:   Thu Jan 18 20:35:55 2018 +1100

ctdb-recoverd: Change update_local_flags() to use already retrieved nodemaps

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke 
Reviewed-by: Amitay Isaacs 
(cherry picked from commit 702c7c4934e79a9161fdc59df70df30ae492d89f)

commit 8e10b67f315338e0e6640819adcb334e75dd0507
Author: Martin Schwenke 
Date:   Fri Jun 14 03:51:01 2019 +1000

ctdb-recoverd: Get remote nodemaps earlier

update_local_flags() will be changed to use these nodemaps.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke 
Reviewed-by: Amitay Isaacs 
(cherry picked from commit 910a0b3b747a987ba69b6a0b6256e964b7d85dfe)

commit 7fe088809585285aaed835a622d92ebb2dec7406
Author: Martin Schwenke 
Date:   Fri Jun 14 00:23:22 2019 +1000

ctdb-recoverd: Do not fetch the nodemap from the recovery master

The nodemap has already been fetched from the local node and is
actually passed to this function.  Care must be taken to avoid
referencing the "remote" nodemap for the recovery master.  It also
isn't useful to do so, since it would be the same nodemap.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke 
Reviewed-by: Amitay Isaacs 
(cherry picked from commit d50919b0cb28f299c9b6985271b29d4f27c5f619)

commit 48ca1987350683b58c9bd43cd54ea9e2614da337
Author: Martin Schwenke 
Date:   Thu Jan 18 20:02:42 2018 +1100

ctdb-recoverd: Change get_remote_nodemaps() to use connected nodes

The plan here is to use the nodemaps retrieved by get_remote_nodes()
in update_local_flags().  This will improve efficiency, since
get_remote_nodes() fetches flags from nodes in parallel.  It also
means that get_remote_nodes() can be used exactly once early on in
main_loop() to retrieve remote nodemaps.  Retrieving nodemaps multiple
times is unnecessary and racy - a single monitoring iteration should
not fetch flags multiple times and compare them.

This introduces a temporary behaviour change but it will be 

[SCM] Samba Shared Repository - branch v4-13-test updated

[Stefan Metzmacher]

The branch, v4-13-test has been updated
   via  e0aa042c518 WHATSNEW: list deprecated parameters
   via  8dbeb26319c docs: deprecate "raw NTLMv2 auth"
   via  af78b53f114 docs: deprecate "client plaintext auth"
   via  e2b9972f3c6 docs: deprecate "client NTLMv2 auth"
   via  100e32dba49 docs: deprecate "client lanman auth"
   via  7b48056533e docs: deprecate "client use spnego"
   via  1338e3a481b docs: Deprecate NT4-like domains and SMBv1-only 
protocol options
   via  e3c608d27e9 selftest: Do not let deprecated option warnings muck 
this test up
   via  dcf92a69cd0 param: Allow tests to silence deprecation warnings
   via  b44b26b9cd2 selftest: Add test for suppression of deprecation 
warnings
  from  97d3c93e31e util: Add cmocka unit test for 
directory_create_or_exists

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test


- Log -
commit e0aa042c5187fe7eff075123b8fb3a3344fa87a6
Author: Andrew Bartlett 
Date:   Tue Jun 16 22:23:32 2020 +1200

WHATSNEW: list deprecated parameters

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460

    Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Andrew Bartlett 
Autobuild-Date(master): Tue Aug 18 01:32:21 UTC 2020 on sn-devel-184

(cherry picked from commit 20606fd0a4c4697ff99da59f748af6908d929901)

Autobuild-User(v4-13-test): Stefan Metzmacher 
Autobuild-Date(v4-13-test): Mon Aug 24 15:13:30 UTC 2020 on sn-devel-184

commit 8dbeb26319ce82177068bfed8c25c9c1023adf69
Author: Andrew Bartlett 
Date:   Thu Sep 5 16:55:35 2019 +1200

docs: deprecate "raw NTLMv2 auth"

This parameter is appicable only to SMBv1 and we are deprecating SMBv1 
specific
authentication options for possible removal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 8c9d9441edce2e8d7f0428d0ec5e209ed8a55dbc)

commit af78b53f114f0668df7e9439fe0f3f95bcd81979
Author: Andrew Bartlett 
Date:   Thu Sep 5 16:55:23 2019 +1200

docs: deprecate "client plaintext auth"

This parameter is appicable only to SMBv1 and we are deprecating SMBv1 
specific
authentication options for possible removal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 37583b19d2c3dbf3e9d0498a39b8b9d9c727e1d4)

commit e2b9972f3c6719e3834eb1ff3df2c25c465d913c
Author: Andrew Bartlett 
Date:   Thu Sep 5 16:54:01 2019 +1200

docs: deprecate "client NTLMv2 auth"

This parameter is appicable only to SMBv1 and we are deprecating SMBv1 
specific
authentication options for possible removal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 5543c11c8b007b49641758428af7ba3976683438)

commit 100e32dba493e9274350cb7860ff7cc2a41924b6
Author: Andrew Bartlett 
Date:   Thu Sep 5 16:53:46 2019 +1200

docs: deprecate "client lanman auth"

This parameter is appicable only to SMBv1 and we are deprecating SMBv1 
specific
authentication options for possible removal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit ac8e5ea22d9f9b16a79f519f69852b46ac798541)

commit 7b48056533e1ad3b65781f92cfcfc5e080648883
Author: Andrew Bartlett 
Date:   Thu Sep 5 16:53:20 2019 +1200

docs: deprecate "client use spnego"

This parameter is appicable only to SMBv1 and we are deprecating SMBv1 
specific
authentication options for possible removal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 1b85db57e53533ce14beb79f6d949a08f6ef9f91)

commit 1338e3a481be568d39bd2cafe95e89ca12bdac4c
Author: Andrew Bartlett 
Date:   Tue Jun 16 21:46:33 2020 +1200

docs: Deprecate NT4-like domains and SMBv1-only protocol options

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit c6aa710f8da9ef92b388f1c0c59b2dd3c602ad2d)

commit e3c608d27e968d01b439e8d088a18c5d5af9bb45
Author: Andrew Bartlett 
Date:   Mon Aug 10 20:36:53 2020 +1200

selftest: Do not let deprecated option warnings muck this test up

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 9e212dd15e6c484d69f236f3c6d

[cifs-protocol] MS-NRPC FullSecureChannelProtection

[Stefan Metzmacher via cifs-protocol]

Hi DocHelp,

can you please make sure the exact behavior of
HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\FullSecureChannelProtection
 = 1
is fully documented in MS-NRPC?

This is the change introduced by CVE-2020-1472.

Thanks!
metze



signature.asc
Description: OpenPGP digital signature
___
cifs-protocol mailing list
cifs-protocol@lists.samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

[SCM] Samba Shared Repository - branch v4-13-test updated

[Stefan Metzmacher]

The branch, v4-13-test has been updated
   via  97d3c93e31e util: Add cmocka unit test for 
directory_create_or_exists
   via  031618f0acb util: Allow symlinks in directory_create_or_exist
  from  2bd88d076e8 VERSION: Bump version up to 4.13.0rc3...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test


- Log -
commit 97d3c93e31e85f6c69231949aa482554c6351a61
Author: Christof Schmitt 
Date:   Fri Aug 14 12:18:51 2020 -0700

util: Add cmocka unit test for directory_create_or_exists

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14166

Signed-off-by: Christof Schmitt 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Sun Aug 16 07:06:59 UTC 2020 on sn-devel-184

(cherry picked from commit e89ec78e9a262a6e7bb9082323083eb5f1609655)

Autobuild-User(v4-13-test): Stefan Metzmacher 
Autobuild-Date(v4-13-test): Wed Aug 19 09:56:13 UTC 2020 on sn-devel-184

commit 031618f0acb15bb05004c702dbb4ec086c3e27b9
Author: Christof Schmitt 
Date:   Fri Aug 14 09:36:26 2020 -0700

util: Allow symlinks in directory_create_or_exist

Commit 9f60a77e0b updated the check to avoid having files or other
objects instead of a directory. This missed the valid case that there
might be a symlink to a directory. Updated the check accordingly to
allow symlinks to directories.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14166

Signed-off-by: Christof Schmitt 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 672212cecdd7a7de40acdc81c56e2996ea82c090)

---

Summary of changes:
 lib/util/tests/test_util.c | 234 +
 lib/util/util.c|  18 +++-
 lib/util/wscript_build |   6 ++
 selftest/tests.py  |   2 +
 4 files changed, 258 insertions(+), 2 deletions(-)
 create mode 100644 lib/util/tests/test_util.c


Changeset truncated at 500 lines:

diff --git a/lib/util/tests/test_util.c b/lib/util/tests/test_util.c
new file mode 100644
index 000..eebba39e70c
--- /dev/null
+++ b/lib/util/tests/test_util.c
@@ -0,0 +1,234 @@
+/*
+ *  Unix SMB/CIFS implementation.
+ *
+ *  Unit test for util.c
+ *
+ *  Copyright (C) Christof Schmitt 2020
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "lib/util/util.c"
+#include 
+
+struct test_paths {
+   char testdir[PATH_MAX];
+   char none[PATH_MAX];
+   char dir[PATH_MAX];
+   mode_t dir_mode;
+   char file[PATH_MAX];
+   mode_t file_mode;
+   char symlink_none[PATH_MAX];
+   char symlink_dir[PATH_MAX];
+   char symlink_file[PATH_MAX];
+};
+
+static int group_setup(void **state)
+{
+   struct test_paths *paths = NULL;
+   char *testdir = NULL;
+   int ret, fd;
+
+   umask(0);
+
+   paths = malloc(sizeof(struct test_paths));
+   assert_non_null(paths);
+
+   strlcpy(paths->testdir, tmpdir(), sizeof(paths->testdir));
+   strlcat(paths->testdir, "/test_util_XX", sizeof(paths->testdir));
+   testdir = mkdtemp(paths->testdir);
+   assert_non_null(testdir);
+
+   strlcpy(paths->none, testdir, sizeof(paths->none));
+   strlcat(paths->none, "/none", sizeof(paths->none));
+
+   strlcpy(paths->dir, testdir, sizeof(paths->dir));
+   strlcat(paths->dir, "/dir", sizeof(paths->dir));
+   paths->dir_mode = 0750;
+   ret = mkdir(paths->dir, paths->dir_mode);
+   assert_return_code(ret, errno);
+
+   strlcpy(paths->file, testdir, sizeof(paths->file));
+   strlcat(paths->file, "/file", sizeof(paths->file));
+   paths->file_mode = 0640;
+   fd = creat(paths->file, paths->file_mode);
+   assert_return_code(fd, errno);
+   ret = close(fd);
+   assert_return_code(ret, errno);
+
+   strlcpy(paths->symlink_none, testdir, sizeof(paths->symlink_none));
+   strlcat(paths->symlink_none, "/symlink_none",
+   sizeof(paths->symlink_none));
+   ret = symlink("/none", paths->symlink_none);
+   assert_return_code(ret, e

[SCM] Samba Shared Repository - branch v4-13-test updated

[Stefan Metzmacher]

The branch, v4-13-test has been updated
   via  5df2c348ca9 Remove depracated "ldap ssl ads" smb.conf option
   via  78a6cce9c79 ctdb-tests: Stop cat command failure from causing test 
failure
  from  bb49e891025 winbind: Fix lookuprids cache problem

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test


- Log -
commit 5df2c348ca9ee31b542d207217d12e5b9403453d
Author: Isaac Boukris 
Date:   Mon Aug 10 12:15:26 2020 +0200

Remove depracated "ldap ssl ads" smb.conf option

Signed-off-by: Isaac Boukris 

Autobuild-User(v4-13-test): Stefan Metzmacher 
Autobuild-Date(v4-13-test): Wed Aug 12 11:16:04 UTC 2020 on sn-devel-184

commit 78a6cce9c7949be2d5be640b66fd43fa0a45d73e
Author: Martin Schwenke 
Date:   Mon Jul 6 14:02:49 2020 +1000

ctdb-tests: Stop cat command failure from causing test failure

In certain circumstance, which aren't obvious, cat(1) can fail when
attempting to write a lot of data.  This is due to something (probably
write(2)) returning EAGAIN.

Given that the -v option should only really be used for test
debugging, ignore the failure instead of spending time debugging it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14446
Signed-off-by: Martin Schwenke 
Reviewed-by: Amitay Isaacs 
(cherry picked from commit 3ff8765d04c0fb950b7be4f9a04aeb08223b)

---

Summary of changes:
 WHATSNEW.txt|  2 ++
 ctdb/tests/scripts/integration.bash |  2 +-
 docs-xml/smbdotconf/ldap/ldapsslads.xml | 21 -
 source3/libads/ldap.c   |  7 ---
 source3/param/loadparm.c|  1 -
 5 files changed, 3 insertions(+), 30 deletions(-)
 delete mode 100644 docs-xml/smbdotconf/ldap/ldapsslads.xml


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 58bcf9ba20a..5fd139e9d4b 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -55,12 +55,14 @@ The release notes will be updated to note this change when 
it occurs.
 REMOVED FEATURES
 
 
+The deprecated "ldap ssl ads" smb.conf option has been removed.
 
 smb.conf changes
 
 
   Parameter Name DescriptionDefault
   -- ------
+  ldap ssl ads   removed
 
   smb2 disable lock sequence checking  No
 
diff --git a/ctdb/tests/scripts/integration.bash 
b/ctdb/tests/scripts/integration.bash
index 31f4387a404..39c4e8b8167 100644
--- a/ctdb/tests/scripts/integration.bash
+++ b/ctdb/tests/scripts/integration.bash
@@ -164,7 +164,7 @@ try_command_on_node ()
 
 if $verbose ; then
echo "Output of \"$cmd\":"
-   cat "$outfile"
+   cat "$outfile" || true
 fi
 }
 
diff --git a/docs-xml/smbdotconf/ldap/ldapsslads.xml 
b/docs-xml/smbdotconf/ldap/ldapsslads.xml
deleted file mode 100644
index 98c39651f1e..000
--- a/docs-xml/smbdotconf/ldap/ldapsslads.xml
+++ /dev/null
@@ -1,21 +0,0 @@
-http://www.samba.org/samba/DTD/samba-doc";>
-
-   This option is used to define whether or not Samba should
-   use SSL when connecting to the ldap server using
-   ads methods.
-   Rpc methods are not affected by this parameter. Please note, that
-   this parameter won't have any effect if 
-   is set to no.
-   
-
-   See 
smb.conf5
-   for more information on .
-   
-
-
-no
-
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 55c9668089d..10ab043f721 100755
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -702,13 +702,6 @@ got_connection:
 
ldap_set_option(ads->ldap.ld, LDAP_OPT_PROTOCOL_VERSION, &version);
 
-   if ( lp_ldap_ssl_ads() ) {
-   status = ADS_ERROR(smbldap_start_tls(ads->ldap.ld, version));
-   if (!ADS_ERR_OK(status)) {
-   goto out;
-   }
-   }
-
/* fill in the current time and offsets */
 
status = ads_current_time( ads );
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index cf5da0aca21..6674485738a 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -740,7 +740,6 @@ static void init_globals(struct loadparm_context *lp_ctx, 
bool reinit_globals)
 
lpcfg_string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
Globals.ldap_ssl = LDAP_SSL_START_TLS;
-   Globals.ldap_ssl_ads = false;
Globals.ldap_deref = -1;
Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
Globals.ldap_delete_dn = false;


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-13-test updated

[Stefan Metzmacher]

The branch, v4-13-test has been updated
   via  bb49e891025 winbind: Fix lookuprids cache problem
   via  12997bb8196 winbind: Add test for lookuprids cache problem
   via  ab227e7db1c torture3: Align integer types
   via  2bdf5e9c292 dbcheck: Allow a dangling forward link outside our 
known NCs
   via  18628ba1558 ctdb-scripts: Use nfsconf as a last resort get nfsd 
thread count
   via  8bd4e018780 ctdb-scripts: Use nfsconf as a last resort to set 
NFS_HOSTNAME
   via  983b35fdcf8 docs: Fix documentation for require_membership_of of 
pam_winbind.conf
   via  f2f122d65a7 docs: Fix documentation for require_membership_of of 
pam_winbind
  from  19fecfaa35f kdc:db-glue: ignore KRB5_PROG_ETYPE_NOSUPP also for 
Primary:Kerberos

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test


- Log -
commit bb49e891025bdb71bacb8ed084c286d9d4da2cad
Author: Volker Lendecke 
Date:   Wed Jul 8 15:09:45 2020 +0200

winbind: Fix lookuprids cache problem

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Thu Jul  9 21:40:52 UTC 2020 on sn-devel-184

(cherry picked from commit cd4122d91e942ca465c03505d5e148117f505ba4)

Autobuild-User(v4-13-test): Stefan Metzmacher 
Autobuild-Date(v4-13-test): Mon Aug 10 10:46:37 UTC 2020 on sn-devel-184

commit 12997bb81961e98668d3de16fdb09ada3996408d
Author: Volker Lendecke 
Date:   Wed Jul 8 15:00:49 2020 +0200

winbind: Add test for lookuprids cache problem

When reading entries from gencache, wb_cache_rids_to_names() can
return STATUS_SOME_UNMAPPED, which _wbint_LookupRids() does not handle
correctly.

This test enforces this situation by filling gencache with one wbinfo
-R and then erasing the winbindd_cache.tdb. This forces winbind to
enter the domain helper process, which will then read from gencache
filled with the previous wbinfo -R.

Without having the entries cached this does not happen because
wb_cache_rids_to_names() via the do_query: path calls deep inside
calls dcerpc_lsa_lookup_sids_noalloc(), which hides the
STATUS_SOME_UNMAPPED that came in as lsa_LookupSids result value.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 04eafce653afcff517317d2b190acc4f0cbf4c61)

commit ab227e7db1cc41dbd8667da752e9420cef1091a1
Author: Volker Lendecke 
Date:   Tue Jul 7 08:50:31 2020 +0200

torture3: Align integer types

Signed-off-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 

commit 2bdf5e9c292364b45b43dbf985245641a16fa398
Author: Andrew Bartlett 
Date:   Mon Jul 27 11:37:29 2020 +1200

dbcheck: Allow a dangling forward link outside our known NCs

If we do not have the NC of the target object we can not be really sure
that the object is redundent and so we want to keep it for now
and not (as happened until now) break the dbcheck run made during the
replication stage of a "samba-tool domain backup rename".

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14450

Signed-off-by: Andrew Bartlett 
Reviewed-by: Douglas Bagnall 
(cherry picked from commit 05228c4e07013c0e6f78f1330b3b787271282ca8)

commit 18628ba15585f991b004ef4bd66abf2f8ed12b3f
Author: Martin Schwenke 
Date:   Mon Jul 20 12:02:45 2020 +1000

ctdb-scripts: Use nfsconf as a last resort get nfsd thread count

If nfsconf exists then use it as last resort to attempt to extract
[nfsd]:threads from /etc/nfs.conf.

Invocation of nfsconf requires "|| true" because this script uses "set
-e".  Add a stub that always fails to at least test this much.

RN: Use nfsconf utility for variable values in CTDB NFS scripts
BUG: https://bugzilla.samba.org/show_bug.cgi?id=1
Signed-off-by: Martin Schwenke 
Reviewed-by: Amitay Isaacs 

Autobuild-User(master): Amitay Isaacs 
Autobuild-Date(master): Mon Jul 27 07:06:58 UTC 2020 on sn-devel-184

(cherry picked from commit 642dc6ded6426ba2fbf3ac1e5cd71aae11ca245b)

commit 8bd4e0187803b4263dae9eafb07d539350f30ce0
Author: Martin Schwenke 
Date:   Mon Jul 13 10:16:33 2020 +1000

ctdb-scripts: Use nfsconf as a last resort to set NFS_HOSTNAME

If nfsconf exists then use it as last resort to attempt to extract
[statd]:name from /etc/nfs.conf.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=1
Signed-off-by: Martin Schwenke 
Reviewed-by: Amitay Isaacs 
(cherry picked from commit 334dd8cedda6a341e3b89c9adc8102ea5480e452)

commit 983b35fdcf85826d3b667c8c5b0234402a6863c7
Author: Andreas Schneider 
Date:   Fri Jul 17 12:14:16 2020 +0200

docs: Fix documentatio

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  f50987df038 winbind: directly use 
dcerpc_binding_handle_is_connected() in reset_connection_on_error() SAMR code
   via  19ef9c40f14 s3:rpc_client: reverse 
rpccli_{is_connected,set_timeout}() and rpccli_bh_{is_connected,set_timeout}()
  from  6a9c7859281 s3: libsmb: Cleanup - Remove the last use of a struct 
sockaddr_storage variable in dsgetdcname.c

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit f50987df038846f0052d4c33bb534af9f2c79061
Author: Ralph Boehme 
Date:   Fri Aug 7 12:07:28 2020 +0200

winbind: directly use dcerpc_binding_handle_is_connected() in 
reset_connection_on_error() SAMR code

In the end we should avoid rpccli_is_connected(), rpccli_set_timeout() and 
the
whole rpc_pipe_client concept.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14457

Pair-Programmed-With: Stefan Metzmacher 

Signed-off-by: Ralph Boehme 
Signed-off-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Sat Aug  8 10:59:38 UTC 2020 on sn-devel-184

commit 19ef9c40f14f91fcae6874d9f94540dd850e308b
Author: Stefan Metzmacher 
Date:   Fri Aug 7 15:57:15 2020 +0200

s3:rpc_client: reverse rpccli_{is_connected,set_timeout}() and 
rpccli_bh_{is_connected,set_timeout}()

rpccli->transport should never be used directly,
everything should go via the binding handle.

Internal pipes don't have a transport, so p->transport is always
NULL. rpccli_is_connected() checks this and this causes all SAMR and LSA
requests for the local domain to be processed a second time by the triggered
retry logic.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14457

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Ralph Boehme 

---

Summary of changes:
 source3/rpc_client/cli_pipe.c| 46 
 source3/winbindd/winbindd_samr.c |  3 ++-
 2 files changed, 34 insertions(+), 15 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 8227ef0b0bd..074d01828ad 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -2158,22 +2158,16 @@ NTSTATUS rpc_pipe_bind(struct rpc_pipe_client *cli,
 unsigned int rpccli_set_timeout(struct rpc_pipe_client *rpc_cli,
unsigned int timeout)
 {
-   unsigned int old;
-
-   if (rpc_cli->transport == NULL) {
-   return RPCCLI_DEFAULT_TIMEOUT;
-   }
-
-   if (rpc_cli->transport->set_timeout == NULL) {
+   if (rpc_cli == NULL) {
return RPCCLI_DEFAULT_TIMEOUT;
}
 
-   old = rpc_cli->transport->set_timeout(rpc_cli->transport->priv, 
timeout);
-   if (old == 0) {
+   if (rpc_cli->binding_handle == NULL) {
return RPCCLI_DEFAULT_TIMEOUT;
}
 
-   return old;
+   return dcerpc_binding_handle_set_timeout(rpc_cli->binding_handle,
+timeout);
 }
 
 bool rpccli_is_connected(struct rpc_pipe_client *rpc_cli)
@@ -2182,11 +2176,11 @@ bool rpccli_is_connected(struct rpc_pipe_client 
*rpc_cli)
return false;
}
 
-   if (rpc_cli->transport == NULL) {
+   if (rpc_cli->binding_handle == NULL) {
return false;
}
 
-   return rpc_cli->transport->is_connected(rpc_cli->transport->priv);
+   return dcerpc_binding_handle_is_connected(rpc_cli->binding_handle);
 }
 
 struct rpccli_bh_state {
@@ -2197,8 +2191,17 @@ static bool rpccli_bh_is_connected(struct 
dcerpc_binding_handle *h)
 {
struct rpccli_bh_state *hs = dcerpc_binding_handle_data(h,
 struct rpccli_bh_state);
+   struct rpc_cli_transport *transport = hs->rpc_cli->transport;
+
+   if (transport == NULL) {
+   return false;
+   }
+
+   if (transport->is_connected == NULL) {
+   return false;
+   }
 
-   return rpccli_is_connected(hs->rpc_cli);
+   return transport->is_connected(transport->priv);
 }
 
 static uint32_t rpccli_bh_set_timeout(struct dcerpc_binding_handle *h,
@@ -2206,8 +2209,23 @@ static uint32_t rpccli_bh_set_timeout(struct 
dcerpc_binding_handle *h,
 {
struct rpccli_bh_state *hs = dcerpc_binding_handle_data(h,
 struct rpccli_bh_state);
+   struct rpc_cli_transport *transport = hs->rpc_cli->transport;
+   unsigned int old;
 
-   return rpccli_set_timeout(hs->rpc_cli, timeout);
+   if (transport == NULL) {
+   return RPCCLI_DEFAULT_TIMEOUT;
+   }
+
+   if (transport->set_timeout == NULL) {
+ 

[SCM] Samba Shared Repository - branch v4-13-test updated

[Stefan Metzmacher]

The branch, v4-13-test has been updated
   via  19fecfaa35f kdc:db-glue: ignore KRB5_PROG_ETYPE_NOSUPP also for 
Primary:Kerberos
   via  6ddc1b66065 Add a test with old msDS-SupportedEncryptionTypes
  from  8aa9258e265 VERSION: Bump version up to 4.13.0rc2...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test


- Log -
commit 19fecfaa35fc641e578be38c037149d8c9ac57af
Author: Stefan Metzmacher 
Date:   Thu Apr 23 11:56:54 2020 +0200

kdc:db-glue: ignore KRB5_PROG_ETYPE_NOSUPP also for Primary:Kerberos

Currently we only ignore KRB5_PROG_ETYPE_NOSUPP for
Primary:Kerberos-Newer-Keys, but not for Primary:Kerberos.

If a service account has msDS-SupportedEncryptionTypes: 31
and DES keys stored in Primary:Kerberos, we'll pass the
DES key to smb_krb5_keyblock_init_contents(), but may get
KRB5_PROG_ETYPE_NOSUPP.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14354

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Isaac Boukris 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Tue Jul 28 14:04:26 UTC 2020 on sn-devel-184

(cherry picked from commit 4baa7cc8e473f6b63316b4ae5db34796c0f864c3)

Autobuild-User(v4-13-test): Stefan Metzmacher 
Autobuild-Date(v4-13-test): Fri Aug  7 10:39:26 UTC 2020 on sn-devel-184

commit 6ddc1b6606500b4c66c20d653d9a2e985f1bfd4f
Author: Isaac Boukris 
Date:   Mon Apr 27 14:00:38 2020 +0200

Add a test with old msDS-SupportedEncryptionTypes

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14354

Signed-off-by: Isaac Boukris 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 07399831794e28c7c2cf0140d0f1d1b5538b5f60)

---

Summary of changes:
 source4/kdc/db-glue.c   | 18 ++---
 source4/selftest/tests.py   |  2 +
 testprogs/blackbox/test_old_enctypes.sh | 68 +
 3 files changed, 82 insertions(+), 6 deletions(-)
 create mode 100755 testprogs/blackbox/test_old_enctypes.sh


Changeset truncated at 500 lines:

diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index 27728dab904..5fd0f431cdf 100644
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -631,18 +631,18 @@ static krb5_error_code 
samba_kdc_message2entry_keys(krb5_context context,
  
pkb4->keys[i].value->data,
  
pkb4->keys[i].value->length,
  &key.key);
-   if (ret == KRB5_PROG_ETYPE_NOSUPP) {
-   DEBUG(2,("Unsupported keytype ignored - type 
%u\n",
-pkb4->keys[i].keytype));
-   ret = 0;
-   continue;
-   }
if (ret) {
if (key.salt) {
smb_krb5_free_data_contents(context, 
&key.salt->salt);
free(key.salt);
key.salt = NULL;
}
+   if (ret == KRB5_PROG_ETYPE_NOSUPP) {
+   DEBUG(2,("Unsupported keytype ignored - 
type %u\n",
+pkb4->keys[i].keytype));
+   ret = 0;
+   continue;
+   }
goto out;
}
 
@@ -693,6 +693,12 @@ static krb5_error_code 
samba_kdc_message2entry_keys(krb5_context context,
free(key.salt);
key.salt = NULL;
}
+   if (ret == KRB5_PROG_ETYPE_NOSUPP) {
+   DEBUG(2,("Unsupported keytype ignored - 
type %u\n",
+pkb3->keys[i].keytype));
+   ret = 0;
+   continue;
+   }
goto out;
}
 
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 0e219f94d04..f4d91520a12 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -494,6 +494,8 @@ plantestsuite("samba4.blackbox.net_rpc_user(ad_dc)", 
"ad_dc", [os.path.join(bbdi
 
 plantestsuite("samba4.blackbox.test_primary_group", "ad_dc:local", 
[os.path.join(bbdir, "test_primary_group.sh"),

[SCM] Samba Shared Repository - branch v4-13-test updated

[Stefan Metzmacher]

The branch, v4-13-test has been updated
   via  8aa9258e265 VERSION: Bump version up to 4.13.0rc2...
  from  8c86998910d VERSION: Disable GIT_SNAPSHOT for the 4.13.0rc1 release.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test


- Log -
commit 8aa9258e26544d1643493fc61720cffc49a9b58d
Author: Stefan Metzmacher 
Date:   Thu Aug 6 12:26:31 2020 +0200

VERSION: Bump version up to 4.13.0rc2...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Stefan Metzmacher 

---

Summary of changes:
 VERSION | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index d5cf0b9ce28..5d09e1af487 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
 # e.g. SAMBA_VERSION_RC_RELEASE=1  #
 #  ->  "3.0.0rc1"  #
 
-SAMBA_VERSION_RC_RELEASE=1
+SAMBA_VERSION_RC_RELEASE=2
 
 
 # To mark SVN snapshots this should be set to 'yes'#
@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE=1
 # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes   #
 #  ->  "3.0.0-SVN-build-199"   #
 
-SAMBA_VERSION_IS_GIT_SNAPSHOT=no
+SAMBA_VERSION_IS_GIT_SNAPSHOT=yes
 
 
 # This is for specifying a release nickname#


-- 
Samba Shared Repository

Re: [cifs-protocol] [REG:120080321001822] LDAP connections have hard timelimit of one hour?

[Stefan Metzmacher via cifs-protocol]

Am 06.08.20 um 10:53 schrieb Stefan Metzmacher via cifs-protocol:
> Am 04.08.20 um 21:27 schrieb Stefan Metzmacher:
>> Am 04.08.20 um 12:37 schrieb Stefan Metzmacher via cifs-protocol:
>>> Hi Bryan,
>>>
>>>> Thank you for the question.  We created SR 120080321001822 To track this 
>>>> issue.  An engineer will contact you soon.
>>>
>>> Thanks! Note the lifetime of the krb5 service tickets seems to be 1
>>> hour, maybe that's related.
>>>
>>> For SMB2 connections there's also a relationship to the lifetime of the
>>> krb5 service ticket, before the server starts returning
>>> NT_STATUS_SESSION_EXPIRED.
>>>
>>> Maybe the LDAP server is doing something similar.
>>
>> I was able to reproduce this with a client asking for a ticket lifetime
>> of just 4 seconds.
>>
>> It would be good to get that documented and how a client should
>> handle that.
> 
> We found that this is related to RFC4511 section
> 4.4.1 Notice of Disconnection.
> 
> While testing we found that Windows Servers have a cleanup timer that
> runs once a minute and close any connection that's no
> longer valid (with just a TCP RST and without a Notice of Disconnection).
> 
> If a client sends a request in the time window of 0-59 seconds between
> the connection expiration and the cleanup timer, the client will
> get the Notice of Disconnection. Once the client sends the TCP ACK for
> that Windows 2008R2 and 2012R2 seem to send an immediate TCP RST,ACK.
> Is it possible that Windows 2019 doesn't send that TCP RST?

One more detail question to this.

Is it possible to do a new bind in that 0-59 seconds windows?
Similar to a SMB2 session setup reauth after getting
NT_STATUS_SESSION_EXPIRED?

Thanks!
metze




signature.asc
Description: OpenPGP digital signature
___
cifs-protocol mailing list
cifs-protocol@lists.samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:120080321001822] LDAP connections have hard timelimit of one hour?

[Stefan Metzmacher via cifs-protocol]

Am 06.08.20 um 10:53 schrieb Stefan Metzmacher:
> Am 04.08.20 um 21:27 schrieb Stefan Metzmacher:
>> Am 04.08.20 um 12:37 schrieb Stefan Metzmacher via cifs-protocol:
>>> Hi Bryan,
>>>
>>>> Thank you for the question.  We created SR 120080321001822 To track this 
>>>> issue.  An engineer will contact you soon.
>>>
>>> Thanks! Note the lifetime of the krb5 service tickets seems to be 1
>>> hour, maybe that's related.
>>>
>>> For SMB2 connections there's also a relationship to the lifetime of the
>>> krb5 service ticket, before the server starts returning
>>> NT_STATUS_SESSION_EXPIRED.
>>>
>>> Maybe the LDAP server is doing something similar.
>>
>> I was able to reproduce this with a client asking for a ticket lifetime
>> of just 4 seconds.
>>
>> It would be good to get that documented and how a client should
>> handle that.
> 
> We found that this is related to RFC4511 section
> 4.4.1 Notice of Disconnection.
> 
> While testing we found that Windows Servers have a cleanup timer that
> runs once a minute and close any connection that's no
> longer valid (with just a TCP RST and without a Notice of Disconnection).
> 
> If a client sends a request in the time window of 0-59 seconds between
> the connection expiration and the cleanup timer, the client will
> get the Notice of Disconnection. Once the client sends the TCP ACK for
> that Windows 2008R2 and 2012R2 seem to send an immediate TCP RST,ACK.
> Is it possible that Windows 2019 doesn't send that TCP RST?

We also noticed that the Notice of Disconnection messages from Windows
violate the RFC.

LDAPResult ::= SEQUENCE {
 resultCode ENUMERATED {
  success  (0),
  operationsError  (1),
  protocolError(2),
  ...
  other(80),
  ...  },
 matchedDN  LDAPDN,
 diagnosticMessage  LDAPString,
 referral   [3] Referral OPTIONAL }

ExtendedResponse ::= [APPLICATION 24] SEQUENCE {
 COMPONENTS OF LDAPResult,
 responseName [10] LDAPOID OPTIONAL,
 responseValue[11] OCTET STRING OPTIONAL }


LDAPMessage ::= SEQUENCE {
 messageID   MessageID,
 protocolOp  CHOICE {
  bindRequest   BindRequest,
  bindResponse  BindResponse,
  unbindRequest UnbindRequest,
  searchRequest SearchRequest,
  searchResEntrySearchResultEntry,
  searchResDone SearchResultDone,
  searchResRef  SearchResultReference,
  modifyRequest ModifyRequest,
  modifyResponseModifyResponse,
  addRequestAddRequest,
  addResponse   AddResponse,
  delRequestDelRequest,
  delResponse   DelResponse,
  modDNRequest  ModifyDNRequest,
  modDNResponse ModifyDNResponse,
  compareRequestCompareRequest,
  compareResponse   CompareResponse,
  abandonRequestAbandonRequest,
  extendedReq   ExtendedRequest,
  extendedResp  ExtendedResponse,
  ...,
  intermediateResponse  IntermediateResponse },
 controls   [0] Controls OPTIONAL }


Two message I saw from Windows are:

dumpasn1 ~/devel/caps/ldap/ldap-krb5-extended-response-expired.dat
  0  80: SEQUENCE {
   :   Error: Length '84 00 00 00 50' has non-canonical encoding.
  6   1:   INTEGER 0
  9  47:   [APPLICATION 24] {
   : Error: Length '84 00 00 00 2F' has non-canonical encoding.
 15   1: ENUMERATED 52
 18   0: OCTET STRING
   :   Error: Object has zero length.
 20  40: OCTET STRING 'The server has timed out this connection'
   : }
 62  22:   [10] '1.3.6.1.4.1.1466.20036'
   :   }


dumpasn1 ~/devel/caps/ldap/ldap-krb5-extended-response-sign-des.dat
  0 127: SEQUENCE {
   :   Error: Length '84 00 00 00 7F' has non-canonical encoding.
  6   1:   INTEGER 0
  9  94:   [APPLICATION 24] {
   : Error: Length '84 00 00 00 5E' has non-canonical encoding.
 15   1: ENUMERATED 52
 18   0: OCTET STRING
   :   Error: Object has zero length.
 20  87: OCTET STRING
   :   '0003: LdapErr: DSID-0C06041F, comment: Error'
   :   ' decrypting ldap messag

Re: [cifs-protocol] [REG:120080321001822] LDAP connections have hard timelimit of one hour?

[Stefan Metzmacher via cifs-protocol]

Am 04.08.20 um 21:27 schrieb Stefan Metzmacher:
> Am 04.08.20 um 12:37 schrieb Stefan Metzmacher via cifs-protocol:
>> Hi Bryan,
>>
>>> Thank you for the question.  We created SR 120080321001822 To track this 
>>> issue.  An engineer will contact you soon.
>>
>> Thanks! Note the lifetime of the krb5 service tickets seems to be 1
>> hour, maybe that's related.
>>
>> For SMB2 connections there's also a relationship to the lifetime of the
>> krb5 service ticket, before the server starts returning
>> NT_STATUS_SESSION_EXPIRED.
>>
>> Maybe the LDAP server is doing something similar.
> 
> I was able to reproduce this with a client asking for a ticket lifetime
> of just 4 seconds.
> 
> It would be good to get that documented and how a client should
> handle that.

We found that this is related to RFC4511 section
4.4.1 Notice of Disconnection.

While testing we found that Windows Servers have a cleanup timer that
runs once a minute and close any connection that's no
longer valid (with just a TCP RST and without a Notice of Disconnection).

If a client sends a request in the time window of 0-59 seconds between
the connection expiration and the cleanup timer, the client will
get the Notice of Disconnection. Once the client sends the TCP ACK for
that Windows 2008R2 and 2012R2 seem to send an immediate TCP RST,ACK.
Is it possible that Windows 2019 doesn't send that TCP RST?

Thanks!
metze



signature.asc
Description: OpenPGP digital signature
___
cifs-protocol mailing list
cifs-protocol@lists.samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:120080321001822] LDAP connections have hard timelimit of one hour?

[Stefan Metzmacher via cifs-protocol]

Am 04.08.20 um 12:37 schrieb Stefan Metzmacher via cifs-protocol:
> Hi Bryan,
> 
>> Thank you for the question.  We created SR 120080321001822 To track this 
>> issue.  An engineer will contact you soon.
> 
> Thanks! Note the lifetime of the krb5 service tickets seems to be 1
> hour, maybe that's related.
> 
> For SMB2 connections there's also a relationship to the lifetime of the
> krb5 service ticket, before the server starts returning
> NT_STATUS_SESSION_EXPIRED.
> 
> Maybe the LDAP server is doing something similar.

I was able to reproduce this with a client asking for a ticket lifetime
of just 4 seconds.

It would be good to get that documented and how a client should
handle that.

metze

>> -Original Message-
>> From: Stefan Metzmacher  
>> Sent: Monday, August 3, 2020 7:54 AM
>> To: Interoperability Documentation Help 
>> Cc: cifs-protocol@lists.samba.org
>> Subject: [EXTERNAL] LDAP connections have hard timelimit of one hour?
>>
>> Hi DocHelp,
>>
>> I just debugged a problem where a Windows AD DC send the following message 
>> after exactly 1 hour:
>>
>>  LDAPMessage extendedResp(0) (The server has timed out this connection)
>>  messageID: 0
>>  protocolOp: extendedResp (24)
>>  extendedResp
>>  resultCode: unavailable (52)
>>  matchedDN:
>>  errorMessage: The server has timed out this connection
>>
>> The connection was used at least every minute and the last success was 
>> returned 2 seconds before this.
>>
>> These are Windows 2019 DCs, is this special to them, or does this happen 
>> with any Windows Version?
>>
>> I can't find anything related in [MS-ADTS]
>>
>> Can you clarify this?
>>
>> Thanks!
>> metze
>>
> 
> 
> 
> ___
> cifs-protocol mailing list
> cifs-protocol@lists.samba.org
> https://lists.samba.org/mailman/listinfo/cifs-protocol
> 




signature.asc
Description: OpenPGP digital signature
___
cifs-protocol mailing list
cifs-protocol@lists.samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:120080321001822] LDAP connections have hard timelimit of one hour?

[Stefan Metzmacher via cifs-protocol]

Hi Bryan,

> Thank you for the question.  We created SR 120080321001822 To track this 
> issue.  An engineer will contact you soon.

Thanks! Note the lifetime of the krb5 service tickets seems to be 1
hour, maybe that's related.

For SMB2 connections there's also a relationship to the lifetime of the
krb5 service ticket, before the server starts returning
NT_STATUS_SESSION_EXPIRED.

Maybe the LDAP server is doing something similar.

metze

> -Original Message-----
> From: Stefan Metzmacher  
> Sent: Monday, August 3, 2020 7:54 AM
> To: Interoperability Documentation Help 
> Cc: cifs-protocol@lists.samba.org
> Subject: [EXTERNAL] LDAP connections have hard timelimit of one hour?
> 
> Hi DocHelp,
> 
> I just debugged a problem where a Windows AD DC send the following message 
> after exactly 1 hour:
> 
>  LDAPMessage extendedResp(0) (The server has timed out this connection)
>  messageID: 0
>  protocolOp: extendedResp (24)
>  extendedResp
>  resultCode: unavailable (52)
>  matchedDN:
>  errorMessage: The server has timed out this connection
> 
> The connection was used at least every minute and the last success was 
> returned 2 seconds before this.
> 
> These are Windows 2019 DCs, is this special to them, or does this happen with 
> any Windows Version?
> 
> I can't find anything related in [MS-ADTS]
> 
> Can you clarify this?
> 
> Thanks!
> metze
> 




signature.asc
Description: OpenPGP digital signature
___
cifs-protocol mailing list
cifs-protocol@lists.samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

[cifs-protocol] LDAP connections have hard timelimit of one hour?

[Stefan Metzmacher via cifs-protocol]

Hi DocHelp,

I just debugged a problem where a Windows AD DC send the following
message after exactly 1 hour:

 LDAPMessage extendedResp(0) (The server has timed out this connection)
 messageID: 0
 protocolOp: extendedResp (24)
 extendedResp
 resultCode: unavailable (52)
 matchedDN:
 errorMessage: The server has timed out this connection

The connection was used at least every minute and the last success
was returned 2 seconds before this.

These are Windows 2019 DCs, is this special to them, or does this
happen with any Windows Version?

I can't find anything related in [MS-ADTS]

Can you clarify this?

Thanks!
metze



signature.asc
Description: OpenPGP digital signature
___
cifs-protocol mailing list
cifs-protocol@lists.samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  4baa7cc8e47 kdc:db-glue: ignore KRB5_PROG_ETYPE_NOSUPP also for 
Primary:Kerberos
   via  07399831794 Add a test with old msDS-SupportedEncryptionTypes
  from  6e496aa3635 nsswitch/nsstest.c: Avoid nss function conflicts with 
glibc nss.h

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 4baa7cc8e473f6b63316b4ae5db34796c0f864c3
Author: Stefan Metzmacher 
Date:   Thu Apr 23 11:56:54 2020 +0200

kdc:db-glue: ignore KRB5_PROG_ETYPE_NOSUPP also for Primary:Kerberos

Currently we only ignore KRB5_PROG_ETYPE_NOSUPP for
Primary:Kerberos-Newer-Keys, but not for Primary:Kerberos.

If a service account has msDS-SupportedEncryptionTypes: 31
and DES keys stored in Primary:Kerberos, we'll pass the
DES key to smb_krb5_keyblock_init_contents(), but may get
KRB5_PROG_ETYPE_NOSUPP.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14354

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Isaac Boukris 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Tue Jul 28 14:04:26 UTC 2020 on sn-devel-184

commit 07399831794e28c7c2cf0140d0f1d1b5538b5f60
Author: Isaac Boukris 
Date:   Mon Apr 27 14:00:38 2020 +0200

Add a test with old msDS-SupportedEncryptionTypes

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14354

Signed-off-by: Isaac Boukris 
Reviewed-by: Stefan Metzmacher 

---

Summary of changes:
 source4/kdc/db-glue.c   | 18 ++---
 source4/selftest/tests.py   |  2 +
 testprogs/blackbox/test_old_enctypes.sh | 68 +
 3 files changed, 82 insertions(+), 6 deletions(-)
 create mode 100755 testprogs/blackbox/test_old_enctypes.sh


Changeset truncated at 500 lines:

diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index 27728dab904..5fd0f431cdf 100644
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -631,18 +631,18 @@ static krb5_error_code 
samba_kdc_message2entry_keys(krb5_context context,
  
pkb4->keys[i].value->data,
  
pkb4->keys[i].value->length,
  &key.key);
-   if (ret == KRB5_PROG_ETYPE_NOSUPP) {
-   DEBUG(2,("Unsupported keytype ignored - type 
%u\n",
-pkb4->keys[i].keytype));
-   ret = 0;
-   continue;
-   }
if (ret) {
if (key.salt) {
smb_krb5_free_data_contents(context, 
&key.salt->salt);
free(key.salt);
key.salt = NULL;
}
+   if (ret == KRB5_PROG_ETYPE_NOSUPP) {
+   DEBUG(2,("Unsupported keytype ignored - 
type %u\n",
+pkb4->keys[i].keytype));
+   ret = 0;
+   continue;
+   }
goto out;
}
 
@@ -693,6 +693,12 @@ static krb5_error_code 
samba_kdc_message2entry_keys(krb5_context context,
free(key.salt);
key.salt = NULL;
}
+   if (ret == KRB5_PROG_ETYPE_NOSUPP) {
+   DEBUG(2,("Unsupported keytype ignored - 
type %u\n",
+pkb3->keys[i].keytype));
+   ret = 0;
+   continue;
+   }
goto out;
}
 
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 588586e39b3..6e7c014ba8d 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -494,6 +494,8 @@ plantestsuite("samba4.blackbox.net_rpc_user(ad_dc)", 
"ad_dc", [os.path.join(bbdi
 
 plantestsuite("samba4.blackbox.test_primary_group", "ad_dc:local", 
[os.path.join(bbdir, "test_primary_group.sh"), '$SERVER', '$USERNAME', 
'$PASSWORD', '$DOMAIN', '$PREFIX_ABS'])
 
+plantestsuite("samba4.blackbox.test_old_enctypes", "fl2003dc:local", 
[os.path.join(bbdir, "test_old_enctypes.sh"), &

[SCM] Samba Shared Repository - annotated tag ldb-2.2.0 created

[Stefan Metzmacher]

The annotated tag, ldb-2.2.0 has been created
at  93a3abc51ae9e3653726a243e2ec80567340a2c8 (tag)
   tagging  9f3d2ba7ee9e41ddeee376aa74785199ef3dc8a2 (commit)
  replaces  ldb-2.1.1
 tagged by  Stefan Metzmacher
on  Thu Jul 9 14:09:46 2020 +0200

- Log -
ldb: tag release ldb-2.2.0
-BEGIN PGP SIGNATURE-

iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAl8HCQoACgkQR5ORYRMI
QCUOhgf+J3clc9kfzDHab5HMqfWD1efX5FXMCQr4t/CcxQSWrC6sIpMbBiGbVHHO
9fTvPDAyNQafdbkeuBz4RrLai4gG8EDvaCCwyf2QssJ0JOe59ExPhnyDWCq36PUS
+ZA6LbqlgIMSTPoLSOD4M5RxU8/MON0ep3p++SKQK228auZlTfDZnJc87zGON1qR
d0ioSPXQfhQc2fy7GGtSDLcmitpqERkiuXKshfpFMVnk3f8vY/v44n6PUsYJd4x1
pY4WFaTahoYCW+fdaPgUzdvmS6ZpYH5N2W81kmMea0H4iQqYSd3Kizjb1PgrtT4S
0Cbi0d9QDznKiJaT5bbK9b81mhnuHA==
=1xhG
-END PGP SIGNATURE-

Alexander Bokovoy (4):
  s3: pass DCE RPC handle type to create_policy_hnd
  s3 rpc server: set on-wire handle type explicitly
  lib/ldb: add unit test for ldb_ldap internal code
  ldb_ldap: fix off-by-one increment in lldb_add_msg_attr

Amit Kumar (2):
  Add a test for smbclient -l basename
  lib:util: Fix smbclient -l basename dir

Amitay Isaacs (8):
  ctdb-recovery: Fetched vnnmap is never used, so don't fetch it
  ctdb-recovery: Consolidate node state
  ctdb-recovery: Don't trust nodemap obtained from local node
  ctdb-recovery: Refactor banning a node into separate computation
  lib/messaging: Move messages_dgm out of source3
  wscript_build: Remove duplicate recursion in source4/smbd
  lib/util: Build genrand for util core
  ctdb-build: Add messages_dgm build to ctdb

Andreas Schneider (69):
  autobuild: Run the none env in the samba-o3 build
  selftest: Set KRB5RCACHETYPE to none for selftest
  lib:crypto: Add samba_gnutls_weak_crypto()
  s3:utils: Add weak crypto information to testparm
  lib:param: Add lp(cfg)_weak_crypto()
  gensec: Add a check if a gensec module implements weak crypto
  auth:ntlmssp: Mark as weak_crypto
  waf: Check if GnuTLS has support for crypto policies
  tests: Add test for weak crypto
  bootstrap: Add podman command to readme
  third_party: Update nss_wrapper to version 1.1.10
  gitlab-ci: Remove Fedora 29 which is already EOL
  gitlab-ci: Remove Fedora 30
  gitlab-ci: Add Fedora 32 (Beta)
  selftest: Fix string compare in DnsHandler() of dns_hub.py
  third_party: Update pam_wrapper to version 1.1.2
  gitlab-ci: Add ccache and wget
  gitlab-ci: Use a shared ccache for the runners
  gitlab-ci: Add coverity scan runner
  third_party: Update nss_wrapper to version 1.1.11
  s3:libads: Fix ads_get_upn()
  testprogs: Add 'net ads join createupn' test also verifying the keytab
  s4:samdb: Do not create WDdigests for HTTP if weak crypto is disabled
  s4:tls: Fix generating TLS RSA certs with FIPS140-2
  selftest: Add an ad_dc_fips environment
  selftest: Pass extra_provision_options to provision_raw_prepare()
  selftest: Pass force_fips_mode to provision_ad_dc()
  selftest: Pass force_fips to provision()
  selftest: Pass force_fips_mode to provision_raw_prepare()
  selftest: Start ad_dc_fips with forced fips mode
  tests: Add test to check the server doesn't allow NTLM
  selftest: Force fips mode for openssl in ad_dc_fips
  gitlab-ci: Add runner for fips compliance testing
  docs-xml: Fix usernames in pam_winbind manpages
  s4:torture: Print account and authority name
  testprogs: Add client kerberos test
  testprogs: Add 'net ads join' test for fips
  lib:util: Add path_expand_tilde()
  lib:util: Add test for path_expand_tilde()
  s3:gencache: Allow to open gencache as read-only
  selftest: Use Kerberos to join an ad_member
  selftest: Split out a provision_ad_member() function
  selftest: Add force_fips_mode support to provision_ad_member()
  selftest: Add ad_member_fips target
  selftest: Run some tests against ad_member_fips
  autobuild: Add ad_member_fips target
  autobuild: Use sane random sleep values for samba-admem-mit
  gitlab-ci: Add new runner for samba-admem-fips
  gitlab-ci: Create a single samba-fips runner
  s3:rpcclient: Rename creds to trust_creds
  talloc: Mark ptr of talloc_unlink() not as a tainted scalar
  Revert "s3:libsmb: add a cache for cli_session_creds_prepare_krb5()"
  s3:rpc_server: Pass a pointer to add_filemeta()
  s3:lib: Avoid a NULL pointer deref on log level 10
  s3:notifyd: Check return value of lp_load_initial_only()
  s3:samr: Add missing NULL pointer check
  s3:rpc_server: Check return code of set_blocking()
  s3:locking: Remove dead code
  s4:torture: Make sure that ctx is initialized to NULL
  s3:smbd: Fix a possibile null pointer dereference
  s3:lib: Make sure t

[SCM] Samba Shared Repository - branch v4-13-test created

[Stefan Metzmacher]

The branch, v4-13-test has been created
at  8c86998910d0520a09dee729c2892f26dccc4b65 (commit)

- Log -
---


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-13-stable created

[Stefan Metzmacher]

The branch, v4-13-stable has been created
at  8c86998910d0520a09dee729c2892f26dccc4b65 (commit)

- Log -
---


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - annotated tag v4-13-test created

[Stefan Metzmacher]

The annotated tag, v4-13-test has been created
at  a0f16d24071deb61e20deb6dac0b878b4761fca4 (tag)
   tagging  8c86998910d0520a09dee729c2892f26dccc4b65 (commit)
  replaces  ldb-2.1.1
 tagged by  Karolin Seeger
on  Thu Jul 9 10:56:07 2020 +0200

- Log -
samba: tag release samba-4.13.0rc1
-BEGIN PGP SIGNATURE-

iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCXwbbpwAKCRBvM5FbZWi3
6qCzAJ0WXcHsrf5LzCZot34Ec0Y0AsqQ+gCgs8OAJjX86U5BHsBG3f7c2jbul9k=
=Km5z
-END PGP SIGNATURE-

Alexander Bokovoy (4):
  s3: pass DCE RPC handle type to create_policy_hnd
  s3 rpc server: set on-wire handle type explicitly
  lib/ldb: add unit test for ldb_ldap internal code
  ldb_ldap: fix off-by-one increment in lldb_add_msg_attr

Amit Kumar (2):
  Add a test for smbclient -l basename
  lib:util: Fix smbclient -l basename dir

Amitay Isaacs (8):
  ctdb-recovery: Fetched vnnmap is never used, so don't fetch it
  ctdb-recovery: Consolidate node state
  ctdb-recovery: Don't trust nodemap obtained from local node
  ctdb-recovery: Refactor banning a node into separate computation
  lib/messaging: Move messages_dgm out of source3
  wscript_build: Remove duplicate recursion in source4/smbd
  lib/util: Build genrand for util core
  ctdb-build: Add messages_dgm build to ctdb

Andreas Schneider (69):
  autobuild: Run the none env in the samba-o3 build
  selftest: Set KRB5RCACHETYPE to none for selftest
  lib:crypto: Add samba_gnutls_weak_crypto()
  s3:utils: Add weak crypto information to testparm
  lib:param: Add lp(cfg)_weak_crypto()
  gensec: Add a check if a gensec module implements weak crypto
  auth:ntlmssp: Mark as weak_crypto
  waf: Check if GnuTLS has support for crypto policies
  tests: Add test for weak crypto
  bootstrap: Add podman command to readme
  third_party: Update nss_wrapper to version 1.1.10
  gitlab-ci: Remove Fedora 29 which is already EOL
  gitlab-ci: Remove Fedora 30
  gitlab-ci: Add Fedora 32 (Beta)
  selftest: Fix string compare in DnsHandler() of dns_hub.py
  third_party: Update pam_wrapper to version 1.1.2
  gitlab-ci: Add ccache and wget
  gitlab-ci: Use a shared ccache for the runners
  gitlab-ci: Add coverity scan runner
  third_party: Update nss_wrapper to version 1.1.11
  s3:libads: Fix ads_get_upn()
  testprogs: Add 'net ads join createupn' test also verifying the keytab
  s4:samdb: Do not create WDdigests for HTTP if weak crypto is disabled
  s4:tls: Fix generating TLS RSA certs with FIPS140-2
  selftest: Add an ad_dc_fips environment
  selftest: Pass extra_provision_options to provision_raw_prepare()
  selftest: Pass force_fips_mode to provision_ad_dc()
  selftest: Pass force_fips to provision()
  selftest: Pass force_fips_mode to provision_raw_prepare()
  selftest: Start ad_dc_fips with forced fips mode
  tests: Add test to check the server doesn't allow NTLM
  selftest: Force fips mode for openssl in ad_dc_fips
  gitlab-ci: Add runner for fips compliance testing
  docs-xml: Fix usernames in pam_winbind manpages
  s4:torture: Print account and authority name
  testprogs: Add client kerberos test
  testprogs: Add 'net ads join' test for fips
  lib:util: Add path_expand_tilde()
  lib:util: Add test for path_expand_tilde()
  s3:gencache: Allow to open gencache as read-only
  selftest: Use Kerberos to join an ad_member
  selftest: Split out a provision_ad_member() function
  selftest: Add force_fips_mode support to provision_ad_member()
  selftest: Add ad_member_fips target
  selftest: Run some tests against ad_member_fips
  autobuild: Add ad_member_fips target
  autobuild: Use sane random sleep values for samba-admem-mit
  gitlab-ci: Add new runner for samba-admem-fips
  gitlab-ci: Create a single samba-fips runner
  s3:rpcclient: Rename creds to trust_creds
  talloc: Mark ptr of talloc_unlink() not as a tainted scalar
  Revert "s3:libsmb: add a cache for cli_session_creds_prepare_krb5()"
  s3:rpc_server: Pass a pointer to add_filemeta()
  s3:lib: Avoid a NULL pointer deref on log level 10
  s3:notifyd: Check return value of lp_load_initial_only()
  s3:samr: Add missing NULL pointer check
  s3:rpc_server: Check return code of set_blocking()
  s3:locking: Remove dead code
  s4:torture: Make sure that ctx is initialized to NULL
  s3:smbd: Fix a possibile null pointer dereference
  s3:lib: Make sure that have_rsrc is initialized
  s3:lib:tls: Use better priority lists for modern GnuTLS
  python: Run cmdline tools for default docs test in parallel
  python: Run cmdline tools for arbitary docs test in parallel
  python: Fix get_max_worker_count() to always have two runners
  bootstrap: Add back quota-devel on Cen

[SCM] Samba Shared Repository - annotated tag v4-13-stable created

[Stefan Metzmacher]

The annotated tag, v4-13-stable has been created
at  a0f16d24071deb61e20deb6dac0b878b4761fca4 (tag)
   tagging  8c86998910d0520a09dee729c2892f26dccc4b65 (commit)
  replaces  ldb-2.1.1
 tagged by  Karolin Seeger
on  Thu Jul 9 10:56:07 2020 +0200

- Log -
samba: tag release samba-4.13.0rc1
-BEGIN PGP SIGNATURE-

iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCXwbbpwAKCRBvM5FbZWi3
6qCzAJ0WXcHsrf5LzCZot34Ec0Y0AsqQ+gCgs8OAJjX86U5BHsBG3f7c2jbul9k=
=Km5z
-END PGP SIGNATURE-

Alexander Bokovoy (4):
  s3: pass DCE RPC handle type to create_policy_hnd
  s3 rpc server: set on-wire handle type explicitly
  lib/ldb: add unit test for ldb_ldap internal code
  ldb_ldap: fix off-by-one increment in lldb_add_msg_attr

Amit Kumar (2):
  Add a test for smbclient -l basename
  lib:util: Fix smbclient -l basename dir

Amitay Isaacs (8):
  ctdb-recovery: Fetched vnnmap is never used, so don't fetch it
  ctdb-recovery: Consolidate node state
  ctdb-recovery: Don't trust nodemap obtained from local node
  ctdb-recovery: Refactor banning a node into separate computation
  lib/messaging: Move messages_dgm out of source3
  wscript_build: Remove duplicate recursion in source4/smbd
  lib/util: Build genrand for util core
  ctdb-build: Add messages_dgm build to ctdb

Andreas Schneider (69):
  autobuild: Run the none env in the samba-o3 build
  selftest: Set KRB5RCACHETYPE to none for selftest
  lib:crypto: Add samba_gnutls_weak_crypto()
  s3:utils: Add weak crypto information to testparm
  lib:param: Add lp(cfg)_weak_crypto()
  gensec: Add a check if a gensec module implements weak crypto
  auth:ntlmssp: Mark as weak_crypto
  waf: Check if GnuTLS has support for crypto policies
  tests: Add test for weak crypto
  bootstrap: Add podman command to readme
  third_party: Update nss_wrapper to version 1.1.10
  gitlab-ci: Remove Fedora 29 which is already EOL
  gitlab-ci: Remove Fedora 30
  gitlab-ci: Add Fedora 32 (Beta)
  selftest: Fix string compare in DnsHandler() of dns_hub.py
  third_party: Update pam_wrapper to version 1.1.2
  gitlab-ci: Add ccache and wget
  gitlab-ci: Use a shared ccache for the runners
  gitlab-ci: Add coverity scan runner
  third_party: Update nss_wrapper to version 1.1.11
  s3:libads: Fix ads_get_upn()
  testprogs: Add 'net ads join createupn' test also verifying the keytab
  s4:samdb: Do not create WDdigests for HTTP if weak crypto is disabled
  s4:tls: Fix generating TLS RSA certs with FIPS140-2
  selftest: Add an ad_dc_fips environment
  selftest: Pass extra_provision_options to provision_raw_prepare()
  selftest: Pass force_fips_mode to provision_ad_dc()
  selftest: Pass force_fips to provision()
  selftest: Pass force_fips_mode to provision_raw_prepare()
  selftest: Start ad_dc_fips with forced fips mode
  tests: Add test to check the server doesn't allow NTLM
  selftest: Force fips mode for openssl in ad_dc_fips
  gitlab-ci: Add runner for fips compliance testing
  docs-xml: Fix usernames in pam_winbind manpages
  s4:torture: Print account and authority name
  testprogs: Add client kerberos test
  testprogs: Add 'net ads join' test for fips
  lib:util: Add path_expand_tilde()
  lib:util: Add test for path_expand_tilde()
  s3:gencache: Allow to open gencache as read-only
  selftest: Use Kerberos to join an ad_member
  selftest: Split out a provision_ad_member() function
  selftest: Add force_fips_mode support to provision_ad_member()
  selftest: Add ad_member_fips target
  selftest: Run some tests against ad_member_fips
  autobuild: Add ad_member_fips target
  autobuild: Use sane random sleep values for samba-admem-mit
  gitlab-ci: Add new runner for samba-admem-fips
  gitlab-ci: Create a single samba-fips runner
  s3:rpcclient: Rename creds to trust_creds
  talloc: Mark ptr of talloc_unlink() not as a tainted scalar
  Revert "s3:libsmb: add a cache for cli_session_creds_prepare_krb5()"
  s3:rpc_server: Pass a pointer to add_filemeta()
  s3:lib: Avoid a NULL pointer deref on log level 10
  s3:notifyd: Check return value of lp_load_initial_only()
  s3:samr: Add missing NULL pointer check
  s3:rpc_server: Check return code of set_blocking()
  s3:locking: Remove dead code
  s4:torture: Make sure that ctx is initialized to NULL
  s3:smbd: Fix a possibile null pointer dereference
  s3:lib: Make sure that have_rsrc is initialized
  s3:lib:tls: Use better priority lists for modern GnuTLS
  python: Run cmdline tools for default docs test in parallel
  python: Run cmdline tools for arbitary docs test in parallel
  python: Fix get_max_worker_count() to always have two runners
  bootstrap: Add back quota-devel on C

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  3afdf2a8618 s3:smbd: skip ctdb public ips in 
fsctl_network_iface_info()
   via  79eaa196dc8 s3:smbd: disconnect the all client connections if a 
ctdb public ip dropped
   via  af51b75c611 s3:smbd: make smbXsrv_client_connection_pass_loop() 
more robust
   via  ab14a0d1624 s3:smbd: make sure 
smbXsrv_connection_disconnect_transport() closes the socket fd
   via  ecef3fe077d s3:smbd: make sure we detect stale smbXsrv_connection 
pointers in smbXsrv_session_auth0
   via  876a84493bb s3:smbd: fill in xconn->client early in 
smbd_add_connection()
   via  dbe27672131 s3:smbd: handle NETWORK_ACCESS_DENIED in 
smbXsrv_client_connection_pass_loop()
   via  ad3c5c1a626 s3:smbd: consistently use DLIST_ADD* to fill 
client->connections in smbd_add_connection()
   via  4d924528905 s3:ctdbd_conn: add ctdbd_control_get_public_ips() and 
ctdbd_find_in_public_ips()
   via  57515a43fbd s3:ctdbd_conn: make use of samba_sockaddr in 
ctdbd_connect()
   via  ba66abef888 s3:ctdbd_conn: make use of ctdbd_control_local() in 
ctdbd_register_ips()
   via  883657a7cfe selftest/Samba3: make use of 'smbd:FSCTL_SMBTORTURE = 
yes'
   via  bd1285d40d0 s3:smbd: implement 
FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
   via  88b0da10627 s3:smbd: make use of the new ack infrastructure for 
oplock/lease breaks
   via  8b8c5c4154f s3:smbd: force multi-channel to be turned off without 
FreeBSD/Linux support
   via  3cd775af053 s3:smbd: add infrastructure to wait for TCP acks
   via  557adf8 s3:smbd: add logic to retry break notifications on all 
available channels
   via  bc10e5039a9 docs-xml/smbdotconf: add "smb2 disable oplock break 
retry"
   via  4230bcdf7e0 s3:smbd: convert smbd_smb2_send_break() into async 
smbd_smb2_break_send/recv()
   via  37c52c2d498 s3:smbd: add smbd_smb2_send_queue.sendfile_body_size
   via  61b9418784f s3:smbd: introduce smbXsrv_pending_break infrastructure
   via  36812aadbd8 s3:smbd: avoid dereferencing client->connections
   via  c66110cf337 s3:smbd: setup client->global->client_guid even without 
multichannel support
   via  66c0888d2e9 s3:smbd: pass down smbXsrv_client to 
smbd_smb2_send_{oplock,lease}_break()
   via  42497b86399 s3:smbd: pass smbXsrv_client to downgrade_lease()
   via  54bd3a46c84 s3:smbd: add smbd_server_disconnect_client[_ex]()
   via  60d7f059a40 s3:smbd: remove unused session,tcon parameters from 
smbd_smb2_send_oplock_break()
   via  a1e5b8c77c1 s3:smbd: pass down session_id to smbd_smb2_send_break()
   via  acf80fd9437 s3:smbd: remove dead code from smbd_smb2_send_break()
   via  5ad618bc67a s4:torture/smb2: add 
smb2.multichannel.oplocks.test3{_windows,specification}
   via  5bb9da8cd78 s4:torture/smb2: (re-)add smb2.multichannel.leases.test4
   via  2da65bed806 s4:torture/smb2: remove useless 
'smb2.multichannel.leases.test4'
   via  f92f24ee266 s4:torture/smb2: fix smb2.multichannel.leases.test2 
against windows
   via  31e2b7f04ba s4:torture/smb2: split smb2.oplock.batch22 into a and b
   via  3d7f81979c2 s4:torture/smb2: move smb2_transport blocking to the 
generic block.[ch]
   via  68a351b7620 s4:torture/smb2: make use of 
FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
   via  8c7bb245ff8 s4:torture/smb2: refactor block.c to block the OUTPUT 
path
   via  a52e7114df6 s4:torture/smb2: add break_info.oplock_skip_ack
   via  2181f728edf s4:torture/smb2: move interface_info test to 
smb2.multichannel.generic
   via  3559a1df9bc s4:torture/smb2: make use of 
transport_options.only_negprot for multichannel connections
   via  d2b8274438f s4:torture/smb2: simplify code to generate list of smb2 
channels
   via  5451882004c s4:torture/smb2: add const to options for 
test_multichannel_create_channel()
   via  ce7eaca7353 s4:libcli/smb2: add const to struct smbcli_options 
*options for smb2_connect()
   via  7d06874478e s4:libcli/smb2: allow smb2_connect*() to fake session 
and tcon
   via  fe6a6ec4d48 s4:param: use struct initializer in 
lpcfg_smbcli_session_options()
   via  9f3ab6a113d s4:param: use struct initializer in 
lpcfg_smbcli_options()
   via  0d2566210a8 libcli/smb: define 
FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
   via  816528923e9 s3:includes: change OPLOCK_BREAK_TIMEOUT from 30 to 35 
seconds
   via  bd71d2d92c2 lib/util: allow to set TCP_USER_TIMEOUT socket option
  from  4faab2a77a6 s3:dbwrap_watch: avoid recursion into 
dbwrap_do_locked() from dbwrap_watched_do_locked_{storev,delete}()

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 3afdf2a8618ef9ca7cfba279e87ab59c8ae3d662
Author: Stefan Metzmacher 
Date:   Thu Jun 25 15:32:11 2020 +0200

s3:smbd: skip ctdb public ips in fsctl_network_iface_info()

  

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  31d187be0f4 s4:selftest: test for smbtorture subunit names with and 
without --fullname
   via  32f05b05ac9 s4:torture/local: Add new test to check smbtorture 
--fullname
   via  8902eb82d98 s4:torture: Add command line parameter --fullname
   via  4e39e43730c s4:torture: avoid multiple recursions into the test 
lists
   via  9025192333e s4:torture: use prefix_name() for all names in 
run_matching()
   via  0e0d89b55cd lib/torture: fix subunit names of nested suites
   via  a4a6c03bf84 lib/torture: add back links to the parent objects
   via  f6eb56bff29 lib/torture: make torture_subunit_test_name() public
   via  b7832c2c80b selftest/Samba4: split out _setup_ad_dc()
  from  2a7317e0b25 s3:wscript: vfs_gpfs needs kernel oplock support

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 31d187be0f45737d3996a1e843de98f92953c305
Author: Sachin Prabhu 
Date:   Fri Jun 26 16:35:38 2020 +

s4:selftest: test for smbtorture subunit names with and without --fullname

We check the output with both --fullname and with the default shortname
to ensure it works as expected.

We also do tests for each level and test relative names are used.

Pair-Programmed-With: Stefan Metzmacher 

Signed-off-by: Sachin Prabhu 
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

Autobuild-User((no branch)): Stefan Metzmacher 
Autobuild-Date((no branch)): Tue Jul  7 12:16:34 UTC 2020 on sn-devel-184

commit 32f05b05ac9b39cd205daf0a9b93821f93636a5d
Author: Sachin Prabhu 
Date:   Thu Jun 25 18:02:28 2020 +0100

s4:torture/local: Add new test to check smbtorture --fullname

Add new always pass test to test smbtorture --fullname.

Since we test the printing of the fullname of the test, the test is
placed at the bottom of several levels of test suites.

test : local.smbtorture.level1.level2.level3.always_pass

Signed-off-by: Sachin Prabhu 
Reviewed-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

commit 8902eb82d981e07812134285e199b47b22acd815
Author: Sachin Prabhu 
Date:   Fri Jul 3 14:17:43 2020 +0200

s4:torture: Add command line parameter --fullname

This argument is used to print out the the full name which includes the
name of the test suite.

For example, the name in the output for the test smb2.read.dir is "dir".
By using the --fullname parameter, the name used will be
"smb2.read.dir".

The default continues to be to use the shortname.

Pair-Programmed-With: Stefan Metzmacher 

Signed-off-by: Sachin Prabhu 
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

commit 4e39e43730ceaf79b5927f542ccd2f31c66ffb28
Author: Stefan Metzmacher 
Date:   Fri Jul 3 15:58:38 2020 +0200

s4:torture: avoid multiple recursions into the test lists

torture_run_suite_restricted() and torture_run_tcase_restricted()
already handle recursion. If we call them from smbtorture
we should avoid our own recursion.

Without this passing 'smb2.multichannel.*' results in running
tests more than once.
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

commit 9025192333e391a2b8cde7d3e75077f5830b2731
Author: Stefan Metzmacher 
Date:   Fri Jul 3 15:53:18 2020 +0200

s4:torture: use prefix_name() for all names in run_matching()
    
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

commit 0e0d89b55cd3fa348af609fb33828a35d4affca1
Author: Stefan Metzmacher 
Date:   Fri Jul 3 15:40:31 2020 +0200

lib/torture: fix subunit names of nested suites

E.g. passing 'smb2.multichannel.generic' to smbtorture results in

- interface_info
- num_channels

While passing 'smb2.multichannel' to smbtorture results in:

- generic.interface_info
- genetic.num_channels
- oplocks.test1
...
- leases.test1
...

Before we got this:

- interface_info
- num_channels
- test1
...
- test1

That made it impossible to add knownfail entries for

leases.test1 vs. oplocks.test1

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

commit a4a6c03bf8448923525a4997e4a7a3bd1f29c70f
Author: Stefan Metzmacher 
Date:   Fri Jul 3 15:37:25 2020 +0200

lib/torture: add back links to the parent objects

This makes would allow the full name of a test to be constructed
if needed in future.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

commit f6eb56bff29f73732048b31b4caa4138ada0e100
Author: Stefan Metzmacher 
Date:   Fri Jul 3 14:41:16 2020 +0200

lib/torture: make torture_subunit_test_name() public

This makes i

[SCM] Samba Shared Repository - branch master updated

[Stefan Metzmacher]

The branch, master has been updated
   via  2a7317e0b25 s3:wscript: vfs_gpfs needs kernel oplock support
  from  58adf349edf s3:smbd: check for stale pid in delay_for_oplock_fn() 
when leases_db_get() fails

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 2a7317e0b25ff231951b960e8f0a835d4bb724e7
Author: Stefan Metzmacher 
Date:   Fri May 29 01:39:00 2020 -0700

s3:wscript: vfs_gpfs needs kernel oplock support

It uses symbols, which are only available if we have
HAVE_KERNEL_OPLOCKS_LINUX defined.

This is not the case when building withing the
Windows Subsystem for Liux (WSL). So we better don't try to
build the vfs_gpfs module there.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Tue Jul  7 09:37:37 UTC 2020 on sn-devel-184

---

Summary of changes:
 source3/wscript | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/source3/wscript b/source3/wscript
index 2a341df7c3e..5e94c6f6c71 100644
--- a/source3/wscript
+++ b/source3/wscript
@@ -1999,7 +1999,7 @@ main() {
 if conf.CONFIG_SET('DARWINOS'):
 default_static_modules.extend(TO_LIST('charset_macosxfs'))
 
-if conf.CONFIG_SET('HAVE_GPFS'):
+if conf.CONFIG_SET('HAVE_GPFS') and 
conf.CONFIG_SET('HAVE_KERNEL_OPLOCKS_LINUX'):
 default_shared_modules.extend(TO_LIST('vfs_gpfs'))
 
 if (conf.CONFIG_SET('HAVE_LINUX_IOCTL')


-- 
Samba Shared Repository