[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2ff3b9bc0d2 smbd: remove just created sharemode entry in the error codepaths via a91457f97c9 smbd: consolidate DH reconnect failure code via 14875448ca0 s3:tests: let test_durable_handle_reconnect.sh run smb2.durable-v2-regressions.durable_v2_reconnect_bug15624 via ef4ef04e7f8 s4:torture/smb2: add smb2.durable-v2-regressions.durable_v2_reconnect_bug15624 via 692ed832dff vfs_error_inject: add 'error_inject:durable_reconnect = st_ex_nlink' via 90d776cb183 smbd: add option "smbd:debug events" for tevent handling duration threshold warnings via 679e12aee2f smbd: move trace_state variable behind tv variable via d8613d7ee23 smbd: add option "smbd lease break:debug hung procs" via b45e78871aa smbd: log share_mode_watch_recv() errors as errors via 7add7dbf1ae s3/lib: add option "serverid watch:debug script" via 5c57e840527 s3/lib: add option "serverid watch:debug = yes" to print kernel stack of hanging process via d76edcd4843 s3/lib: add next helper variable in server_id_watch_* from a14320461e3 s4:lib/messaging: fix interaction between imessaging_reinit and irpc_destructor https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2ff3b9bc0d254a63a913ff9084de3d794fee27d0 Author: Ralph Boehme Date: Tue Apr 9 14:53:32 2024 +0200 smbd: remove just created sharemode entry in the error codepaths Without this we leave stale sharemode entries around that can lead to all sorts of havoc. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624 Signed-off-by: Ralph Boehme Reviewed-by: Stefan Metzmacher Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Sep 19 19:36:19 UTC 2024 on atb-devel-224 commit a91457f97c98fcec1ed062514c364271af1df669 Author: Ralph Boehme Date: Tue Apr 9 14:52:44 2024 +0200 smbd: consolidate DH reconnect failure code No change in behaviour, except that we now also call fd_close() if vfs_default_durable_cookie() failed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624 Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Ralph Boehme Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 14875448ca06a3a28800343a3a326f1a66bccec0 Author: Stefan Metzmacher Date: Mon Aug 26 14:42:12 2024 +0200 s3:tests: let test_durable_handle_reconnect.sh run smb2.durable-v2-regressions.durable_v2_reconnect_bug15624 This demonstrates the dead lock after a durable reconnect failed because the stat info changed, the file can't be accessed anymore as we leak the incomplete share mode entry in a still running process. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit ef4ef04e7f83b1029446ff8b5fc5fdf4ab33edbd Author: Stefan Metzmacher Date: Mon Aug 26 14:42:02 2024 +0200 s4:torture/smb2: add smb2.durable-v2-regressions.durable_v2_reconnect_bug15624 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 692ed832dfff61ad1c9b646b5c8d6f85f25efb99 Author: Stefan Metzmacher Date: Mon Aug 26 14:11:02 2024 +0200 vfs_error_inject: add 'error_inject:durable_reconnect = st_ex_nlink' This allows to simulate durable reconnect failures because the stat information of the file changed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 90d776cb18395ed804f0ab4fd13ef571fc0ad827 Author: Ralph Boehme Date: Wed Mar 20 14:28:43 2024 +0100 smbd: add option "smbd:debug events" for tevent handling duration threshold warnings Can be used to enable printing an error message if tevent event handlers ran longer then three seconds. Also logs a message with a loglevel of 3 if there were no events at hall. Enabled by default with 'log level = 10' or 'smbd profiling level = on'... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624 Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Ralph Boehme Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 679e12aee2f0c283a6f9b9c6008c549a6ca9633e Author: Ralph Boehme Date: Wed Mar 20 14:27:27 2024 +0100 smbd: move trace_state variable behind tv variable Next commit adds timestamp variables to trace_state that want to be initialized with the current time, so moving behind tv we can then just reuse tv for that. BUG: https:/
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0cedd74e47a vfs_ceph_new: implement DFS hooks using libcephfs low-level APIs from ae3bb10905f libndr: Apply endianness flags to subndr https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0cedd74e47ab919528420761a5bd2acb198f084c Author: Shachar Sharon Date: Mon Aug 12 14:45:53 2024 +0300 vfs_ceph_new: implement DFS hooks using libcephfs low-level APIs Refactor the VFS hooks 'create_dfs_pathat_fn' and 'read_dfs_pathat_fn' in 'vfs_ceph_new.c' to use libcephfs low-level APIs: instead of using path-based operations (as done in legacy 'vfs_ceph.c') use inode based operations to create and read msdfs symbolic-links values. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15703 Signed-off-by: Shachar Sharon Reviewed-by: Anoop C S Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Sep 11 19:09:41 UTC 2024 on atb-devel-224 --- Summary of changes: source3/modules/vfs_ceph_new.c | 257 - 1 file changed, 126 insertions(+), 131 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_ceph_new.c b/source3/modules/vfs_ceph_new.c index 1e4c3efeb23..389113b5bd3 100644 --- a/source3/modules/vfs_ceph_new.c +++ b/source3/modules/vfs_ceph_new.c @@ -757,12 +757,13 @@ static int vfs_ceph_ll_lookup(const struct vfs_handle_struct *handle, return 0; } -static int vfs_ceph_ll_lookupat(const struct vfs_handle_struct *handle, - const struct vfs_ceph_fh *parent_fh, - const char *name, - struct vfs_ceph_iref *iref) +static int vfs_ceph_ll_lookup2(const struct vfs_handle_struct *handle, + const struct vfs_ceph_fh *parent_fh, + const char *name, + unsigned want, + struct vfs_ceph_iref *iref, + struct ceph_statx *stx) { - struct ceph_statx stx = {.stx_ino = 0}; struct Inode *inode = NULL; int ret = -1; @@ -773,19 +774,55 @@ static int vfs_ceph_ll_lookupat(const struct vfs_handle_struct *handle, parent_fh->iref.inode, name, &inode, -&stx, -CEPH_STATX_INO, +stx, +want | CEPH_STATX_INO, 0, parent_fh->uperm); if (ret != 0) { return ret; } iref->inode = inode; - iref->ino = stx.stx_ino; + iref->ino = stx->stx_ino; iref->owner = true; return 0; } +static int vfs_ceph_ll_lookupat(const struct vfs_handle_struct *handle, + const struct vfs_ceph_fh *parent_fh, + const char *name, + struct vfs_ceph_iref *iref) +{ + struct ceph_statx stx = {.stx_ino = 0}; + + return vfs_ceph_ll_lookup2(handle, + parent_fh, + name, + CEPH_STATX_INO, + iref, + &stx); +} + +static int vfs_ceph_ll_lookupat2(const struct vfs_handle_struct *handle, +const struct vfs_ceph_fh *parent_fh, +const char *name, +struct vfs_ceph_iref *iref, +SMB_STRUCT_STAT *st) +{ + struct ceph_statx stx = {.stx_ino = 0}; + int ret; + + ret = vfs_ceph_ll_lookup2(handle, + parent_fh, + name, + CEPH_STATX_ALL_STATS, + iref, + &stx); + if (ret == 0) { + smb_stat_from_ceph_statx(st, &stx); + } + return ret; +} + static int vfs_ceph_ll_open(const struct vfs_handle_struct *handle, struct vfs_ceph_fh *cfh, int flags) @@ -1967,44 +2004,6 @@ static int vfs_ceph_fsync_recv(struct tevent_req *req, return 0; } -static void init_stat_ex_from_ceph_statx(struct stat_ex *dst, -const struct ceph_statx *stx) -{ - DBG_DEBUG("[CEPH]\tstx = {dev = %llx, ino = %llu, mode = 0x%x, " - "nlink = %llu, uid = %d, gid = %d, r
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 68f0835c8e1 docs-xml/manpages: 'ceph_new' prefix for config-param of vfs_ceph_new via aca4cf8327d vfs_ceph_new: use 'ceph_new' for config-param prefix from aa043a5808b vfs_ceph_new: handle errno properly for 'readdir' https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 68f0835c8e1c5029cd831c267b75c02185b206c7 Author: Shachar Sharon Date: Mon Aug 5 19:12:29 2024 +0300 docs-xml/manpages: 'ceph_new' prefix for config-param of vfs_ceph_new With 'ceph_new' prefix used by vfs_ceph_new for config parameters, update the relevant man-page accordingly. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686 Signed-off-by: Shachar Sharon Reviewed-by: Anoop C S Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Aug 8 13:54:34 UTC 2024 on atb-devel-224 commit aca4cf8327dcaef782dedd98a63a020469c45cdb Author: Shachar Sharon Date: Mon Aug 5 16:21:10 2024 +0300 vfs_ceph_new: use 'ceph_new' for config-param prefix Use explicit 'ceph_new' prefix to each of the ceph specific config parameters to avoid confusion with legacy 'vfs_ceph' module. Hence, users will have in their smb.conf a format similar to: ... [smbshare] vfs objects = ceph_new ceph_new: config_file = /etc/ceph/ceph.conf ceph_new: user_id = user1 ceph_new: filesystem = fs1 ... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686 Signed-off-by: Shachar Sharon Reviewed-by: Anoop C S Reviewed-by: Guenther Deschner --- Summary of changes: docs-xml/manpages/vfs_ceph_new.8.xml | 12 ++-- source3/modules/vfs_ceph_new.c | 13 +++-- 2 files changed, 13 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_ceph_new.8.xml b/docs-xml/manpages/vfs_ceph_new.8.xml index 7a65b965ce0..b0640a591a5 100644 --- a/docs-xml/manpages/vfs_ceph_new.8.xml +++ b/docs-xml/manpages/vfs_ceph_new.8.xml @@ -111,20 +111,20 @@ - ceph:config_file = path + ceph_new:config_file = path Allows one to define a ceph configfile to use. Empty by default. - Example: ceph:config_file = + Example: ceph_new:config_file = /etc/ceph/ceph.conf - ceph:user_id = name + ceph_new:user_id = name Allows one to explicitly set the client ID used for the @@ -132,13 +132,13 @@ client default). - Example: ceph:user_id = samba + Example: ceph_new:user_id = samba - ceph:filesystem = fs_name + ceph_new:filesystem = fs_name Allows one to explicitly select the CephFS file system @@ -147,7 +147,7 @@ system of the Ceph cluster). - Example: ceph:filesystem = myfs2 + Example: ceph_new:filesystem = myfs2 diff --git a/source3/modules/vfs_ceph_new.c b/source3/modules/vfs_ceph_new.c index cf7e6b121db..25e78444fb5 100644 --- a/source3/modules/vfs_ceph_new.c +++ b/source3/modules/vfs_ceph_new.c @@ -159,10 +159,11 @@ static int cephmount_cache_remove(struct cephmount_cached *entry) static char *cephmount_get_cookie(TALLOC_CTX * mem_ctx, const int snum) { const char *conf_file = - lp_parm_const_string(snum, "ceph", "config_file", "."); - const char *user_id = lp_parm_const_string(snum, "ceph", "user_id", ""); + lp_parm_const_string(snum, "ceph_new", "config_file", "."); + const char *user_id = + lp_parm_const_string(snum, "ceph_new", "user_id", ""); const char *fsname = - lp_parm_const_string(snum, "ceph", "filesystem", ""); + lp_parm_const_string(snum, "ceph_new", "filesystem", ""); return talloc_asprintf(mem_ctx, "(%s/%s/%s)", conf_file, user_id, fsname); } @@ -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via aa043a5808b vfs_ceph_new: handle errno properly for 'readdir' via a7f4e2bd47c vfs_ceph{_new}: do not set errno upon successful call to libcephfs from c0d0767a3ab script/autobuild.py: do some basic testing using --without-winbind https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit aa043a5808b73fc272de585c1446372fa3f21d08 Author: Shachar Sharon Date: Tue Jul 30 17:36:09 2024 +0300 vfs_ceph_new: handle errno properly for 'readdir' Take special care for readdir errno setting: in case of error, update errno by libcephfs (and protect from possible over-write by debug logging); in the case of successful result or end-of-stream restore errno to its previous value before calling the readdir_fn VFS hook. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686 Signed-off-by: Shachar Sharon Reviewed-by: Guenther Deschner Reviewed-by: Anoop C S Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Aug 7 14:20:02 UTC 2024 on atb-devel-224 commit a7f4e2bd47c7f4728f3ac8d90af693156a69c557 Author: Shachar Sharon Date: Tue Jul 30 09:55:44 2024 +0300 vfs_ceph{_new}: do not set errno upon successful call to libcephfs There is code in Samba that expects errno from a previous system call to be preserved through a subsequent system call. Thus, avoid setting "errno = 0" in status_code() and lstatus_code() upon successful return from libcephfs API call. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686 Signed-off-by: Shachar Sharon Reviewed-by: Guenther Deschner Reviewed-by: Anoop C S --- Summary of changes: source3/modules/vfs_ceph.c | 2 -- source3/modules/vfs_ceph_new.c | 15 +++ 2 files changed, 7 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c index 1dd136e569b..fd450af16c2 100644 --- a/source3/modules/vfs_ceph.c +++ b/source3/modules/vfs_ceph.c @@ -66,7 +66,6 @@ static inline int status_code(int ret) errno = -ret; return -1; } - errno = 0; return ret; } @@ -76,7 +75,6 @@ static inline ssize_t lstatus_code(intmax_t ret) errno = -((int)ret); return -1; } - errno = 0; return (ssize_t)ret; } diff --git a/source3/modules/vfs_ceph_new.c b/source3/modules/vfs_ceph_new.c index 99d4a1fe407..cf7e6b121db 100644 --- a/source3/modules/vfs_ceph_new.c +++ b/source3/modules/vfs_ceph_new.c @@ -66,7 +66,6 @@ static int status_code(int ret) errno = -ret; return -1; } - errno = 0; return ret; } @@ -76,7 +75,6 @@ static ssize_t lstatus_code(intmax_t ret) errno = -((int)ret); return -1; } - errno = 0; return (ssize_t)ret; } @@ -1484,19 +1482,20 @@ static struct dirent *vfs_ceph_readdir(struct vfs_handle_struct *handle, { const struct vfs_ceph_fh *dircfh = (const struct vfs_ceph_fh *)dirp; struct dirent *result = NULL; - int errval = 0; + int saved_errno = errno; DBG_DEBUG("[CEPH] readdir(%p, %p)\n", handle, dirp); + errno = 0; result = vfs_ceph_ll_readdir(handle, dircfh); - errval = errno; - if ((result == NULL) && (errval != 0)) { - DBG_DEBUG("[CEPH] readdir(...) = %d\n", errval); + if ((result == NULL) && (errno != 0)) { + saved_errno = errno; + DBG_DEBUG("[CEPH] readdir(...) = %d\n", errno); } else { DBG_DEBUG("[CEPH] readdir(...) = %p\n", result); } - /* re-assign errno to avoid possible over-write by DBG_DEBUG */ - errno = errval; + + errno = saved_errno; return result; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3bb6d441bf0 vfs_ceph_new: common prefix to debug-log messages via d00f20f30f4 vfs_ceph_new: debug-log upon libcephfs low-level calls via 0a8445e891c vfs_ceph_new: use low-level APIs for xattr ops via e714e5ddc50 vfs_ceph_new: use low-level APIs for mknodat via 83011357fb8 vfs_ceph_new: use low-level APIs for renameat via 9a70bd60672 vfs_ceph_new: use low-level APIs for linkat via b536bf1fa87 vfs_ceph_new: use low-level APIs for ftruncate/fallocate via e15586fc609 vfs_ceph_new: use low-level APIs for fsync via 30c1a613fee vfs_ceph_new: use low-level APIs for lseek via 29bbe0f52d4 vfs_ceph_new: use low-level APIs for read/write via 53c9269b219 vfs_ceph_new: use low-level APIs for symlink/readlink via 362a7cf8664 vfs_ceph_new: use low-level APIs for unlinkat via 20b7d2bfe06 vfs_ceph_new: use low-level APIs for fntimes via cb14d3630d8 vfs_ceph_new: use low-level APIs for fchown/fchmod via 24a3423949e vfs_ceph_new: proper error handling to readdir via 99c7179e5da vfs_ceph_new: use low-level APIs for readdir ops via bd955af86e7 vfs_ceph_new: use low-level APIs for mkdirat via a8a7339c6b7 vfs_ceph_new: use low-level APIs for fdopendir via 13671cefffb vfs_ceph_new: use low-level APIs for fstatat via f16183f90ab vfs_ceph_new: use low-level APIs for fstat via 49167684645 vfs_ceph_new: use low-level APIs for open/close via 31085c7efc3 vfs_ceph_new: ref cephmount_cached entry in handle->data via beb21324c9a vfs_ceph_new: use low-level APIs for lchown via 47224fbdeb5 vfs_ceph_new: use low-level APIs for statfs via 93d786b1435 vfs_ceph_new: use low-level APIs for lstat via 1b78d79663c vfs_ceph_new: use low-level APIs for stat via 192b0cf8717 vfs_ceph_new: use low-level APIs for disk_free via 3720452720b vfs_ceph_new: next iteration of samba-to-cephfs bridge from dbc5b73d860 ldb: change the version to 2.11.0 for Samba 4.22 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3bb6d441bf047bef6d95675057cecd3865a25540 Author: Shachar Sharon Date: Tue Jul 16 14:33:16 2024 +0300 vfs_ceph_new: common prefix to debug-log messages Keep logging consistent: add "[CEPH] " prefix to DBG_DEBUG log messages where missing. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686 Signed-off-by: Shachar Sharon Reviewed-by: Guenther Deschner Reviewed-by: Anoop C S Autobuild-User(master): Günther Deschner Autobuild-Date(master): Mon Jul 29 15:58:15 UTC 2024 on atb-devel-224 commit d00f20f30f4e77463e82d202099682b7ef68260f Author: Shachar Sharon Date: Wed Jun 26 17:24:37 2024 +0300 vfs_ceph_new: debug-log upon libcephfs low-level calls Add developer's debug-logging upon each call to libcephfs' low-level APIs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686 Signed-off-by: Shachar Sharon Reviewed-by: Guenther Deschner Reviewed-by: Anoop C S commit 0a8445e891c64d703d44258b2eef85296265c55f Author: Shachar Sharon Date: Sun Jun 23 14:57:10 2024 +0300 vfs_ceph_new: use low-level APIs for xattr ops Implement extended-attributes operations using libcephfs' low-level APIs. Whenever possible, use the open file-handle from fsp-extension to resolve inode-reference and user-permissions. Otherwise, resolve both on-the-fly. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686 Signed-off-by: Shachar Sharon Reviewed-by: Guenther Deschner Reviewed-by: Anoop C S commit e714e5ddc50a771e743f5e63f686c106abe33b75 Author: Shachar Sharon Date: Sun Jun 23 13:08:25 2024 +0300 vfs_ceph_new: use low-level APIs for mknodat Implement mknodat operations using libcephfs' low-level APIs. Requires parent directory to have valid inode-ref associated with its fsp extension. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686 Signed-off-by: Shachar Sharon Reviewed-by: Guenther Deschner Reviewed-by: Anoop C S commit 83011357fb834e92505f17d6f65d5f32e3d37ec0 Author: Shachar Sharon Date: Sun Jun 23 12:47:19 2024 +0300 vfs_ceph_new: use low-level APIs for renameat Implement renameat operations using libcephfs' low-level APIs. Requires both directories to have valid inode-ref associated with their fsp extension. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686 Signed-off-by: Shachar Sharon Reviewed-by: Guenther Deschner Reviewed-by: Anoop C S commit 9a70bd606728110ad91cab547a4e31350010bb68 Author: Shachar Sharon Date: Thu Jun 20 22:46:52 2024 +0300 vfs_ceph_new: use low-level APIs for linkat
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8ba8fef8ac4 ctdb-tests: Correctly handle adding a deleted node at the end via 340563633ca ctdb-tests: Add more reloadnodes unit tests from 85d80240ec7 s4:torture: Do not set sr.in.info to info be we queried the info https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8ba8fef8ac4525d98fd2213ca57d9e983a045af6 Author: Martin Schwenke Date: Thu Jul 11 12:14:07 2024 +1000 ctdb-tests: Correctly handle adding a deleted node at the end The current fake_ctdbd code for reloading the nodes file overruns the allocation when adding a deleted node at the end. This is a very unlikely case, but it might as well work. Check the size of the internal node map when marking a node deleted. Also, update the code that adds a node to correctly set the deleted flag when appropriate. The included test case tests this. Signed-off-by: Martin Schwenke Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Jul 17 00:06:53 UTC 2024 on atb-devel-224 commit 340563633cab974f3b3420137fedf2dec85ca88c Author: Martin Schwenke Date: Sat Jun 22 14:54:53 2024 +1000 ctdb-tests: Add more reloadnodes unit tests There are no existing tests to exercise node IP address change detection. Signed-off-by: Martin Schwenke Reviewed-by: Guenther Deschner --- Summary of changes: reloadnodes.013.sh => ctdb.reloadnodes.030.sh} | 9 --- reloadnodes.017.sh => ctdb.reloadnodes.031.sh} | 7 +++--- reloadnodes.013.sh => ctdb.reloadnodes.032.sh} | 7 +++--- reloadnodes.013.sh => ctdb.reloadnodes.033.sh} | 13 +- reloadnodes.013.sh => ctdb.reloadnodes.034.sh} | 10 reloadnodes.017.sh => ctdb.reloadnodes.035.sh} | 11 + .../{ctdb.unban.003.sh => ctdb.reloadnodes.040.sh} | 15 +--- ctdb/tests/src/fake_ctdbd.c| 28 +- 8 files changed, 58 insertions(+), 42 deletions(-) copy ctdb/tests/UNIT/tool/{ctdb.reloadnodes.013.sh => ctdb.reloadnodes.030.sh} (68%) copy ctdb/tests/UNIT/tool/{ctdb.reloadnodes.017.sh => ctdb.reloadnodes.031.sh} (71%) copy ctdb/tests/UNIT/tool/{ctdb.reloadnodes.013.sh => ctdb.reloadnodes.032.sh} (71%) copy ctdb/tests/UNIT/tool/{ctdb.reloadnodes.013.sh => ctdb.reloadnodes.033.sh} (50%) copy ctdb/tests/UNIT/tool/{ctdb.reloadnodes.013.sh => ctdb.reloadnodes.034.sh} (60%) copy ctdb/tests/UNIT/tool/{ctdb.reloadnodes.017.sh => ctdb.reloadnodes.035.sh} (52%) copy ctdb/tests/UNIT/tool/{ctdb.unban.003.sh => ctdb.reloadnodes.040.sh} (60%) Changeset truncated at 500 lines: diff --git a/ctdb/tests/UNIT/tool/ctdb.reloadnodes.013.sh b/ctdb/tests/UNIT/tool/ctdb.reloadnodes.030.sh similarity index 68% copy from ctdb/tests/UNIT/tool/ctdb.reloadnodes.013.sh copy to ctdb/tests/UNIT/tool/ctdb.reloadnodes.030.sh index 1402b9dcb6d..ddf69b8ac9a 100755 --- a/ctdb/tests/UNIT/tool/ctdb.reloadnodes.013.sh +++ b/ctdb/tests/UNIT/tool/ctdb.reloadnodes.030.sh @@ -2,12 +2,12 @@ . "${TEST_SCRIPTS_DIR}/unit.sh" -define_test "3 nodes, delete connected last node" +define_test "3 nodes, 1st node changes IP address" setup_nodes <num; i++) { - struct node *node; + struct node *node = NULL; + ctdb_sock_addr zero = {}; + int ret; + + ret = ctdb_sock_addr_from_string("0.0.0.0", &zero, false); + if (ret != 0) { + /* Can't happen, but Coverity... */ + goto fail; + } if (i < node_map->num_nodes && ctdb_sock_addr_same(&nodemap->node[i].addr, @@ -2507,18 +2515,12 @@ static void control_reload_nodes_file(TALLOC_CTX *mem_ctx, continue; } - if (nodemap->node[i].flags & NODE_FLAGS_DELETED) { - int ret; - + if (i < node_map->num_nodes && + nodemap->node[i].flags & NODE_FLAGS_DELETED) { node = &node_map->node[i]; node->flags |= NODE_FLAGS_DELETED; - ret = ctdb_sock_addr_from_string("0.0.0.0", &node->addr, -false); - if (ret != 0) { - /* Can't happen, but Coverity... */ - goto fail; - } + node->addr = zero; continue; } @@ -2543,7 +2545,11 @@ static
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 85d80240ec7 s4:torture: Do not set sr.in.info to info be we queried the info via 8268b3efff9 lib:param: Add missing return code check via c3abd320e67 s3:services: Initialize struct security_ace array via bd5e095e278 s4:torture: Remove tailing spaces in forest_trust.c via f3da16937ae s3:modules: Make nread a size_t and check for possible overflow via a541a7d7168 s3:modules: Move chunk out of the loop via 862ba429f90 s3:modules: Rename thistime to chunk via 79d2dbc0571 libgpo: Initialize struct security_ace array via 03283dfae27 s4:torture: Initialize struct smb_nttrans via 7723353dae7 s4:torture: Remove tailing spaces in scanner.c via d003a171912 s4:torture: Initialize struct smb2_create via d21b8e057c8 lib:util: Move open() of /dev/null into the if-clause via ddadbddb401 libcli:nbt: Initialize struct nbt_name_register via ae47ec172fb s4:torture: Initialize union smb_open via 3aa6aa02a84 s4:torture: Initialize struct netr_IdentityInfo from a3856ee4dc8 python:tests: pass bytes.decode() instead of str(bytes) to assertMultiLineEqual() to get better failure output https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 85d80240ec73d5fddd2e254ee142d06fe096f133 Author: Andreas Schneider Date: Mon Jul 8 11:39:28 2024 +0200 s4:torture: Do not set sr.in.info to info be we queried the info `sr.in.info = info` is correctly set later after we called dcerpc_lsa_QueryTrustedDomainInfoByName_r() which filling the info pointer with data. "Error: UNINIT (CWE-457): samba-4.20.0rc2/source4/torture/rpc/forest_trust.c:211: var_decl: Declaring variable ""info"" without initializer. samba-4.20.0rc2/source4/torture/rpc/forest_trust.c:248: uninit_use: Using uninitialized value ""info"". 246| sr.in.trusted_domain = talloc_zero(tctx, struct lsa_String); 247| sr.in.trusted_domain->string = name; 248|->sr.in.info = info; 249| 250| for (c = 0; il[c].info_level != -1; c++) {" Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Jul 16 12:42:39 UTC 2024 on atb-devel-224 commit 8268b3efff9b0c8475df6a51451f0b4a399718b1 Author: Andreas Schneider Date: Mon Jul 8 12:26:47 2024 +0200 lib:param: Add missing return code check "Error: NEGATIVE_RETURNS (CWE-394): samba-4.20.0rc2/lib/param/loadparm.c:1275: negative_return_fn: Function ""lpcfg_map_parameter(""printing"")"" returns a negative number. samba-4.20.0rc2/lib/param/loadparm.c:1275: assign: Assigning: ""parm_num"" = ""lpcfg_map_parameter(""printing"")"". samba-4.20.0rc2/lib/param/loadparm.c:1278: negative_returns: Using variable ""parm_num"" as an index to array ""parm_table"". 1276| } 1277| 1278|->if (!lp_set_enum_parm(&parm_table[parm_num], pszParmValue, (int*)ptr)) { 1279| return false; 1280| }" Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit c3abd320e67f77d016d2e02da084c34615d1c7f9 Author: Andreas Schneider Date: Mon Jul 8 12:21:06 2024 +0200 s3:services: Initialize struct security_ace array Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit bd5e095e27824a4c8f68587ce3caadda0cbda6f2 Author: Andreas Schneider Date: Mon Jul 8 11:40:51 2024 +0200 s4:torture: Remove tailing spaces in forest_trust.c Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit f3da16937aecca2d8b8ddc8e37f1e9386c0f3367 Author: Andreas Schneider Date: Mon Jul 8 11:25:32 2024 +0200 s3:modules: Make nread a size_t and check for possible overflow "Error: INTEGER_OVERFLOW (CWE-190): samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: tainted_data_return: Called function ""read(sock_fd, namebuf + nread, talloc_get_size(namebuf) - nread)"", and a possible return value may be less than zero. samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: assign: Assigning: ""thistime"" = ""read(sock_fd, namebuf + nread, talloc_get_size(namebuf) - nread)"". samba-4.20.0rc2/source3/modules/vfs_preopen.c:221: overflow: The expression ""nread"" is considered to have possibly overflowed. samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: overflow: The expression ""talloc_get_size(namebuf) - nread"" is deemed overflowed because at least one o
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f0a8d832683 s4/torture: Fix misplaced positional arguments for u64 comparison from 0dec2ef188a Revert "token_util.c: prefer capabilities over become_root" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f0a8d832683afddfb6eb69e3bace19ec7aa2911c Author: Anoop C S Date: Wed Mar 27 10:45:08 2024 +0530 s4/torture: Fix misplaced positional arguments for u64 comparison torture_assert_u64_equal_goto() can only print meaningful error message for incorrect values if only if the function is invoked with test run value and expected value respectively as second and thrid arguments. Otherwise it displays the reversed message causing confusion in overall test results. Signed-off-by: Anoop C S Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Mar 27 13:00:29 UTC 2024 on atb-devel-224 --- Summary of changes: source4/torture/smb2/timestamps.c | 42 +++ 1 file changed, 21 insertions(+), 21 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/smb2/timestamps.c b/source4/torture/smb2/timestamps.c index 3d6d3d1a2fd..a9416481c61 100644 --- a/source4/torture/smb2/timestamps.c +++ b/source4/torture/smb2/timestamps.c @@ -163,18 +163,18 @@ static bool test_time_t(struct torture_context *tctx, nt_time_string(tctx, gi.basic_info.out.change_time)); torture_assert_u64_equal_goto(tctx, - nttime, gi.basic_info.out.create_time, + nttime, ret, done, "Wrong create time\n"); torture_assert_u64_equal_goto(tctx, - nttime, gi.basic_info.out.write_time, + nttime, ret, done, "Wrong write time\n"); torture_assert_u64_equal_goto(tctx, - nttime, gi.basic_info.out.change_time, + nttime, ret, done, "Wrong change time\n"); @@ -190,18 +190,18 @@ static bool test_time_t(struct torture_context *tctx, "smb2_find_level failed\n"); torture_assert_u64_equal_goto(tctx, - nttime, d[0].id_both_directory_info.create_time, + nttime, ret, done, "Wrong create time\n"); torture_assert_u64_equal_goto(tctx, - nttime, d[0].id_both_directory_info.write_time, + nttime, ret, done, "Wrong write time\n"); torture_assert_u64_equal_goto(tctx, - nttime, d[0].id_both_directory_info.change_time, + nttime, ret, done, "Wrong change time\n"); @@ -239,18 +239,18 @@ static bool test_time_t(struct torture_context *tctx, nt_time_string(tctx, gi.basic_info.out.change_time)); torture_assert_u64_equal_goto(tctx, - nttime, gi.basic_info.out.create_time, + nttime, ret, done, "Wrong create time\n"); torture_assert_u64_equal_goto(tctx, - nttime, gi.basic_info.out.write_time, + nttime, ret, done, "Wrong write time\n"); torture_assert_u64_equal_goto(tctx, - nttime, gi.basic_info.out.change_time, + nttime, ret, done, "Wrong change time\n"); @@ -267,18 +267,18 @@ static bo
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c97071726e1 packaging: Provide a systemd service file for samba-bgqd from 6ee3f809a54 s3/smbd: If we fail to close file_handle ensure we should reset the fd https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c97071726e163b40f0e391af70e81b3e6c1ab0eb Author: Andreas Schneider Date: Mon Mar 4 10:58:23 2024 +0100 packaging: Provide a systemd service file for samba-bgqd There might be scenarios where the background queue daemon should be running all the time instead of being started on demand. This makes especially sense for bigger printing servers with a lot of printers. It takes ~1 sec to get a printer from cups, so a print server with 100 printers needs 100 seconds to update the printer_list.tdb. The service will be killed because of idle in the meantime. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15600 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Mar 14 12:19:56 UTC 2024 on atb-devel-224 --- Summary of changes: packaging/systemd/{samba.service.in => samba-bgqd.service.in} | 9 - packaging/wscript_build | 3 ++- 2 files changed, 6 insertions(+), 6 deletions(-) copy packaging/systemd/{samba.service.in => samba-bgqd.service.in} (50%) Changeset truncated at 500 lines: diff --git a/packaging/systemd/samba.service.in b/packaging/systemd/samba-bgqd.service.in similarity index 50% copy from packaging/systemd/samba.service.in copy to packaging/systemd/samba-bgqd.service.in index e4baee1aeec..0254ebd59be 100644 --- a/packaging/systemd/samba.service.in +++ b/packaging/systemd/samba-bgqd.service.in @@ -1,17 +1,16 @@ [Unit] -Description=Samba AD Daemon -Documentation=man:samba(8) man:samba(7) man:smb.conf(5) +Description=Samba Background Queue Daemon for printing-related jobs +Documentation=man:samba-bgqd(8) man:smb.conf(5) Wants=network-online.target After=network.target network-online.target [Service] Type=notify -PIDFile=@PIDDIR@/samba.pid LimitNOFILE=16384 +PIDFile=@PIDDIR@/samba-bgqd.pid EnvironmentFile=-@SYSCONFDIR@/sysconfig/samba -ExecStart=@SBINDIR@/samba --foreground --no-process-group $SAMBAOPTIONS +ExecStart=@LIBEXECDIR@/samba/samba-bgqd --foreground --no-process-group $SAMBAOPTIONS ExecReload=/bin/kill -HUP $MAINPID -@systemd_samba_extra@ [Install] WantedBy=multi-user.target diff --git a/packaging/wscript_build b/packaging/wscript_build index 217bd996348..dc95bebf1c6 100644 --- a/packaging/wscript_build +++ b/packaging/wscript_build @@ -4,7 +4,8 @@ systemd_services = [ 'systemd/smb.service', 'systemd/nmb.service', 'systemd/winbind.service', -'systemd/samba.service' +'systemd/samba.service', +'systemd/samba-bgqd.service', ] for srv in systemd_services: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7a674ee9ffe docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}" via 32b84c5bce0 smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used via d8bfd73 smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run via 1d0938d6fe4 docs-xml: add details for 'net witness' via 7a23429ed6a s3:utils: fix help string for 'net witness force-response' via f1f68108cc3 ctdb/events: add 47.samba-dcerpcd.script via ff8f778e39a ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script from 0e17b9cb19a selftest: Fix code spelling https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7a674ee9ffeca047ceed7ac046db1b168d4025a6 Author: Stefan Metzmacher Date: Thu Feb 8 15:43:39 2024 +0100 docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}" BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Feb 13 21:06:24 UTC 2024 on atb-devel-224 commit 32b84c5bce00c4f91191596dc00d9824e82e0f24 Author: Stefan Metzmacher Date: Thu Feb 8 15:31:10 2024 +0100 smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit d8bfd737032c6a8623512fcb2cd01850628a Author: Stefan Metzmacher Date: Thu Feb 8 15:15:28 2024 +0100 smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run rpcd_witness needs ncacn_ip_tcp support and that's only available if samba-dcerpcd is not started on demand. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 1d0938d6fe46c06432ae5fda9e7491b908a9ac56 Author: Stefan Metzmacher Date: Thu Feb 8 14:25:05 2024 +0100 docs-xml: add details for 'net witness' BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 7a23429ed6a04bb14509758492bfaee5db6dbd0d Author: Stefan Metzmacher Date: Thu Feb 8 15:07:42 2024 +0100 s3:utils: fix help string for 'net witness force-response' BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit f1f68108cc303b92b8a88728d12c2b699fdfc731 Author: Stefan Metzmacher Date: Fri Feb 2 13:54:20 2024 +0100 ctdb/events: add 47.samba-dcerpcd.script If someone wants to enable the witness service samba-dcerpcd needs to be started as standalone service BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit ff8f778e39af563d97b1d38f89368a3c148532f2 Author: Stefan Metzmacher Date: Fri Feb 2 13:54:20 2024 +0100 ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script We can easily monitor if the service is running at all, that better than no monitoring at all... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner --- Summary of changes: ctdb/config/events/legacy/47.samba-dcerpcd.script | 66 +++ ctdb/config/events/legacy/48.netbios.script | 11 + docs-xml/manpages/net.8.xml | 567 ++ docs-xml/smbdotconf/protocol/smb3sharecaps.xml| 202 source3/smbd/smb2_tcon.c | 20 +- source3/utils/net_witness.c | 2 +- 6 files changed, 860 insertions(+), 8 deletions(-) create mode 100755 ctdb/config/events/legacy/47.samba-dcerpcd.script create mode 100644 docs-xml/smbdotconf/protocol/smb3sharecaps.xml Changeset truncated at 500 lines: diff --git a/ctdb/config/events/legacy/47.samba-dcerpcd.script b/ctdb/config/events/legacy/47.samba-dcerpcd.script new file mode 100755 index 000..9492d553a62 --- /dev/null +++ b/ctdb/config/events/legacy/47.samba-dcerpcd.script @@ -0,0 +1,66 @@ +#!/bin/sh +# ctdb event script for SAMBA DCERPCD Services + +[ -n "$CTDB_BASE" ] || \ + CTDB_BASE=$(d=$(dirname "$0") && cd -P "$d" && dirname "$PWD") + +. "${CTDB_BASE}/functions" + +detect_init_style + +case $CTDB_INIT_STYLE in + *) + # di
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6e6d8384f36 vfs_ceph: Use ceph_fdopendir() when available for SMB_VFS_FDOPENDIR from 447e131ebf2 smb2_tcon: add "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}" options https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6e6d8384f369e2b850921c7b4d54742f501c115c Author: Anoop C S Date: Tue Jan 16 11:47:27 2024 +0530 vfs_ceph: Use ceph_fdopendir() when available for SMB_VFS_FDOPENDIR Signed-off-by: Anoop C S Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Sat Jan 27 00:01:12 UTC 2024 on atb-devel-224 --- Summary of changes: source3/modules/vfs_ceph.c | 8 +++- source3/wscript| 3 ++- 2 files changed, 9 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c index 4387918198e..c9ee5414f03 100644 --- a/source3/modules/vfs_ceph.c +++ b/source3/modules/vfs_ceph.c @@ -438,9 +438,15 @@ static DIR *cephwrap_fdopendir(struct vfs_handle_struct *handle, { int ret = 0; struct ceph_dir_result *result = NULL; - DBG_DEBUG("[CEPH] fdopendir(%p, %p)\n", handle, fsp); +#ifdef HAVE_CEPH_FDOPENDIR + int dirfd = fsp_get_io_fd(fsp); + DBG_DEBUG("[CEPH] fdopendir(%p, %d)\n", handle, dirfd); + ret = ceph_fdopendir(handle->data, dirfd, &result); +#else + DBG_DEBUG("[CEPH] fdopendir(%p, %p)\n", handle, fsp); ret = ceph_opendir(handle->data, fsp->fsp_name->base_name, &result); +#endif if (ret < 0) { result = NULL; errno = -ret; /* We return result which is NULL in this case */ diff --git a/source3/wscript b/source3/wscript index b76ced59aa4..83aeb763ec4 100644 --- a/source3/wscript +++ b/source3/wscript @@ -1681,7 +1681,8 @@ int main(void) { headers='cephfs/libcephfs.h') conf.DEFINE('HAVE_MANDATORY_CEPH_API', '1') for api in ['ceph_mkdirat', 'ceph_openat', 'ceph_unlinkat', -'ceph_symlinkat', 'ceph_readlinkat', 'ceph_statxat']: +'ceph_symlinkat', 'ceph_readlinkat', 'ceph_statxat', +'ceph_fdopendir']: if not conf.CHECK_FUNCS_IN(api, 'cephfs', headers='cephfs/libcephfs.h'): conf.undefine('HAVE_MANDATORY_CEPH_API') -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fe8d866d2c6 vfs_ceph: Implement SMB_VFS_FSTATAT via fe16ae1fe83 source3/wscript: Announce deprecation of old Ceph version support via 858b1d064db vfs_ceph: Indicate a successful connection in logs via e657fca589c vfs_ceph: Fix a usage in comments from d63e972aa09 WHATSNEW: Add entry for new save/restore options for smbcacls https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fe8d866d2c619a16cd114e06802efddea4d08e13 Author: Anoop C S Date: Tue Jan 9 11:11:40 2024 +0530 vfs_ceph: Implement SMB_VFS_FSTATAT Signed-off-by: Anoop C S Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Jan 26 16:56:59 UTC 2024 on atb-devel-224 commit fe16ae1fe8345259a380eb1d02a20eb043e08d47 Author: Anoop C S Date: Thu Jan 25 22:56:26 2024 +0530 source3/wscript: Announce deprecation of old Ceph version support *at() variants for various libcephfs APIs were added with Ceph v17.x. Any other version less than v17.x is soon to be considered EOL[1] which we will now indicate with the help of a warning message during configure time. Going further such a situation will result in disabling the module altogether with the next major Samba version after v4.20. [1] https://docs.ceph.com/en/latest/releases/#ceph-releases-index Signed-off-by: Anoop C S Reviewed-by: Guenther Deschner commit 858b1d064db82606c44d5ef5a6098b1b924d5c49 Author: Anoop C S Date: Fri Jan 5 12:45:14 2024 +0530 vfs_ceph: Indicate a successful connection in logs Signed-off-by: Anoop C S Reviewed-by: Guenther Deschner commit e657fca589ce273d92268889fd9fe8fd98b3a201 Author: Anoop C S Date: Mon Dec 18 21:27:44 2023 +0530 vfs_ceph: Fix a usage in comments Signed-off-by: Anoop C S Reviewed-by: Guenther Deschner --- Summary of changes: source3/modules/vfs_ceph.c | 49 +- source3/wscript| 23 -- 2 files changed, 61 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c index 7f0bad8ae33..4387918198e 100644 --- a/source3/modules/vfs_ceph.c +++ b/source3/modules/vfs_ceph.c @@ -55,7 +55,7 @@ /* * Note, libcephfs's return code model is to return -errno! So we have to - * convert to what Samba expects, with is set errno to -return and return -1 + * convert to what Samba expects, which is to set errno to -return and return -1 */ #define WRAP_RETURN(_res) \ errno = 0; \ @@ -285,6 +285,7 @@ static int cephwrap_connect(struct vfs_handle_struct *handle, connect_ok: handle->data = cmount; + DBG_WARNING("Connection established with the server: %s\n", cookie); /* * Unless we have an async implementation of getxattrat turn this off. */ @@ -944,6 +945,51 @@ static int cephwrap_fstat(struct vfs_handle_struct *handle, files_struct *fsp, S return result; } +static int cephwrap_fstatat(struct vfs_handle_struct *handle, + const struct files_struct *dirfsp, + const struct smb_filename *smb_fname, + SMB_STRUCT_STAT *sbuf, + int flags) +{ + int result = -1; + struct ceph_statx stx = { 0 }; +#ifdef HAVE_CEPH_STATXAT + int dirfd = fsp_get_pathref_fd(dirfsp); + + DBG_DEBUG("[CEPH] fstatat(%p, %d, %s)\n", + handle, dirfd, smb_fname->base_name); + result = ceph_statxat(handle->data, dirfd, smb_fname->base_name, + &stx, SAMBA_STATX_ATTR_MASK, 0); +#else + struct smb_filename *full_fname = NULL; + + full_fname = full_path_from_dirfsp_atname(talloc_tos(), + dirfsp, + smb_fname); + if (full_fname == NULL) { + errno = ENOMEM; + return -1; + } + + DBG_DEBUG("[CEPH] fstatat(%p, %s)\n", + handle, smb_fname_str_dbg(full_fname)); + result = ceph_statx(handle->data, full_fname->base_name, + &stx, SAMBA_STATX_ATTR_MASK, 0); + + TALLOC_FREE(full_fname); +#endif + + DBG_DEBUG("[CEPH] fstatat(...) = %d\n", result); + if (result < 0) { + WRAP_RETURN(result); + } + + init_stat_ex_from_ceph_statx(sbuf, &stx); + DBG_DEBUG("[CEPH] mode = 0x%x\n", sbuf->st_ex_mode); + + return 0; +} + static int cephwrap_lstat(struct vfs_handle_struct *handle,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7e0a18acde8 vfs_ceph: use extra 'ceph_*at()' calls when available from f2dbcea6f04 lib: Confine the copy_no_nl memcpy to debug_gpfs_log() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7e0a18acde8ea4801ad4f56a0b2d8daa2120f6e5 Author: Shachar Sharon Date: Mon Nov 13 15:47:24 2023 +0200 vfs_ceph: use extra 'ceph_*at()' calls when available As of libcephfs version-10.0.3 the high-level API has few more '*at()' calls. Prefer those newer hooks over path-based when having an appropriate directory fd (namely: ceph_mkdirat, ceph_openat, cepth_unlinkat, ceph_symlinkat, ceph_readlinkat). Ceph commit: https://github.com/ceph/ceph/commit/3831aa12f3067d8cc362f39f7136dd53cb946d22 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15516 Signed-off-by: Shachar Sharon Reviewed-by: Gunther Deschner Reviewed-by: Anoop C S Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Jan 4 21:09:54 UTC 2024 on atb-devel-224 --- Summary of changes: source3/modules/vfs_ceph.c | 132 + source3/wscript| 10 2 files changed, 121 insertions(+), 21 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c index b1039ee36ef..7f0bad8ae33 100644 --- a/source3/modules/vfs_ceph.c +++ b/source3/modules/vfs_ceph.c @@ -473,8 +473,22 @@ static int cephwrap_mkdirat(struct vfs_handle_struct *handle, const struct smb_filename *smb_fname, mode_t mode) { + int result = -1; +#ifdef HAVE_CEPH_MKDIRAT + int dirfd = fsp_get_pathref_fd(dirfsp); + + DBG_DEBUG("[CEPH] mkdirat(%p, %d, %s)\n", + handle, + dirfd, + smb_fname->base_name); + + result = ceph_mkdirat(handle->data, dirfd, smb_fname->base_name, mode); + + DBG_DEBUG("[CEPH] mkdirat(...) = %d\n", result); + + WRAP_RETURN(result); +#else struct smb_filename *full_fname = NULL; - int result; full_fname = full_path_from_dirfsp_atname(talloc_tos(), dirfsp, @@ -490,7 +504,8 @@ static int cephwrap_mkdirat(struct vfs_handle_struct *handle, TALLOC_FREE(full_fname); - return WRAP_RETURN(result); + WRAP_RETURN(result); +#endif } static int cephwrap_closedir(struct vfs_handle_struct *handle, DIR *dirp) @@ -517,15 +532,44 @@ static int cephwrap_openat(struct vfs_handle_struct *handle, bool have_opath = false; bool became_root = false; int result = -ENOENT; +#ifdef HAVE_CEPH_OPENAT + int dirfd = -1; +#endif if (how->resolve != 0) { errno = ENOSYS; return -1; } - /* -* ceph doesn't have openat(). -*/ + if (smb_fname->stream_name) { + goto out; + } + +#ifdef O_PATH + have_opath = true; + if (fsp->fsp_flags.is_pathref) { + flags |= O_PATH; + } +#endif + +#ifdef HAVE_CEPH_OPENAT + dirfd = fsp_get_pathref_fd(dirfsp); + + DBG_DEBUG("[CEPH] openat(%p, %d, %p, %d, %d)\n", + handle, dirfd, fsp, flags, mode); + + if (fsp->fsp_flags.is_pathref && !have_opath) { + become_root(); + became_root = true; + } + + result = ceph_openat(handle->data, +dirfd, +smb_fname->base_name, +flags, +mode); + +#else if (fsp_get_pathref_fd(dirfsp) != AT_FDCWD) { name = full_path_from_dirfsp_atname(talloc_tos(), dirfsp, @@ -539,28 +583,16 @@ static int cephwrap_openat(struct vfs_handle_struct *handle, DBG_DEBUG("[CEPH] openat(%p, %s, %p, %d, %d)\n", handle, smb_fname_str_dbg(smb_fname), fsp, flags, mode); - if (smb_fname->stream_name) { - goto out; - } - -#ifdef O_PATH - have_opath = true; - if (fsp->fsp_flags.is_pathref) { - flags |= O_PATH; - } -#endif - if (fsp->fsp_flags.is_pathref && !have_opath) { become_root(); became_root = true; } result = ceph_open(handle->data, smb_fname->base_name, flags, mode); - +#endif if (became_root) { unbecome_root(); } - out: TALLOC_FREE(name); fsp->fsp_flags.have_proc_fds = false; @@ -992,8
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6d3146f94b2 smbd: Modernize a few DEBUG statements via 9beb22a28eb smbd: Remove an unused function prototype via a22aeed277f smbd: Slightly simplify smbd_smb2_query_directory_send() via c00bec4ae80 smbd: Give source3/smbd/dir.c its own header file via 3046b8b502f smbd: Remove unused srv_put_dos_date2() via abf323d03e3 smbd: Use srv_put_dos_date2_ts() in reply_printqueue() via d5a0d6f7e9d smbd: Introduce srv_put_dos_date2_ts() via e3b4073d3c7 profile: Fix rusage reporting via 8c08b70503e profile: Fix a small memleak via 201d113d1e6 smbd: Remove "conn" from struct dptr_struct via ed6a659f5ed lib: Remove duplicate prototypes via 99c61fa8513 lib: Fix some whitespace from 4b7329f1582 ctdb-server: Drop unnecessary copy of destination address https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6d3146f94b22a6c3df0effa738c893220f843f8a Author: Volker Lendecke Date: Wed Nov 29 16:54:45 2023 +0100 smbd: Modernize a few DEBUG statements Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Dec 19 17:07:04 UTC 2023 on atb-devel-224 commit 9beb22a28eb04199bcfff3e6c18385bd58da9c7e Author: Volker Lendecke Date: Mon Nov 27 14:54:19 2023 +0100 smbd: Remove an unused function prototype Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit a22aeed277f84dfefaef6e8157843991bdda60dc Author: Volker Lendecke Date: Mon Nov 27 10:51:45 2023 +0100 smbd: Slightly simplify smbd_smb2_query_directory_send() Avoid an if-statement when just assigning the result of the if-condition to a boolean. Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit c00bec4ae8023c9e3cb890e989a3c98971926aee Author: Volker Lendecke Date: Mon Nov 27 14:53:07 2023 +0100 smbd: Give source3/smbd/dir.c its own header file The prototypes were spread across 3 different files. Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit 3046b8b502f41c00747c48f1ed7ce87dc92fe8fb Author: Volker Lendecke Date: Sun Nov 26 16:20:44 2023 +0100 smbd: Remove unused srv_put_dos_date2() Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit abf323d03e3ed2b66e3d40b3add26feee2c351e4 Author: Volker Lendecke Date: Sun Nov 26 16:17:07 2023 +0100 smbd: Use srv_put_dos_date2_ts() in reply_printqueue() srv_put_dos_date2_ts() uses convert_timespec_to_time_t() on the passed timespec, which for ts_nsec==0 returns just tv_sec. Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit d5a0d6f7e9d8ee09facf248bb3394ea3b164ee5b Author: Volker Lendecke Date: Sun Nov 26 15:17:45 2023 +0100 smbd: Introduce srv_put_dos_date2_ts() All but one uses of srv_put_dos_date2() converted from struct timespec. Put that into a new routine. Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit e3b4073d3c7c50e63f2214912d091264c8c94035 Author: Volker Lendecke Date: Fri Nov 24 16:27:42 2023 +0100 profile: Fix rusage reporting getrusage already gives accumulated values, so add them to the tdb record after smbprofile_stats_accumulate. Maybe we should not zero out our internal copy after writing the tdb, this would save a call to smbprofile_stats_accumulate() once a second. Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit 8c08b70503e8168a864db2d612b247c853821fd0 Author: Volker Lendecke Date: Mon Nov 20 15:53:48 2023 +0100 profile: Fix a small memleak Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit 201d113d1e6cc7e8fa072d69a64aace4c8e35f17 Author: Volker Lendecke Date: Wed Nov 29 13:30:23 2023 +0100 smbd: Remove "conn" from struct dptr_struct We have it available behind "dir_hnd". Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit ed6a659f5ed2e1c9f46942316779b5c672657475 Author: Volker Lendecke Date: Sun Nov 26 12:36:33 2023 +0100 lib: Remove duplicate prototypes They also exist in lib/util/time.h Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit 99c61fa85131af2d21d53dc0e949607833fb3a0c Author: Volker Lendecke Date: Wed Nov 29 16:35:20 2023 +0100 lib: Fix some whitespace Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner --- Summary of changes: source3/include/proto.h | 6 +- source3/lib/system_smbd.c| 10 +-- source3/lib/time.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 83edfcff5cc vfs_ceph: call 'ceph_fgetxattr' only if valid fd from af53df6cd6e python/samba/tests: Fix incorrect super-class in cred_opt.py setUp() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 83edfcff5ccd8c4c710576b6d5612e0578d168c8 Author: Shachar Sharon Date: Thu Nov 16 11:57:02 2023 +0200 vfs_ceph: call 'ceph_fgetxattr' only if valid fd Align getxattr logic with the rest of xattr hooks: call ceph_fgetxattr with appropriate io-fd when 'is_pathref' is false; otherwise, call ceph_getxattr. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15440 Signed-off-by: Shachar Sharon Reviewed-by: Anoop C S Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Nov 30 12:32:29 UTC 2023 on atb-devel-224 --- Summary of changes: source3/modules/vfs_ceph.c | 27 --- 1 file changed, 24 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c index 6d252d20425..b1039ee36ef 100644 --- a/source3/modules/vfs_ceph.c +++ b/source3/modules/vfs_ceph.c @@ -1431,11 +1431,32 @@ static const char *cephwrap_connectpath( Extended attribute operations. */ -static ssize_t cephwrap_fgetxattr(struct vfs_handle_struct *handle, struct files_struct *fsp, const char *name, void *value, size_t size) +static ssize_t cephwrap_fgetxattr(struct vfs_handle_struct *handle, + struct files_struct *fsp, + const char *name, + void *value, + size_t size) { int ret; - DBG_DEBUG("[CEPH] fgetxattr(%p, %p, %s, %p, %llu)\n", handle, fsp, name, value, llu(size)); - ret = ceph_fgetxattr(handle->data, fsp_get_io_fd(fsp), name, value, size); + DBG_DEBUG("[CEPH] fgetxattr(%p, %p, %s, %p, %llu)\n", + handle, + fsp, + name, + value, + llu(size)); + if (!fsp->fsp_flags.is_pathref) { + ret = ceph_fgetxattr(handle->data, +fsp_get_io_fd(fsp), +name, +value, +size); + } else { + ret = ceph_getxattr(handle->data, + fsp->fsp_name->base_name, + name, + value, + size); + } DBG_DEBUG("[CEPH] fgetxattr(...) = %d\n", ret); if (ret < 0) { WRAP_RETURN(ret); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 82f021d43de pidl: include scompat headers and servers in s3 server template from 1edf9ecaf56 posix_acls.c: prefer capabilities over become_root https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 82f021d43de1643d06332e152fcaf3e07e51cd1b Author: Günther Deschner Date: Tue Nov 7 01:19:16 2023 +0100 pidl: include scompat headers and servers in s3 server template Guenther Signed-off-by: Guenther Deschner Reviewed-by: Samuel Cabrero Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Nov 17 00:39:18 UTC 2023 on atb-devel-224 --- Summary of changes: pidl/lib/Parse/Pidl/Samba3/Template.pm | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/pidl/lib/Parse/Pidl/Samba3/Template.pm b/pidl/lib/Parse/Pidl/Samba3/Template.pm index ee64aebf365..6c1bbf3725b 100644 --- a/pidl/lib/Parse/Pidl/Samba3/Template.pm +++ b/pidl/lib/Parse/Pidl/Samba3/Template.pm @@ -47,7 +47,8 @@ sub Template($) #include \"includes.h\" #include \"ntdomain.h\" -#include \"../librpc/gen_ndr/srv_$name.h\" +#include \"librpc/gen_ndr/ndr_$name.h\" +#include \"librpc/gen_ndr/ndr_$name\_scompat.h\" "; @@ -80,6 +81,10 @@ $pad"."struct $fname *r) "; } } +$res .= +"/* include the generated boilerplate */ +#include \"librpc/gen_ndr/ndr_$name\_scompat.c\ +"; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via bf7fbf7e2b6 s3-net: no secrets access required when processing a ODJ provisioning from 0bfdefffc8b s3:include: Fix code spelling https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit bf7fbf7e2b675145e25ce7bffc29abbf44c35540 Author: Günther Deschner Date: Tue Jun 6 11:14:01 2023 +0200 s3-net: no secrets access required when processing a ODJ provisioning It should be possible to call "net offlinejoin provision" as non-root, no access to secrets.tdb required in that case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15414 Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Jul 5 09:23:22 UTC 2023 on atb-devel-224 --- Summary of changes: source3/libnet/libnet_join.c | 8 1 file changed, 8 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 3bff7ec1412..b60eb112d0a 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -2369,6 +2369,14 @@ static WERROR libnet_join_pre_processing(TALLOC_CTX *mem_ctx, r->in.admin_account = admin_account; } + if (r->in.provision_computer_account_only) { + /* +* When in the "provision_computer_account_only" path we do not +* need to have access to secrets.tdb at all - gd +*/ + return WERR_OK; + } + if (!secrets_init()) { libnet_join_set_error_string(mem_ctx, r, "Unable to open secrets database"); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c50cde0cd5e python:tests: Correctly skip some GPO tests in release tarball from 484bf9c49ae testprogs: Remove unused test_export_keytab_(heimdal|mit).sh https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c50cde0cd5e58f895cee3fe87768e9875a537b4d Author: Andreas Schneider Date: Thu Mar 16 12:58:21 2023 +0100 python:tests: Correctly skip some GPO tests in release tarball These tests require provision data we do not ship in release tarballs. Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Apr 6 15:42:12 UTC 2023 on atb-devel-224 --- Summary of changes: python/samba/tests/samba_tool/gpo.py | 19 +++ 1 file changed, 19 insertions(+) Changeset truncated at 500 lines: diff --git a/python/samba/tests/samba_tool/gpo.py b/python/samba/tests/samba_tool/gpo.py index c9248d32fd4..e49944c204d 100644 --- a/python/samba/tests/samba_tool/gpo.py +++ b/python/samba/tests/samba_tool/gpo.py @@ -140,6 +140,7 @@ ext_guids = ['{123d2b56-7b14-4516-bbc4-763d29d57654}', '{d000e91b-e70f-481b-9549-58de7929bcee}'] source_path = os.path.abspath(os.path.join(os.path.dirname(__file__), "../../../../..")) +provision_path = os.path.join(source_path, "source4/selftest/provisions/") def has_difference(path1, path2, binary=True, xml=True, sortlines=False): """Use this function to determine if the GPO backup differs from another. @@ -266,6 +267,10 @@ class GpoCmdTestCase(SambaToolCmdTest): def test_backup_restore_compare_binary(self): """Restore from a static backup and compare the binary contents""" +if not os.path.exists(provision_path): +self.skipTest('Test requires provision data not available in ' + + 'release tarball') + static_path = os.path.join(self.backup_path, 'policy', self.backup_gpo_guid) @@ -321,6 +326,10 @@ class GpoCmdTestCase(SambaToolCmdTest): """Restore from a static backup (and use no entity file, resulting in copy-restore fallback), and compare the binary contents""" +if not os.path.exists(provision_path): +self.skipTest('Test requires provision data not available in ' + + 'release tarball') + static_path = os.path.join(self.backup_path, 'policy', self.backup_gpo_guid) @@ -412,6 +421,11 @@ class GpoCmdTestCase(SambaToolCmdTest): def test_backup_restore_backup_compare_XML(self): """Restore from a static backup and backup to compare XML""" + +if not os.path.exists(provision_path): +self.skipTest('Test requires provision data not available in ' + + 'release tarball') + static_path = os.path.join(self.backup_path, 'policy', self.backup_gpo_guid) @@ -502,6 +516,11 @@ class GpoCmdTestCase(SambaToolCmdTest): def test_backup_restore_generalize(self): """Restore from a static backup with different entities, generalize it again, and compare the XML""" + +if not os.path.exists(provision_path): +self.skipTest('Test requires provision data not available in ' + + 'release tarball') + static_path = os.path.join(self.backup_path, 'policy', self.backup_gpo_guid) -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 321f33d Acknowledge the fact that some of us moved to IBM. from 2082672 Add Anoop to the team list. https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 321f33d24effa04676b96f09b801d29bc060a4db Author: Günther Deschner Date: Tue Mar 28 12:42:35 2023 +0200 Acknowledge the fact that some of us moved to IBM. Guenther --- Summary of changes: team/index.html | 8 1 file changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/team/index.html b/team/index.html index 940059c..b63f0ee 100755 --- a/team/index.html +++ b/team/index.html @@ -47,7 +47,7 @@ mailing list and start contributing to the development of Samba. -https://www.samba.org/~obnox/";>Michael Adam (https://www.redhat.com/";>Red Hat) +https://www.samba.org/~obnox/";>Michael Adam (https://www.ibm.com/";>IBM) https://cjr.nz";>Paulo Alcantara (https://www.suse.com/";>SUSE) https://www.samba.org/~jra";>Jeremy Allison mailto:a...@samba.org";>Christian Ambach @@ -63,7 +63,7 @@ mailing list and start contributing to the development of Samba. mailto:a...@samba.org";>Alexander Bokovoy (https://www.redhat.com/";>Red Hat) Samuel Cabrero (https://www.suse.com/";>SUSE) https://www.samba.org/~anoopcs";>Anoop C S (https://www.ibm.com/";>IBM) -https://www.samba.org/~gd";>Günther Deschner (https://www.redhat.com/";>Red Hat) +https://www.samba.org/~gd";>Günther Deschner (https://www.ibm.com/";>IBM) mailto:dd...@samba.org";>David Disseldorp (https://www.suse.com/";>SUSE) mailto:pfilipen...@samba.org";>Pavel Filipenský (https://www.redhat.com/";>Red Hat) mailto:sfre...@samba.org";>Steve French @@ -87,13 +87,13 @@ mailing list and start contributing to the development of Samba. mailto:m...@samba.org";>Matthieu Patou Rowland Penny Noel Power (https://www.suse.com/";>SUSE) -mailto:jar...@samba.org";>José A. Rivera (https://www.redhat.com/";>Red Hat) +mailto:jar...@samba.org";>José A. Rivera (https://www.ibm.com/";>IBM) http://ozlabs.org/~rusty/";>Rusty Russell Garming Sam (http://catalyst.net.nz/what-we-offer/enterprise-solutions/samba";>Catalyst) mailto:c...@samba.org";>Christof Schmitt https://www.samba.org/~asn/";>Andreas Schneider (https://www.redhat.com/";>Red Hat) https://meltin.net/martin/";>Martin Schwenke (https://www.ddn.com/";>DDN) -mailto:ksee...@samba.org";>Karolin Seeger (https://www.redhat.com/";>Red Hat) +mailto:ksee...@samba.org";>Karolin Seeger (https://www.ibm.com/";>IBM) http://www.richardsharpe.com";>Richard Sharpe https://www.samba.org/~tridge/";>Andrew Tridgell mailto:u...@samba.org";>Uri Simchoni -- Samba Website Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 2082672 Add Anoop to the team list. from 11d888d team: add Pavel Filipenský https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 208267254070d4935b9b2c6214fb932957f53c1f Author: Günther Deschner Date: Tue Mar 28 12:31:38 2023 +0200 Add Anoop to the team list. Guenther --- Summary of changes: team/index.html | 1 + 1 file changed, 1 insertion(+) Changeset truncated at 500 lines: diff --git a/team/index.html b/team/index.html index 2ab7830..940059c 100755 --- a/team/index.html +++ b/team/index.html @@ -62,6 +62,7 @@ mailing list and start contributing to the development of Samba. mailto:s...@samba.org";>Ralph Böhme (http://www.sernet.de/en/";>SerNet) mailto:a...@samba.org";>Alexander Bokovoy (https://www.redhat.com/";>Red Hat) Samuel Cabrero (https://www.suse.com/";>SUSE) +https://www.samba.org/~anoopcs";>Anoop C S (https://www.ibm.com/";>IBM) https://www.samba.org/~gd";>Günther Deschner (https://www.redhat.com/";>Red Hat) mailto:dd...@samba.org";>David Disseldorp (https://www.suse.com/";>SUSE) mailto:pfilipen...@samba.org";>Pavel Filipenský (https://www.redhat.com/";>Red Hat) -- Samba Website Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 460fd441d7f s3:winbind: Improve warning message if we are out of autorid ranges via a273ed89dbb s3:utils: Check if the autorid rangesize is a multiple of the range from bf9130d375b smbd: Fix case normalization in for directories https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 460fd441d7f2ed5372038beec68c9bcd928a4f4c Author: Andreas Schneider Date: Mon Feb 27 12:14:41 2023 +0100 s3:winbind: Improve warning message if we are out of autorid ranges The message should help our users to understand what's the problem. The message was rather cryptic before. Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Feb 28 14:18:32 UTC 2023 on atb-devel-224 commit a273ed89dbb42081925f95b6d5490018c7cad110 Author: Andreas Schneider Date: Mon Feb 27 10:01:16 2023 +0100 s3:utils: Check if the autorid rangesize is a multiple of the range We also have this in our documentation. Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner --- Summary of changes: source3/utils/testparm.c | 11 +++ source3/winbindd/idmap_autorid_tdb.c | 12 2 files changed, 19 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index b975188094c..ce624c9d0cd 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -192,6 +192,17 @@ static bool do_idmap_check(void) uint32_t maxranges = (c->high - c->low + 1) / rangesize; + if (((c->high - c->low + 1) % rangesize) != 0) { + fprintf(stderr, + "WARNING: The idmap autorid range " + "[%u-%u] SHOULD to be a multiple of " + "the rangesize [%u]!" + "\n\n", + c->low, + c->high, + rangesize); + } + if (maxranges < 2) { fprintf(stderr, "ERROR: The idmap autorid range " diff --git a/source3/winbindd/idmap_autorid_tdb.c b/source3/winbindd/idmap_autorid_tdb.c index 24cf380945d..fb195367da6 100644 --- a/source3/winbindd/idmap_autorid_tdb.c +++ b/source3/winbindd/idmap_autorid_tdb.c @@ -183,10 +183,14 @@ static NTSTATUS idmap_autorid_addrange_action(struct db_context *db, } if (requested_rangenum >= globalcfg.maxranges) { - DEBUG(1, ("Not enough ranges available: New range %u must be " - "smaller than configured maximum number of ranges " - "(%u).\n", - requested_rangenum, globalcfg.maxranges)); + DBG_WARNING("Not enough ranges available: New range %u can't " + "be allocated. Consider increasing the range " + "[%u-%u] by %u.\n", + requested_rangenum, + globalcfg.minvalue, + globalcfg.minvalue + + (globalcfg.maxranges * globalcfg.rangesize), + globalcfg.rangesize); ret = NT_STATUS_NO_MEMORY; goto error; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3d57bb74500 s3:tests: Reformat xattr-tdb-1/run.sh via 5cfd0b9fdc0 s3:tests: Reformat vfstest-catia/run.sh via 5467252fd40 s3:tests: Reformat vfstest-acl/run.sh via e862d7e7a29 s3:tests: Reformat stream-depot/run.sh via a8c6b30e723 s3:tests: Reformat full_audit_segfault/run.sh via 4bb7f293633 s3:tests: Reformat wb_pad.sh via 7677b89abcf s3:tests: Reformat test_zero_data.sh via ee972c11cda s3:tests: Reformat test_winbind_ignore_domains.sh via e652a764df8 s3:tests: Reformat test_wbinfo_sids2xids.sh via c9f328b7186 s3:tests: Reformat test_wbinfo_lookuprids_cache.sh via a73b4bf8705 s3:tests: Reformat test_virus_scanner.sh via 79ef1f6402c s3:tests: Reformat test_veto_rmdir.sh via a8303298197 s3:tests: Reformat test_valid_users.sh via a10f4dffcd1 s3:tests: Reformat test_usernamemap.sh via 85603a5ee00 s3:tests: Reformat test_timestamps.sh via 7dce28b712f s3:tests: Reformat test_tevent_glib_glue.sh via a7fe9b56473 s3:tests: Reformat test_testparm_s3.sh from 7897bc8c792 security.idl: add missing BUILTIN SIDs https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3d57bb74500b46c242fd0850181bcb0335268dd2 Author: Andreas Schneider Date: Fri Apr 22 15:34:12 2022 +0200 s3:tests: Reformat xattr-tdb-1/run.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Jun 22 10:10:48 UTC 2022 on sn-devel-184 commit 5cfd0b9fdc0d0c83d579269123f0887925c9a554 Author: Andreas Schneider Date: Fri Apr 22 15:34:12 2022 +0200 s3:tests: Reformat vfstest-catia/run.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 5467252fd408d79718ae629c548be1c4614fe278 Author: Andreas Schneider Date: Fri Apr 22 15:34:12 2022 +0200 s3:tests: Reformat vfstest-acl/run.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit e862d7e7a2975dcfb7246a3e19fdb643c006bb0b Author: Andreas Schneider Date: Fri Apr 22 15:34:08 2022 +0200 s3:tests: Reformat stream-depot/run.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit a8c6b30e72373e13cb64f3503ef1237cefa7e753 Author: Andreas Schneider Date: Fri Apr 22 15:34:08 2022 +0200 s3:tests: Reformat full_audit_segfault/run.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 4bb7f2936336d1c2f1a2ba75a6949d36e144cee7 Author: Andreas Schneider Date: Fri Apr 22 15:34:12 2022 +0200 s3:tests: Reformat wb_pad.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 7677b89abcf2e156f184b63be5f88bda9308a49b Author: Andreas Schneider Date: Fri Apr 22 15:34:12 2022 +0200 s3:tests: Reformat test_zero_data.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit ee972c11cdae83d43279f7095696380f04d2da22 Author: Andreas Schneider Date: Fri Apr 22 15:34:12 2022 +0200 s3:tests: Reformat test_winbind_ignore_domains.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit e652a764df8862a3b1c208edfb86dedb63e9b361 Author: Andreas Schneider Date: Fri Apr 22 15:34:12 2022 +0200 s3:tests: Reformat test_wbinfo_sids2xids.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit c9f328b7186051b0ae7fbd1c788102c5f13f7ec5 Author: Andreas Schneider Date: Fri Apr 22 15:34:11 2022 +0200 s3:tests: Reformat test_wbinfo_lookuprids_cache.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit a73b4bf8705f98c750582dd019ac9b3fa7392f5b Author: Andreas Schneider Date: Fri Apr 22 15:34:11 2022 +0200 s3:tests: Reformat test_virus_scanner.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 79ef1f6402c60c69c2c531ff7889fb935e2cafd3 Author: Andreas Schneider Date: Fri Apr 22 15:34:11 2022 +0200 s3:tests: Reformat test_veto_rmdir.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6f3e03a6e34 s3:tests: Reformat test_smbclient_ntlm.sh via f5ecc95876f s3:tests: Reformat test_smbclient_netbios_aliases.sh via c4d0c741ebe s3:tests: Reformat test_smbclient_mget.sh via 07d07b70eb8 s3:tests: Reformat test_smbclient_machine_auth.sh via 58e815f2a2f s3:tests: Reformat test_smbclient_log_basename.sh via 3b672457da5 s3:tests: Reformat test_smbclient_list_servers.sh via b828964f5f0 s3:tests: Reformat test_smbclient_large_file.sh via 20e0fef9e45 s3:tests: Reformat test_smbclient_krb5.sh via 6513aa1d8d5 s3:tests: Reformat test_smbclient_kerberos.sh via 6990e6c s3:tests: Reformat test_smbclient_iconv.sh via bb626437f7a s3:tests: Reformat test_smbclient_encryption_off.sh via 144f17928f6 s3:tests: Reformat test_smbclient_encryption.sh via c112b07337e s3:tests: Reformat test_smbclient_basic.sh via c0e1566e25e s3:tests: Reformat test_smbclient_auth.sh via ec0291264c4 s3:tests: Reformat test_smbXsrv_client_dead_rec.sh via a63c7e7ed5a s3:tests: Reformat test_smb2_not_casesensitive.sh via 13795515eb2 s3:tests: Reformat test_smb1_system_security.sh via d637255f6bf s3:tests: Reformat test_smb1_shadow_copy_torture.sh via f1a8afe650e s3:tests: Reformat test_sharesec.sh via a4ff172feec s3:tests: Reformat test_shareenum.sh via 6395813ca09 s3:tests: Reformat test_shadow_copy_torture.sh via b1cddccf12c s3:tests: Reformat test_sacl_set_get.sh from b22ddf5ee9c gitlab-ci: Add jq https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6f3e03a6e3404bcdd80e9a867588af5ccc2b2526 Author: Andreas Schneider Date: Fri Apr 22 15:34:11 2022 +0200 s3:tests: Reformat test_smbclient_ntlm.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Jun 10 14:51:39 UTC 2022 on sn-devel-184 commit f5ecc95876f7a3d7883063f6228af21b6a3ed14f Author: Andreas Schneider Date: Fri Apr 22 15:34:11 2022 +0200 s3:tests: Reformat test_smbclient_netbios_aliases.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit c4d0c741ebea571776d4686fe3e46c54c2727995 Author: Andreas Schneider Date: Fri Apr 22 15:34:11 2022 +0200 s3:tests: Reformat test_smbclient_mget.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 07d07b70eb8e91c333969962c46b29241b0e98e9 Author: Andreas Schneider Date: Fri Apr 22 15:34:11 2022 +0200 s3:tests: Reformat test_smbclient_machine_auth.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 58e815f2a2f65da094acf1a769aed3dbfcc44c76 Author: Andreas Schneider Date: Fri Apr 22 15:34:11 2022 +0200 s3:tests: Reformat test_smbclient_log_basename.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 3b672457da5d99b8d6dfff97739a40a4a1d73e6d Author: Andreas Schneider Date: Fri Apr 22 15:34:11 2022 +0200 s3:tests: Reformat test_smbclient_list_servers.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit b828964f5f01289dfe98c3908f57ccfd0ec89f1e Author: Andreas Schneider Date: Fri Apr 22 15:34:11 2022 +0200 s3:tests: Reformat test_smbclient_large_file.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 20e0fef9e454b44d357035934d7cf37b5cfd883f Author: Andreas Schneider Date: Fri Apr 22 15:34:10 2022 +0200 s3:tests: Reformat test_smbclient_krb5.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 6513aa1d8d5cad2e6be207594f82e59d6eba58c5 Author: Andreas Schneider Date: Fri Apr 22 15:34:10 2022 +0200 s3:tests: Reformat test_smbclient_kerberos.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 6990e6c553e1db01e79fb3052fd272fa7b08 Author: Andreas Schneider Date: Fri Apr 22 15:34:10 2022 +0200 s3:tests: Reformat test_smbclient_iconv.sh shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit bb626437f7a546360b480ad4932af0013fd057af
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1b6d675feb5 lib/smbconf: expose smbconf error codes to python wrapper from fdc98ff5560 s3:tests: Reformat test_net_usershare.sh https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1b6d675feb54d32224047ea59598c04a7a287038 Author: John Mulligan Date: Mon Jun 6 15:55:22 2022 -0400 lib/smbconf: expose smbconf error codes to python wrapper The smbconf library defines an enum of error codes that can be returned from the C calls. The error codes were getting stored in the python SMBConfError type but it was not easy to access or obvious what the integer code represented. This change makes it easier to get the returned error code: via a `error_code` attribute on the exception value. It also exposes the integer constants to the module. Simple tests for a few of the more obvious error codes check that this new error handling correctly exposes the error code values. Signed-off-by: John Mulligan Reviewed-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Jun 8 13:13:10 UTC 2022 on sn-devel-184 --- Summary of changes: lib/smbconf/pysmbconf.c | 39 ++- python/samba/tests/smbconf.py | 21 + 2 files changed, 55 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/smbconf/pysmbconf.c b/lib/smbconf/pysmbconf.c index b0aca4508af..1b3c101005a 100644 --- a/lib/smbconf/pysmbconf.c +++ b/lib/smbconf/pysmbconf.c @@ -35,7 +35,6 @@ static void py_raise_SMBConfError(sbcErr err) /* * TODO: have the exception type accept arguments in new/init -* and make the error value accessible as a property */ args = Py_BuildValue("(is)", err, sbcErrorString(err)); if (args == NULL) { @@ -44,11 +43,22 @@ static void py_raise_SMBConfError(sbcErr err) return; } v = PyObject_Call(PyExc_SMBConfError, args, NULL); - Py_DECREF(args); - if (v != NULL) { - PyErr_SetObject((PyObject *) Py_TYPE(v), v); - Py_DECREF(v); + if (v == NULL) { + Py_CLEAR(args); + return; + } + /* +* It's clearer to set an explicit error_code attribute for use in calling +* code to check what kind of SMBConfError was raised. +*/ + if (PyObject_SetAttrString(v, "error_code", PyTuple_GetItem(args, 0)) == -1) { + Py_CLEAR(v); + Py_CLEAR(args); + return; } + Py_CLEAR(args); + PyErr_SetObject((PyObject *) Py_TYPE(v), v); + Py_DECREF(v); } /* @@ -780,5 +790,24 @@ MODULE_INIT_FUNC(smbconf) return NULL; } +/* + * ADD_FLAGS macro borrowed from source3/libsmb/pylibsmb.c + */ +#define ADD_FLAGS(val) PyModule_AddObject(m, #val, PyLong_FromLong(val)) + + ADD_FLAGS(SBC_ERR_OK); + ADD_FLAGS(SBC_ERR_NOT_IMPLEMENTED); + ADD_FLAGS(SBC_ERR_NOT_SUPPORTED); + ADD_FLAGS(SBC_ERR_UNKNOWN_FAILURE); + ADD_FLAGS(SBC_ERR_NOMEM); + ADD_FLAGS(SBC_ERR_INVALID_PARAM); + ADD_FLAGS(SBC_ERR_BADFILE); + ADD_FLAGS(SBC_ERR_NO_SUCH_SERVICE); + ADD_FLAGS(SBC_ERR_IO_FAILURE); + ADD_FLAGS(SBC_ERR_CAN_NOT_COMPLETE); + ADD_FLAGS(SBC_ERR_NO_MORE_ITEMS); + ADD_FLAGS(SBC_ERR_FILE_EXISTS); + ADD_FLAGS(SBC_ERR_ACCESS_DENIED); + return m; } diff --git a/python/samba/tests/smbconf.py b/python/samba/tests/smbconf.py index e023e2ad59b..1f432a34608 100644 --- a/python/samba/tests/smbconf.py +++ b/python/samba/tests/smbconf.py @@ -324,6 +324,27 @@ class SMBConfTests(samba.tests.TestCase): names = sconf.share_names() self.assertEqual(names, ["hello", "goodnight"]) +def test_error_badfile(self): +with self.assertRaises(self.smbconf.SMBConfError) as raised: +self.smbconf.init_txt("/foo/bar/baz/_I-dont/.exist/-ok-") +self.assertEqual( +self.smbconf.SBC_ERR_BADFILE, raised.exception.error_code) + +def test_error_not_supported(self): +sconf = self.smbconf.init_txt(self.example_conf_default) +with self.assertRaises(self.smbconf.SMBConfError) as raised: +sconf.set_global_parameter("client min protocol", "NT1") +self.assertEqual( +self.smbconf.SBC_ERR_NOT_SUPPORTED, raised.exception.error_code) + +def test_error_no_such_service(self): +sconf = self.smbconf.init_txt(self.example_conf_default) +with self.assertRaises(self.smbconf.SMBConfError) as raised: +sconf.get_share("zilch
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 84480a1e21f python/samba/tests: add SMBConfTests suite via d948cb1c6dd lib/smbconf: add an initial set of python bindings from c285bcfbdad lib/cmdline: fix a typo https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 84480a1e21f2523a8a1c74a29c90f6c1c7349edf Author: John Mulligan Date: Fri Apr 1 13:51:40 2022 -0400 python/samba/tests: add SMBConfTests suite Add an initial suite of tests for the smbconf python bindings. Currently only simple read-only methods are available. Signed-off-by: John Mulligan Reviewed-by: Douglas Bagnall Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Apr 21 15:33:38 UTC 2022 on sn-devel-184 commit d948cb1c6dde87d60792a8dd40c07c6e4f2aa359 Author: John Mulligan Date: Thu Mar 31 16:54:49 2022 -0400 lib/smbconf: add an initial set of python bindings The smbconf library provides a generic interface for Samba configuration backends. In order to access these backends, including the read-write registry backend, we add a new python binding for smbconf - the general interface library. This initial set of bindings covers some basic read-only calls. This includes function calls for listing shares (config sections) and getting the parameters of the shares. The `init_txt` construction function must be used to get a new SMBConf object. This is done so that other backends, specifically the registry backend from source3 can be used in the future. Those will provide their own construction funcs. Signed-off-by: John Mulligan Reviewed-by: Douglas Bagnall Reviewed-by: Guenther Deschner --- Summary of changes: lib/smbconf/pysmbconf.c | 431 ++ lib/smbconf/wscript_build | 5 + python/samba/tests/smbconf.py | 102 ++ selftest/tests.py | 1 + 4 files changed, 539 insertions(+) create mode 100644 lib/smbconf/pysmbconf.c create mode 100644 python/samba/tests/smbconf.py Changeset truncated at 500 lines: diff --git a/lib/smbconf/pysmbconf.c b/lib/smbconf/pysmbconf.c new file mode 100644 index 000..0a5c3a6980c --- /dev/null +++ b/lib/smbconf/pysmbconf.c @@ -0,0 +1,431 @@ +/* + * Unix SMB/CIFS implementation. + * libsmbconf - Samba configuration library - Python bindings + * + * Copyright (C) John Mulligan 2022 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include +#include "includes.h" +#include "python/py3compat.h" + +#include "lib/smbconf/smbconf.h" +#include "lib/smbconf/smbconf_txt.h" + +static PyObject *PyExc_SMBConfError; + +typedef struct { + PyObject_HEAD + + /* C values embedded in our python type */ + TALLOC_CTX * mem_ctx; + struct smbconf_ctx *conf_ctx; +} py_SMBConf_Object; + +static void py_raise_SMBConfError(sbcErr err) +{ + PyObject *v = NULL; + PyObject *args = NULL; + + /* +* TODO: have the exception type accept arguments in new/init +* and make the error value accessible as a property +*/ + args = Py_BuildValue("(is)", err, sbcErrorString(err)); + if (args == NULL) { + PyErr_Format(PyExc_SMBConfError, "[%d]: %s", err, +sbcErrorString(err)); + return; + } + v = PyObject_Call(PyExc_SMBConfError, args, NULL); + Py_DECREF(args); + if (v != NULL) { + PyErr_SetObject((PyObject *) Py_TYPE(v), v); + Py_DECREF(v); + } +} + +/* + * py_from_smbconf_service returns a python tuple that is basically equivalent + * to the struct smbconf_service type content-wise. + */ +static PyObject *py_from_smbconf_service(struct smbconf_service *svc) +{ + PyObject *plist = PyList_New(svc->num_params); + if (plist == NULL) { + return NULL; + } + + for (uint32_t i = 0; i < svc->num_params; i++) { + PyObject *pt = Py_BuildValue("(ss)", +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 68d181ee676 s3:libads: Fix creating local krb5.conf via 12c843ad0a9 s3:libads: Check print_canonical_sockaddr_with_port() for NULL in get_kdc_ip_string() via cca189d0934 s3:libads: Remove obsolete free's of kdc_str via 652c8ce1672 s3:libads: Allocate all memory on the talloc stackframe via 812032833aa s3:libads: Use talloc_asprintf_append() in get_kdc_ip_string() via 7f721dc2eee s3:libads: Improve debug messages for get_kdc_ip_string() via 313f03c7848 s3:libads: Leave early on error in get_kdc_ip_string() via 567b1996796 s3:libads: Remove trailing spaces in kerberos.c via d2ac90cdd56 testprogs: Add test that local krb5.conf has been created from d8e966da1c8 smbd: Remove a few vfs_stat() calls https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 68d181ee676e17a5cdcfc12c5cc7eef242fdfa6c Author: Andreas Schneider Date: Tue Mar 15 13:10:06 2022 +0100 s3:libads: Fix creating local krb5.conf We create an KDC ip string entry directly at the beginning, use it if we don't have any additional DCs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Mar 16 14:26:36 UTC 2022 on sn-devel-184 commit 12c843ad0a97fcbaaea738b82941533e5d2aec99 Author: Andreas Schneider Date: Tue Mar 15 13:02:05 2022 +0100 s3:libads: Check print_canonical_sockaddr_with_port() for NULL in get_kdc_ip_string() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit cca189d0934790418e27d9d01282370b1e6a057f Author: Andreas Schneider Date: Tue Mar 15 12:57:18 2022 +0100 s3:libads: Remove obsolete free's of kdc_str This is allocated on the stackframe now! BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 652c8ce1672dfead00c7af6af22e3bb3927764ec Author: Andreas Schneider Date: Tue Mar 15 12:56:58 2022 +0100 s3:libads: Allocate all memory on the talloc stackframe BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 812032833aa65729dbbfd4313a6e3fe072c88530 Author: Andreas Schneider Date: Tue Mar 15 12:48:23 2022 +0100 s3:libads: Use talloc_asprintf_append() in get_kdc_ip_string() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 7f721dc2eee0064a1ddd480fcaf77bf1659c7a26 Author: Andreas Schneider Date: Tue Mar 15 12:10:47 2022 +0100 s3:libads: Improve debug messages for get_kdc_ip_string() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 313f03c78487ae49747b8143220ecbfe8ad9310a Author: Andreas Schneider Date: Tue Mar 15 12:04:34 2022 +0100 s3:libads: Leave early on error in get_kdc_ip_string() This avoids useless allocations. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 567b1996796e5d3cf572653f38817d832fa135ca Author: Andreas Schneider Date: Tue Mar 15 12:03:40 2022 +0100 s3:libads: Remove trailing spaces in kerberos.c BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit d2ac90cdd5672330ed9c323fc474f8ba62750a6f Author: Andreas Schneider Date: Tue Mar 15 16:53:02 2022 +0100 testprogs: Add test that local krb5.conf has been created BUG: https://bugzilla.samba.org/show_bug.cgi?id=15016 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner --- Summary of changes: source3/libads/kerberos.c | 80 +- testprogs/blackbox/test_net_ads.sh | 6 +++ 2 files changed, 50 insertions(+), 36 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 75beeef4a44..3fd86e87064 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -1,4 +1,4 @@ -/* +/* Unix SMB/CIFS implementation. kerberos utility library Copyright (C) Andrew Tridgell 2001 @@ -37,11 +37,11 @@ #define LIBADS_CCACHE_NAME "MEMORY:libads" /* - we use a prompter to avoid a crash bug in the kerberos libs when + we use a prompter to avoid a crash bug in the kerberos libs when dea
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e9495d2ed28 s3-winexe: Fix winexe core dump (use-after-free) from 1fce72f796e samba-tool: Add domain member leave https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e9495d2ed28a26899dc3dd77bdfe56e284980218 Author: Günther Deschner Date: Thu Nov 4 22:22:44 2021 +0100 s3-winexe: Fix winexe core dump (use-after-free) BUG: https://bugzilla.samba.org/show_bug.cgi?id=14893 Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Nov 5 11:43:57 UTC 2021 on sn-devel-184 --- Summary of changes: examples/winexe/winexe.c | 16 1 file changed, 12 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/winexe/winexe.c b/examples/winexe/winexe.c index 3e0813a4091..59fb9dbdebb 100644 --- a/examples/winexe/winexe.c +++ b/examples/winexe/winexe.c @@ -220,8 +220,6 @@ static void parse_args(int argc, const char *argv[], *port_str = '\0'; } - poptFreeContext(pc); - if (options->runas == NULL && options->runas_file != NULL) { struct cli_credentials *runas_cred; const char *user; @@ -253,9 +251,19 @@ static void parse_args(int argc, const char *argv[], options->credentials = samba_cmdline_get_creds(); - options->hostname = argv_new[0] + 2; + options->hostname = talloc_strdup(mem_ctx, argv_new[0] + 2); + if (options->hostname == NULL) { + DBG_ERR("Out of memory\n"); + exit(1); + } options->port = port; - options->cmd = argv_new[1]; + options->cmd = talloc_strdup(mem_ctx, argv_new[1]); + if (options->cmd == NULL) { + DBG_ERR("Out of memory\n"); + exit(1); + } + + poptFreeContext(pc); options->flags = flag_interactive; if (flag_reinstall) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 11c9eb0ccc3 s3-torture: Only install vfstest manpage when vfstest binary gets installed. via bb7b957e2c5 s3-torture: give torture test binaries their own wscript_build from ee9dfff617a bootstrap: Install python3-dateutil instead of python3-iso8601 on RPM distros https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 11c9eb0ccc34c4731fe7822768ba2b67aaea606a Author: Günther Deschner Date: Mon Nov 9 17:08:27 2020 +0100 s3-torture: Only install vfstest manpage when vfstest binary gets installed. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Jul 21 13:41:26 UTC 2021 on sn-devel-184 commit bb7b957e2c5d940191cb1202ade6fea7a0cce4c0 Author: Günther Deschner Date: Mon Nov 9 15:12:21 2020 +0100 s3-torture: give torture test binaries their own wscript_build Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider --- Summary of changes: docs-xml/wscript_build| 4 +- source3/torture/wscript_build | 136 ++ source3/wscript_build | 135 + 3 files changed, 140 insertions(+), 135 deletions(-) create mode 100644 source3/torture/wscript_build Changeset truncated at 500 lines: diff --git a/docs-xml/wscript_build b/docs-xml/wscript_build index 492a9ad70bd..5ddb8ded615 100644 --- a/docs-xml/wscript_build +++ b/docs-xml/wscript_build @@ -51,7 +51,6 @@ manpages=''' manpages/testparm.1 manpages/traffic_learner.7 manpages/traffic_replay.7 - manpages/vfstest.1 manpages/wbinfo.1 manpages/winbindd.8 ''' @@ -175,6 +174,9 @@ if ('XSLTPROC_MANPAGES' in bld.env and bld.env['XSLTPROC_MANPAGES']): if conf.env.build_winexe == True: bld.SAMBAMANPAGES(winexe_manpages) +if bld.CONFIG_SET('ENABLE_SELFTEST'): +bld.SAMBAMANPAGES('manpages/vfstest.1') + for manpage in vfs_module_manpages: if bld.SAMBA3_IS_ENABLED_MODULE(manpage): bld.SAMBAMANPAGES('manpages/%s.8' % manpage) diff --git a/source3/torture/wscript_build b/source3/torture/wscript_build new file mode 100644 index 000..bde70d6a800 --- /dev/null +++ b/source3/torture/wscript_build @@ -0,0 +1,136 @@ +#!/usr/bin/env python + +bld.SAMBA3_BINARY('locktest2', + source='locktest2.c', + deps=''' + talloc + smbconf + libsmb + LOCKING + ''', + for_selftest=True) + +TORTURE3_ADDITIONAL_SOURCE="" + +if bld.env.with_ctdb: +TORTURE3_ADDITIONAL_SOURCE += ' test_ctdbd_conn.c' + +bld.SAMBA3_BINARY('smbtorture' + bld.env.suffix3, + source=''' +torture.c +nbio.c +scanner.c +utable.c +denytest.c +mangle_test.c +nbench.c +test_async_echo.c +test_addrchange.c +test_matching.c +test_posix_append.c +test_posix.c +test_nttrans_create.c +test_nttrans_fsctl.c +test_case_insensitive.c +test_notify_online.c +test_chain3.c +test_smb2.c +test_authinfo_structs.c +test_smbsock_any_connect.c +test_cleanup.c +test_notify.c +../lib/tevent_barrier.c +test_dbwrap_watch.c +test_dbwrap_do_locked.c +test_idmap_tdb_common.c +test_dbwrap_ctdb.c +test_buffersize.c +test_messaging_read.c +test_messaging_fd_passing.c +test_messaging_send_all.c +test_oplock_cancel.c +test_pthreadpool_tevent.c +bench_pthreadpool.c +wbc_async.c +test_g_lock.c +test_namemap_cache.c +test_idmap_cache.c +test_hidenewfiles.c +test_re
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7938d94d12e s4-selftest: add net offlinejoin tests via a8ad0eb4ae7 docs: document "net offlinejoin" set of commands via 575407dc2fc s3-net: add "net offlinejoin" command via ec6fd45d7b5 s3-libnetapi: add djoin tool via 3e3269d34b2 s3-libnetapi: implement NetRequestOfflineDomainJoin_l via e7a8aeee449 s3-libnetapi: add NetRequestOfflineDomainJoin example code via c1f937bfb1d s3-libnetapi: add NetRequestOfflineDomainJoin to api via 0816a3d9e60 s3-libnetapi: add NetRequestOfflineDomainJoin() boilerplate. via c97dac6d1be s3-libnetapi: add NetRequestOfflineDomainJoin to IDL via 3c8254a2faf s3-libnetapi: implement NetProvisionComputerAccount_l via 962c803947c s3-libnetapi: add NetProvisionComputerAccount example code via 8bf2a3f9c0b s3-libnetapi: add NetProvisionComputerAccount to api. via 3f71d1fa1c0 s3-libnetapi: add NetProvisionComputerAccount() boilerplate via b19a145e8f0 s3-libnetapi: add NetProvisionComputerAccount() to IDL via fc51b38ed8b s3-libnetapi: add netapi_save_file_ucs2() to example code via 3cfe663651f s3-libnetapi: add netapi_read_file helper via 44bd5049e14 s3-libnetapi: add offline domain join related error codes (not WERRORs) via 4d65b263563 s3-libnetapi: add missing NetJoinFlags for netapi via 1c62cac7f27 s3-libnetapi: add libnetapi_set_logfile() via 927390bae58 s3-libnetapi: add libnetapi_get_use_kerberos() via adcdb696cfe re-run make libnetapi via eff9610e7b0 s3-libnet_join: always check config correctness while joining offline via 799384792a8 s3-libnet_join: check for netbios name correctness as well via 33ed555e9bd s3-libnet_join: set netbios name as well when modification is requested via 8f3b9944857 s3-libnet_join: use dsgetonedcname to validate given DC via 7a9972943a4 s3-dsgetdcname: add dsgetonedcname() via de329620391 s3-libnet_join: use joinprov3 struct in libnet_DomainOfflineJoin() via 1581d63bfe0 s3-libnet_join: add support for libnet_DomainOfflineJoin via 997fbcbc902 s3-dsgetdcname: return dcinfo also when delivering from the cache. via 22d500ec541 s3-dsgetdcname: the returned dcinfo unc should always be prefixed via 91dcc7c889a s3-libnet_join: add request_offline_join flag via 0d75503421c s3-libnet_join: fully implement libnet_odj_compose_OP_JOINPROV3_PART via beaab062891 s3-librpc: add ODJ_PROVISION_DATA pointer to libnet_JoinCtx via 36db8faea38 s3-libnet_join: return account rid in libnet_JoinCtx via 793277c0ddd s3-libnet_join: add libnet_odj_find_joinprov3() via 80b8bbe4851 s3-libnet_join: add libnet_odj_find_win7blob to libnet_offline_join via 402d9032cbf s3-libnet_join: add some libnet_JoinCtx-to-ODJ helpers via ada1ed29cfc s3-libnet_join: return the allocated netr_DsRGetDCNameInfo struct via 9a0db8c8ed1 s3-rpc_client: add copy_netr_DsRGetDCNameInfo() helper via f37d5ea243f s3-libnet_join: let libnetjoin return a netr_DsRGetDCNameInfo via 9d9a1132119 s3-libnet_join: add new provision_computer_account_only flag via bd5dce667d8 s4-torture: add odj ndr testsuite via 705f9954582 librpc: make sure the 4 byte _pad in ODJ_WIN7BLOB is never 0 via 9963da126be librpc: more work on ODJ IDL via 91ff058420b librpc: add custom odj_switch_level_from_guid() via 8ff687863dd librpc: compile ODJ idl via dc40f23acd9 librpc: add "Offline Domain Join" (ODJ) IDL via 9cc62b562c9 librpc/ndr: do not print strings when NDR_SECRET is used from e168a95c1bb s3: VFS: Update status of SMB_VFS_READ_DFS_PATHAT. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7938d94d12e5ed2790fdf3d5291c8d92e66f1b4a Author: Günther Deschner Date: Sat Jun 5 00:32:17 2021 +0200 s4-selftest: add net offlinejoin tests Guenther Signed-off-by: Guenther Deschner Reviewed-by: Alexander Bokovoy Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Jul 14 17:38:21 UTC 2021 on sn-devel-184 commit a8ad0eb4ae76a59e62e65570e8c1a808a8419a7b Author: Günther Deschner Date: Tue Apr 13 18:45:56 2021 +0200 docs: document "net offlinejoin" set of commands Guenther Signed-off-by: Guenther Deschner Reviewed-by: Alexander Bokovoy commit 575407dc2fc9aa27a1301b74c827f3bb3fb5d0eb Author: Günther Deschner Date: Tue Mar 9 13:52:51 2021 +0100 s3-net: add "net offlinejoin" command Guenther Signed-off-by: Guenther Deschner Reviewed-by: Alexander Bokovoy commit ec6fd45d7b527a91ee4e2bc9fa03312e8cb65022 Author: Günther Deschner Date: Tue Feb
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c871c224611 s3:netapi: Add libnetapi_set_creds() via 6968a325d9d s3:netapi: Get rid of set_cmdline_auth_info_*() via 4e82150dc14 auth:creds: Use our own cli_credentials_set_cmdline_callbacks() via 9e5ac70a7e4 auth:creds: Add command line function for standard password callback via ca57356b78f s4:lib:cmdline: Rename cli_credentials_set_cmdline_callbacks() via 3f3093933a2 s3:netapi: Remove use_ccache from 'struct libnetapi_ctx' via 67d49ac1480 s3:netapi: Remove use_kerberos from struct libnetapi_ctx via dd7adbfa8f2 s3:netapi: Remove workgroup from 'struct libnetapi_ctx' via 51d5bebcc15 s3:netapi: Remove password from 'struct libnetapi_ctx' via d94053f9d8b s3:netapi: Remove username from 'struct libnetapi_ctx' via fd78554d11a s3:netapi: Use public functions for username/password via 0aeca4e5a13 s3:netapi: Get username/password from cli_credentials in joindomain.c via 3506800d3ef s3:netapi: Get username/password from cli_credentials in netapi.c via 9285e64a623 s3:netapi: Fill also cli_credentials with netapi setters via 7bb70f701e4 s3:netapi: Add a cli_credentials pointer to struct libnetapi_ctx via 517f94f5bff s3:netapi: Remove unused ctx->krb5_cc_env via e79b067e239 s3:netapi: Make 'struct libnetapi_ctx' opaque via bcc3945e538 s3:netapi: Use public getters in getjoinableous example via 44ef7f96e16 s3:netapi: Use public getters in remote_machine example via c9222ab8388 s3:netapi: Implement public libnetapi_get_(username|password) functions from 17283de8fd9 netcmd: Fix typos in offline domain backup test https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c871c224611296ee922a508129913aca93a38a16 Author: Andreas Schneider Date: Thu Mar 18 13:34:15 2021 +0100 s3:netapi: Add libnetapi_set_creds() This will be used by the 'net' command in future! Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Mar 24 02:07:20 UTC 2021 on sn-devel-184 commit 6968a325d9d5c9d68634b10d9ee080004865bcd8 Author: Andreas Schneider Date: Thu Mar 18 13:49:27 2021 +0100 s3:netapi: Get rid of set_cmdline_auth_info_*() Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 4e82150dc14cb8852a7a20c1d57b0db4a4cf82e1 Author: Andreas Schneider Date: Thu Dec 3 17:07:53 2020 +0100 auth:creds: Use our own cli_credentials_set_cmdline_callbacks() Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 9e5ac70a7e49ecd0e61e9546ccdf0ad863f1177a Author: Andreas Schneider Date: Wed Aug 7 11:36:28 2019 +0200 auth:creds: Add command line function for standard password callback Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Stefan Metzmacher Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit ca57356b78f095c20685c4b510d20b1efedb5882 Author: Andreas Schneider Date: Tue Mar 23 16:27:38 2021 +0100 s4:lib:cmdline: Rename cli_credentials_set_cmdline_callbacks() Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 3f3093933a2341da5329647b843ef8f06fc9e30b Author: Andreas Schneider Date: Thu Mar 18 13:39:54 2021 +0100 s3:netapi: Remove use_ccache from 'struct libnetapi_ctx' Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 67d49ac14805d6cb6fbc87904173aaeaf5f859c5 Author: Andreas Schneider Date: Thu Mar 18 13:39:54 2021 +0100 s3:netapi: Remove use_kerberos from struct libnetapi_ctx Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit dd7adbfa8f277932eeed17eceaaa7713fc23829b Author: Andreas Schneider Date: Thu Mar 18 11:37:50 2021 +0100 s3:netapi: Remove workgroup from 'struct libnetapi_ctx' Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 51d5bebcc156ee9b93937deefc534e44911245a7 Author: Andreas Schneider Date: Thu Mar 18 11:37:03 2021 +0100 s3:netapi: Remove password from 'struct libnetapi_ctx' Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit d94053f9d8b1fdce61e90d3942e75b02e2d3209c Author: Andreas Schneider Date: Thu Mar 18 11:36:37 2021 +0100 s3:netapi: Remove username from 'struct libnetapi_ctx' Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit fd78554d11a60c75c0e6d2c8606a82bc20526c8a Author: Andreas Schneider Date: Thu Mar 18 11:14:39 2021 +0100 s3:netapi: Use public functions for username/password Signed-off-by: Andreas
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 718f7b1a84f printing: use correct error out in get_correct_cversion() when openat_pathref_fsp() fails via 70063c523bf printing: use correct error out in file_version_is_newer() when openat_pathref_fsp() fails via 8c1fd86db87 printing: use correct error out in file_version_is_newer() when openat_pathref_fsp() fails from 09a8f409e59 samba-tool: Replace gpo command for removing Sudoers Group Policy https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 718f7b1a84f1c6eb35d52232a8573370f45add56 Author: Ralph Boehme Date: Tue Feb 16 14:24:05 2021 +0100 printing: use correct error out in get_correct_cversion() when openat_pathref_fsp() fails Fixes a regression introduced by a74f0af1a91fe0bbc68e4d41d65f43ec383ae8bf: if there's no existing file, openat_pathref_fsp() will fail with NT_STATUS_OBJECT_NAME_NOT_FOUND which must be handled the same way it is done by the SMB_VFS_CREATE_FILE() call below. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14635 Signed-off-by: Ralph Boehme Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Feb 17 19:53:00 UTC 2021 on sn-devel-184 commit 70063c523bff5e471eac2b011b243c5aa0c4bee1 Author: Ralph Boehme Date: Tue Feb 16 14:23:02 2021 +0100 printing: use correct error out in file_version_is_newer() when openat_pathref_fsp() fails Fixes a regression introduced by ef5e913bca584f0232d5bfff14df4ccba2dda35c: if there's no existing file, openat_pathref_fsp() will fail with NT_STATUS_OBJECT_NAME_NOT_FOUND which must be handled the same way it is done by the SMB_VFS_CREATE_FILE() call below. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14635 Signed-off-by: Ralph Boehme Reviewed-by: Guenther Deschner commit 8c1fd86db873f0326faf1cefa731a03709f8ac7f Author: Ralph Boehme Date: Tue Feb 16 14:19:51 2021 +0100 printing: use correct error out in file_version_is_newer() when openat_pathref_fsp() fails Fixes a regression introduced by cbe25e1777d0c43c21e8acc2cea79fd03fdaf2ea: if there's no existing file, openat_pathref_fsp() will fail with NT_STATUS_OBJECT_NAME_NOT_FOUND which must be handled the same way it is done by the SMB_VFS_CREATE_FILE() call below. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14635 Signed-off-by: Ralph Boehme Reviewed-by: Guenther Deschner --- Summary of changes: source3/printing/nt_printing.c | 12 +--- 1 file changed, 9 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 9b7904f6778..e9253093ae2 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -833,7 +833,8 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr status = openat_pathref_fsp(conn->cwd_fsp, smb_fname); if (!NT_STATUS_IS_OK(status)) { - return false; + ret = 1; + goto done; } status = SMB_VFS_CREATE_FILE( @@ -892,7 +893,9 @@ static int file_version_is_newer(connection_struct *conn, fstring new_file, fstr status = openat_pathref_fsp(conn->cwd_fsp, smb_fname); if (!NT_STATUS_IS_OK(status)) { - return false; + DBG_NOTICE("Can't open new file [%s], errno = %d\n", + smb_fname_str_dbg(smb_fname), errno); + goto error_exit; } status = SMB_VFS_CREATE_FILE( @@ -1101,7 +1104,10 @@ static uint32_t get_correct_cversion(const struct auth_session_info *session_inf nt_status = openat_pathref_fsp(conn->cwd_fsp, smb_fname); if (!NT_STATUS_IS_OK(nt_status)) { - return false; + DBG_NOTICE("Can't open file [%s], errno =%d\n", + smb_fname_str_dbg(smb_fname), errno); + *perr = WERR_ACCESS_DENIED; + goto error_exit; } nt_status = SMB_VFS_CREATE_FILE( -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 369c1d53983 vfs_glusterfs: print exact cmdline for disabling write-behind translator from 5c27740aeff docs-xml: Add a section about weak crypto in testparm manpage https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 369c1d539837b70e94fe9d533d44860c8a9380a1 Author: Günther Deschner Date: Tue Nov 24 15:38:41 2020 +0100 vfs_glusterfs: print exact cmdline for disabling write-behind translator BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486 Guenther Signed-off-by: Guenther Deschner Reviewed-by: Anoop C S Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Nov 27 17:15:07 UTC 2020 on sn-devel-184 --- Summary of changes: docs-xml/manpages/vfs_glusterfs.8.xml | 6 +- source3/modules/vfs_glusterfs.c | 7 +-- 2 files changed, 10 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_glusterfs.8.xml b/docs-xml/manpages/vfs_glusterfs.8.xml index ca6085a0595..d25135e14ac 100644 --- a/docs-xml/manpages/vfs_glusterfs.8.xml +++ b/docs-xml/manpages/vfs_glusterfs.8.xml @@ -179,10 +179,14 @@ translator and refuse to connect if detected. Please disable the write-behind translator for the GlusterFS volume to allow the plugin to connect to the volume. +The write-behind translator can easily be disabled via calling + +gluster volume set <volumename> performance.write-behind off + on the commandline. With GlusterFS versions >= 9, we silently bypass write-behind -translator during intial connect and failure is avoided. +translator during initial connect and failure is avoided. diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index c438a64d9be..ebbde9353a9 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -345,9 +345,12 @@ static int check_for_write_behind_translator(TALLOC_CTX *mem_ctx, if (write_behind_present) { DBG_ERR("Write behind translator is enabled for " "volume (%s), refusing to connect! " - "Please check the vfs_glusterfs(8) manpage for " + "Please turn off the write behind translator by calling " + "'gluster volume set %s performance.write-behind off' " + "on the commandline. " + "Check the vfs_glusterfs(8) manpage for " "further details.\n", - volume); + volume, volume); return -1; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a8ec8304917 s4-torture: test file_line_parse as well via ae4dd2ab82e lib: Fix file_lines_parse() to do what people expect. Much safer to use. via 61f6672d8bb lib: create a wrapper for file_lines_parse(). from 2ba6d596ff0 tests python krb5: add arcfour salt tests https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a8ec83049176fdebe086be8c03c7d058c58f48d8 Author: Günther Deschner Date: Tue Nov 10 17:10:27 2020 +0100 s4-torture: test file_line_parse as well Guenther Signed-off-by: Guenther Deschner Reviewed-by: Jeremy Allison Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Nov 13 17:47:33 UTC 2020 on sn-devel-184 commit ae4dd2ab82eae1ddffbb00e7a753521a0879341b Author: Jeremy Allison Date: Tue Nov 10 13:52:01 2020 -0800 lib: Fix file_lines_parse() to do what people expect. Much safer to use. Take an incoming const char * pointer and return an allocated array that must be freed. Don't expose the internal optimization of file_lines_parse_internal() breaking the passed in string into lines. Signed-off-by: Jeremy Allison Reviewed-by: Guenther Deschner commit 61f6672d8bbdbb6889be94591a7dbaeb55ab3d30 Author: Jeremy Allison Date: Tue Nov 10 13:43:24 2020 -0800 lib: create a wrapper for file_lines_parse(). Make the internal function file_lines_parse_internal(). Currently file_lines_parse() just wraps file_lines_parse_internal(), but this allows me to change file_lines_parse() to take a const char * to make it safe for callers (no talloc tricks). Signed-off-by: Jeremy Allison Reviewed-by: Guenther Deschner --- Summary of changes: lib/util/samba_util.h | 2 +- lib/util/tests/file.c | 31 +++ lib/util/util_file.c | 23 --- 3 files changed, 52 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h index 5a81baa80b6..3a60b618083 100644 --- a/lib/util/samba_util.h +++ b/lib/util/samba_util.h @@ -394,7 +394,7 @@ load a file into memory from a fd. _PUBLIC_ char *fd_load(int fd, size_t *size, size_t maxsize, TALLOC_CTX *mem_ctx); -char **file_lines_parse(char *p, size_t size, int *numlines, TALLOC_CTX *mem_ctx); +char **file_lines_parse(const char *p, size_t size, int *numlines, TALLOC_CTX *mem_ctx); /** load a file into memory diff --git a/lib/util/tests/file.c b/lib/util/tests/file.c index 55c9d4cec9a..3501c7e135f 100644 --- a/lib/util/tests/file.c +++ b/lib/util/tests/file.c @@ -243,6 +243,34 @@ done: return ret; } +static bool test_file_lines_parse(struct torture_context *tctx) +{ + char **lines; + int numlines; + TALLOC_CTX *mem_ctx = tctx; + char *buf; + size_t size; + + torture_assert(tctx, file_save(TEST_FILENAME, + (const void *)TEST_DATA, + strlen(TEST_DATA)), + "saving file"); + + buf = file_load(TEST_FILENAME, &size, 0, mem_ctx); + torture_assert(tctx, buf, "failed to load file"); + unlink(TEST_FILENAME); + + lines = file_lines_parse(buf, +size, +&numlines, +mem_ctx); + torture_assert(tctx, lines, "failed to parse lines"); + + TALLOC_FREE(lines); + TALLOC_FREE(buf); + return true; +} + struct torture_suite *torture_local_util_file(TALLOC_CTX *mem_ctx) { struct torture_suite *suite = torture_suite_create(mem_ctx, "file"); @@ -256,5 +284,8 @@ struct torture_suite *torture_local_util_file(TALLOC_CTX *mem_ctx) torture_suite_add_simple_test(suite, "afdgets", test_afdgets); + torture_suite_add_simple_test(suite, "file_lines_parse", + test_file_lines_parse); + return suite; } diff --git a/lib/util/util_file.c b/lib/util/util_file.c index 0c890f9b5ea..af90e4a7621 100644 --- a/lib/util/util_file.c +++ b/lib/util/util_file.c @@ -253,7 +253,7 @@ _PUBLIC_ char *file_load(const char *fname, size_t *size, size_t maxsize, TALLOC parse a buffer into lines 'p' will be freed on error, and otherwise will be made a child of the returned array **/ -char **file_lines_parse(char *p, size_t size, int *numlines, TALLOC_CTX *mem_ctx) +static char **file_lines_parse_internal(char *p, size_t size, int *numlines, TALLOC_CTX *mem_ctx) { unsigned int i; char *s, **ret; @@ -305,7 +305,7 @@ _PUBLIC_ char **file_lines_load(const char *fname, int *numlines, size_t maxsize p = file_
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 457b49c6780 s3: modules: gluster. Fix the error I made in preventing talloc leaks from a function. from 31c703766fd lookup_name: allow lookup names prefixed with DNS forest root for FreeIPA DC https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 457b49c67803dd95abc8502c2a410fac273f6fba Author: Jeremy Allison Date: Tue Nov 10 10:18:18 2020 -0800 s3: modules: gluster. Fix the error I made in preventing talloc leaks from a function. file_lines_parse() plays horrible tricks with the passed-in talloc pointers and the hierarcy which makes freeing hard to get right. As we know mem_ctx is freed by the caller, after calling file_lines_parse don't free on exit and let the caller handle it. This violates good Samba coding practice but we know we're not leaking here. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486 Signed-off-by: Jeremy Allison Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Nov 11 15:02:27 UTC 2020 on sn-devel-184 --- Summary of changes: source3/modules/vfs_glusterfs.c | 20 1 file changed, 12 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index 1ed6235e37f..c438a64d9be 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -315,15 +315,25 @@ static int check_for_write_behind_translator(TALLOC_CTX *mem_ctx, return -1; } + /* +* file_lines_parse() plays horrible tricks with +* the passed-in talloc pointers and the hierarcy +* which makes freeing hard to get right. +* +* As we know mem_ctx is freed by the caller, after +* this point don't free on exit and let the caller +* handle it. This violates good Samba coding practice +* but we know we're not leaking here. +*/ + lines = file_lines_parse(buf, newlen, &numlines, mem_ctx); if (lines == NULL || numlines <= 0) { - TALLOC_FREE(option); - TALLOC_FREE(buf); return -1; } + /* On success, buf is now a talloc child of lines !! */ for (i=0; i < numlines; i++) { if (strequal(lines[i], option)) { @@ -338,15 +348,9 @@ static int check_for_write_behind_translator(TALLOC_CTX *mem_ctx, "Please check the vfs_glusterfs(8) manpage for " "further details.\n", volume); - TALLOC_FREE(lines); - TALLOC_FREE(option); - TALLOC_FREE(buf); return -1; } - TALLOC_FREE(lines); - TALLOC_FREE(option); - TALLOC_FREE(buf); return 0; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via be03ce7d8bb manpages/vfs_glusterfs: Mention silent skipping of write-behind translator from b8913401304 sefltest: Enable the dcerpc.createtrustrelax test against ad_dc_fips https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit be03ce7d8bb213633eedcfc3299b8d9865a3c67f Author: Anoop C S Date: Thu Nov 5 16:12:09 2020 +0530 manpages/vfs_glusterfs: Mention silent skipping of write-behind translator BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486 Signed-off-by: Anoop C S Reviewed-by: Andrew Bartlett Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Mon Nov 9 13:30:06 UTC 2020 on sn-devel-184 --- Summary of changes: docs-xml/manpages/vfs_glusterfs.8.xml | 5 + 1 file changed, 5 insertions(+) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_glusterfs.8.xml b/docs-xml/manpages/vfs_glusterfs.8.xml index 7a4da1af919..ca6085a0595 100644 --- a/docs-xml/manpages/vfs_glusterfs.8.xml +++ b/docs-xml/manpages/vfs_glusterfs.8.xml @@ -180,6 +180,11 @@ Please disable the write-behind translator for the GlusterFS volume to allow the plugin to connect to the volume. + +With GlusterFS versions >= 9, we silently bypass write-behind +translator during intial connect and failure is avoided. + + -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d23e2678e93 s3:smbd: stop accepting multichannel connections early in exit_server_common() via e5a8b16a11f s3:smbd: move exit_firsttime checking to the start of exit_server_common() via 8fbb7ad275d s4:torture/smb2: make smb2.durable-v2-delay tests more robust via 3fa9c3d5bb8 s4:torture/smb2: split replay_smb3_specification into durable handle and multichannel from aa4d135710e s3: lib: Fix missing TALLOC_FREE in error code path. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d23e2678e93362b03df21b6fc26835ad8efdcc9f Author: Stefan Metzmacher Date: Mon Jul 6 16:51:05 2020 +0200 s3:smbd: stop accepting multichannel connections early in exit_server_common() This is just a step in the correct direction, but there's still a possible race... BUG: https://bugzilla.samba.org/show_bug.cgi?id=14433 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Jul 14 14:59:19 UTC 2020 on sn-devel-184 commit e5a8b16a11f7286b88e3ea2057c26aa558b9f74a Author: Stefan Metzmacher Date: Mon Jul 6 16:42:46 2020 +0200 s3:smbd: move exit_firsttime checking to the start of exit_server_common() BUG: https://bugzilla.samba.org/show_bug.cgi?id=14433 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 8fbb7ad275dea54b1d331ec9c591ec4e50778922 Author: Stefan Metzmacher Date: Sat Jul 4 11:50:14 2020 +0200 s4:torture/smb2: make smb2.durable-v2-delay tests more robust We should not crash when the test fails, so we use a 2nd independent connection to unlink the file at the end. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 3fa9c3d5bb835d3f512a0a93bf971d8ae54600a0 Author: Stefan Metzmacher Date: Fri Jul 3 10:09:16 2020 +0200 s4:torture/smb2: split replay_smb3_specification into durable handle and multichannel It's better to have durable handles and multichannel tested separate: 1. we test both cases in the server 2. it makes it easier to deal with knownfail entries if only one of these features is active on the server. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner --- Summary of changes: selftest/knownfail | 3 +- source3/librpc/idl/smbXsrv.idl | 1 + source3/smbd/server_exit.c | 25 --- source3/smbd/smbXsrv_client.c | 6 source4/torture/smb2/durable_v2_open.c | 52 --- source4/torture/smb2/lock.c| 57 +- 6 files changed, 106 insertions(+), 38 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index 4fe503f4cc1..6c005d1f4de 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -215,7 +215,8 @@ ^samba3.smb2.compound.aio.interim2 # wrong return code (STATUS_CANCELLED) ^samba3.smb2.replay.replay3 # This requires multi-chanel ^samba3.smb2.replay.replay4 # This requires multi-chanel -^samba3.smb2.lock.replay_smb3_specification # This requires multi-chanel or durable handles +^samba3.smb2.lock.replay_smb3_specification_multi # This requires multi-chanel +^samba3.smb2.lock.replay_smb3_specification_durable\(nt4_dc\) # Requires durable handles ^samba3.smb2.lock.*replay_broken_windows # This tests the windows behaviour ^samba3.smb2.lease.statopen3 ^samba3.smb2.lease.unlink # we currently do not downgrade RH lease to R after unlink diff --git a/source3/librpc/idl/smbXsrv.idl b/source3/librpc/idl/smbXsrv.idl index a74ac42b312..78fc3644d2f 100644 --- a/source3/librpc/idl/smbXsrv.idl +++ b/source3/librpc/idl/smbXsrv.idl @@ -142,6 +142,7 @@ interface smbXsrv [ignore] struct smbXsrv_connection *connections; boolean8server_multi_channel_enabled; hyper next_channel_id; + [ignore] struct tevent_req *connection_pass_subreq; /* * A List of pending breaks. diff --git a/source3/smbd/server_exit.c b/source3/smbd/server_exit.c index e3efa993159..397ea810633 100644 --- a/source3/smbd/server_exit.c +++ b/source3/smbd/server_exit.c @@ -83,6 +83,11 @@ static void exit_server_common(enum server_exit_reason how, struct messaging_context *msg_ctx = global_messaging_context(); NTSTATUS disconnect_status; + if (!exit_firsttime) { + exit(0); + } + exit_firsttime = false; + switch (how) { case SERVER_EXIT_NORMAL: disconnect_status = NT_STATUS_LOCAL_DISCONNECT; @@ -94,13 +99,25 @@ s
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via dbfc197f65f s4/torture: Unlink test file at the beginning of smb2.read.position from 04f0c45475d s3:gencache: Allow to open gencache as read-only https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dbfc197f65f28c7f4e889045d7b04c46c4f6680d Author: Michael Adam Date: Wed May 13 13:45:11 2020 +0530 s4/torture: Unlink test file at the beginning of smb2.read.position Pair-Programmed-With: Anoop C S Signed-off-by: Michael Adam Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri May 15 16:02:47 UTC 2020 on sn-devel-184 --- Summary of changes: source4/torture/smb2/read.c | 2 ++ 1 file changed, 2 insertions(+) Changeset truncated at 500 lines: diff --git a/source4/torture/smb2/read.c b/source4/torture/smb2/read.c index b26bc18ddac..2899a491663 100644 --- a/source4/torture/smb2/read.c +++ b/source4/torture/smb2/read.c @@ -143,6 +143,8 @@ static bool test_read_position(struct torture_context *torture, struct smb2_tree ZERO_STRUCT(buf); + smb2_util_unlink(tree, FNAME); + status = torture_smb2_testfile(tree, FNAME, &h); CHECK_STATUS(status, NT_STATUS_OK); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ddd8ae51f8c smb2_server: do async shutdown for pending multi-channel requests via a90ac47d88d smbXsrv_session: add a smbXsrv_session_disconnect_xconn() helper via de0e6dfdb84 smb2_server: call smbXsrv_connection_disconnect_transport() early on network errors via 26ba013e279 smb2_server: add and use a function that calculated the remaining channels via a87c9a92df6 smb2_server: let smbd_server_connection_terminate_ex() call smbXsrv_connection_disconnect_transport() via d8ab88e77f8 s3:smbd: split out smbXsrv_connection_disconnect_transport() via 0cec96526bf smb2_server: make sure we detect stale smbXsrv_connection pointers in smbXsrv_channel_global via 2ac0f835458 smb2_server: update inline comment for max channels via e26b55a232b smbXsrv_client: make sure that we store a valid blob via 73cc25fa7b1 smbXsrv_client: fix debug message in smbXsrv_client_create() from 004e7a1fee7 s4/rpc_server/dnsserver: Allow parsing of dnsProperty to fail gracefully https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ddd8ae51f8c7a8f35754d0b281c74cb36e7d6bbd Author: Stefan Metzmacher Date: Fri Oct 4 14:55:52 2019 +0200 smb2_server: do async shutdown for pending multi-channel requests We have wait until all pending requests are done before we can TALLOC_FREE() the connection structure. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri May 15 10:26:29 UTC 2020 on sn-devel-184 commit a90ac47d88d08dfd396e956f9e24d9fcc0de3c5d Author: Stefan Metzmacher Date: Fri Oct 4 12:11:00 2019 +0200 smbXsrv_session: add a smbXsrv_session_disconnect_xconn() helper This removes the connection references from the session channel array for each session that's used on the connection. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit de0e6dfdb84cfe13b04d6ec7a09b18f001c61db4 Author: Stefan Metzmacher Date: Fri Oct 4 14:56:40 2019 +0200 smb2_server: call smbXsrv_connection_disconnect_transport() early on network errors It's good to remember the first error we got and makes sure we don't try any further io on the connection. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 26ba013e279769b39e6bac510cb4b2d6d801ac98 Author: Stefan Metzmacher Date: Fri Oct 4 14:49:59 2019 +0200 smb2_server: add and use a function that calculated the remaining channels This is useful for debugging, but also simplies the following changes, where client->connections may hold disconnected connections until all pending requests are finished. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit a87c9a92df675173fc28404819d8dc0303eb81af Author: Stefan Metzmacher Date: Fri Oct 4 14:30:17 2019 +0200 smb2_server: let smbd_server_connection_terminate_ex() call smbXsrv_connection_disconnect_transport() If the connection is broken mark it as invalid and close the socket. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit d8ab88e77f8bbd29d9222348eb4f9a290a4f3694 Author: Stefan Metzmacher Date: Fri Oct 4 14:26:20 2019 +0200 s3:smbd: split out smbXsrv_connection_disconnect_transport() It's good to have an isolated function that just disconnects the lower layer transport and remembers the first error status. This will be used in more placed in the following commits. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 0cec96526bf4d3209caf36c4a19632ff5d5dd112 Author: Stefan Metzmacher Date: Fri Oct 4 10:02:56 2019 +0200 smb2_server: make sure we detect stale smbXsrv_connection pointers in smbXsrv_channel_global Pointer values can be reused (yes, I hit that during my testing!). Introduce a channel_id to identify connections and also add some timestamps to make debugging easier. This makes smbXsrv_session_find_channel() much more robust. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 2ac0f8354585ac2cd617d53bfc9678769c8698fc Author: Günther Deschner Date: Wed Jan 24 17:14:59 2018 +0100 smb2_server: update inline comment for max channels All Windows versions have the limit of 32 channels. Signed-off-by: Guenther Deschner Signed-off-by: Stefan Metzmacher commit e26b55a232b1402b5d42ce0ab9e3d79b4f4319d9 Author: Stefan Metzmacher Date: Thu May 7 06:49:24 2020 -0700 smbXsrv_client: make sure that we store a valid blob This fixes a regression introduced by 14182350f8397d27d7642dae595dc52691f0acfe ("librpc
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ab70153c200 testprogs: Add 'net ads join' test for fips from 84c7eb4787d lib:param: Fix memory leak in lpcfg_load_internal() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ab70153c200c7ace5e01db54360eb84a53a47e80 Author: Andreas Schneider Date: Wed May 13 16:33:14 2020 +0200 testprogs: Add 'net ads join' test for fips Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu May 14 14:27:26 UTC 2020 on sn-devel-184 --- Summary of changes: source4/selftest/tests.py | 1 + testprogs/blackbox/test_net_ads_fips.sh | 43 + 2 files changed, 44 insertions(+) create mode 100755 testprogs/blackbox/test_net_ads_fips.sh Changeset truncated at 500 lines: diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py index a3831b5d67c..15af32a0415 100755 --- a/source4/selftest/tests.py +++ b/source4/selftest/tests.py @@ -530,6 +530,7 @@ plantestsuite("samba4.blackbox.samba-tool_ntacl(ad_member:local)", "ad_member:lo if have_gnutls_crypto_policies: plantestsuite("samba4.blackbox.weak_crypto.client", "ad_dc", [os.path.join(bbdir, "test_weak_crypto.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc"]) plantestsuite("samba4.blackbox.weak_crypto.server", "ad_dc_fips", [os.path.join(bbdir, "test_weak_crypto_server.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc_fips", configuration]) +plantestsuite("samba4.blackbox.net_ads_fips", "ad_dc_fips:client", [os.path.join(bbdir, "test_net_ads_fips.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS']) plantestsuite_loadlist("samba4.rpc.echo against NetBIOS alias", "ad_dc_ntvfs", [valgrindify(smbtorture4), "$LISTOPT", "$LOADLIST", 'ncacn_np:$NETBIOSALIAS', '-U$DOMAIN/$USERNAME%$PASSWORD', 'rpc.echo']) # json tests hook into ``chgdcpass'' to make them run in contributor CI on diff --git a/testprogs/blackbox/test_net_ads_fips.sh b/testprogs/blackbox/test_net_ads_fips.sh new file mode 100755 index 000..6364f9dcd94 --- /dev/null +++ b/testprogs/blackbox/test_net_ads_fips.sh @@ -0,0 +1,43 @@ +if [ $# -lt 4 ]; then +cat </dev/null | sha1sum | cut -b 1-10` + +RUNDIR=`pwd` +cd $BASEDIR +WORKDIR=`mktemp -d -p .` +WORKDIR=`basename $WORKDIR` +cp -a client/* $WORKDIR/ +sed -ri "s@(dir|directory) = (.*)/client/@\1 = \2/$WORKDIR/@" $WORKDIR/client.conf +sed -ri "s/netbios name = .*/netbios name = $HOSTNAME/" $WORKDIR/client.conf +rm -f $WORKDIR/private/secrets.tdb +cd $RUNDIR + +failed=0 + +net_tool="$BINDIR/net -s $BASEDIR/$WORKDIR/client.conf --option=security=ads" + +# Load test functions +. `dirname $0`/subunit.sh + +# This make sure we are able to join AD in FIPS mode with Kerberos (NTLM doesn't work in FIPS mode). +testit "join" $VALGRIND $net_tool ads join -k -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1` + +testit "testjoin" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1` + +testit "changetrustpw" $VALGRIND $net_tool ads changetrustpw || failed=`expr $failed + 1` + +testit "leave" $VALGRIND $net_tool ads leave -k -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1` + +rm -rf $BASEDIR/$WORKDIR + +exit $failed -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 047b0d8ab53 nsswitch: fix use-after-free causing segfault in _pam_delete_cred from c4ccdf4b30d s4:selftest: run samba.tests.krb5.simple_tests against ad_dc_default https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 047b0d8ab534c7a10a8572fd9f21e2456fd30710 Author: Günther Deschner Date: Fri Mar 27 10:13:11 2020 +0100 nsswitch: fix use-after-free causing segfault in _pam_delete_cred BUG: https://bugzilla.samba.org/show_bug.cgi?id=14327 Guenther Signed-off-by: Guenther Deschner Reviewed-by: Alexander Bokovoy Autobuild-User(master): Günther Deschner Autobuild-Date(master): Mon Mar 30 13:01:20 UTC 2020 on sn-devel-184 --- Summary of changes: nsswitch/pam_winbind.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c index 3ad70d3c4cd..7af03fe2bd0 100644 --- a/nsswitch/pam_winbind.c +++ b/nsswitch/pam_winbind.c @@ -2609,7 +2609,6 @@ static int _pam_delete_cred(pam_handle_t *pamh, int flags, wbc_status = wbcCtxLogoffUserEx(ctx->wbc_ctx, &logoff, &error); retval = wbc_auth_error_to_pam_error(ctx, error, wbc_status, user, "wbcLogoffUser"); - wbcFreeMemory(error); wbcFreeMemory(logoff.blobs); logoff.blobs = NULL; @@ -2629,6 +2628,7 @@ out: retval = wbc_auth_error_to_pam_error(ctx, error, wbc_status, user, "wbcLogoffUser"); } + wbcFreeMemory(error); /* * Delete the krb5 ccname variable from the PAM environment -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 620987449cc lib/util: use better linux os detection in gpfs configure from ea754bfdec9 ctdb-tests: Enable job control when keeping stdin open https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 620987449cc5d9255cdba4bbdb50735bfa2b969e Author: Günther Deschner Date: Mon Jan 27 21:39:20 2020 +0100 lib/util: use better linux os detection in gpfs configure Guenther Signed-off-by: Guenther Deschner Reviewed-by: Christof Schmitt c...@samba.org Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Jan 28 18:05:34 UTC 2020 on sn-devel-184 --- Summary of changes: lib/util/wscript_configure | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/lib/util/wscript_configure b/lib/util/wscript_configure index 4f57184f515..d4450d25b98 100644 --- a/lib/util/wscript_configure +++ b/lib/util/wscript_configure @@ -158,7 +158,7 @@ else: Logs.info('Using gpfs.h from installed gpfs package.') conf.DEFINE('HAVE_GPFS', '1') else: -if sys.platform=="linux": +if sys.platform.startswith('linux'): conf.env['CPPPATH_GPFS'] = os.path.abspath("third_party/gpfs") if conf.CHECK_HEADERS('gpfs.h', False, False, "gpfs"): Logs.info('Using gpfs.h from third_party directory.') -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0ad6a243b25 lib:util: Log mkdir error on correct debug levels via f9173c18a6a selftest: Convert Samba3::provision() to named parameters via 26da6f562bb selftest: Factor out create_file_chmod() from b2c13d9a162 krb5-wrap: deal with different krb5_trace_info struct flavors (earlier MIT krb5 releases) https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0ad6a243b259d284064c0c5abcc7d430d55be7e1 Author: Andreas Schneider Date: Mon Jan 27 14:58:10 2020 +0100 lib:util: Log mkdir error on correct debug levels For smbd we want an error and for smbclient we only want it in NOTICE debug level. The default log level of smbclient is log level 1 so we need notice to not spam the user. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14253 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Mon Jan 27 15:55:24 UTC 2020 on sn-devel-184 commit f9173c18a6acee12b0a0c20bf12af8d53947f8eb Author: Volker Lendecke Date: Fri Jan 24 10:45:52 2020 +0100 selftest: Convert Samba3::provision() to named parameters 9 positional parameters is a bit too much for easy overview Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit 26da6f562bba3ceea1fe5889e969bcef59346f4e Author: Volker Lendecke Date: Thu Jan 23 16:07:59 2020 +0100 selftest: Factor out create_file_chmod() 24 lines less perl :-) Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner --- Summary of changes: lib/util/util.c | 7 +- selftest/target/Samba3.pm | 215 -- 2 files changed, 115 insertions(+), 107 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/util.c b/lib/util/util.c index 3bdeded5c1b..0d9ffe5cb7b 100644 --- a/lib/util/util.c +++ b/lib/util/util.c @@ -353,9 +353,12 @@ _PUBLIC_ bool directory_create_or_exist(const char *dname, old_umask = umask(0); ret = mkdir(dname, dir_perms); if (ret == -1 && errno != EEXIST) { - DBG_WARNING("mkdir failed on directory %s: %s\n", + int dbg_level = geteuid() == 0 ? DBGLVL_ERR : DBGLVL_NOTICE; + + DBG_PREFIX(dbg_level, + ("mkdir failed on directory %s: %s\n", dname, - strerror(errno)); + strerror(errno))); umask(old_umask); return false; } diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index cdbbbdcef3d..991963b6074 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -219,10 +219,12 @@ sub setup_nt4_dc check parent directory delete on close = yes "; - my $vars = $self->provision($path, "SAMBA-TEST", - "LOCALNT4DC2", - "localntdc2pass", - $nt4_dc_options); + my $vars = $self->provision( + prefix => $path, + domain => "SAMBA-TEST", + server => "LOCALNT4DC2", + password => "localntdc2pass", + extra_options => $nt4_dc_options); $vars or return undef; @@ -268,10 +270,12 @@ sub setup_nt4_dc_schannel server max protocol = SMB2_02 "; - my $vars = $self->provision($path, "NT4SCHANNEL", - "LOCALNT4DC9", - "localntdc9pass", - $pdc_options); + my $vars = $self->provision( + prefix => $path, + domain => "NT4SCHANNEL", + server => "LOCALNT4DC9", + password => "localntdc9pass", + extra_options => $pdc_options); $vars or return undef; @@ -306,10 +310,12 @@ sub setup_nt4_member dbwrap_tdb_mutexes:* = yes ${require_mutexes} "; - my $ret = $self->provision($prefix, $nt4_dc_vars->{DOMAIN}, - "LOCALNT4MEMBER3", - "localnt4member3pass", - $member_options); + my $ret = $self->provision( + prefix => $prefix, + domain => $nt4_dc_vars->{DOMAIN}, + server => "LOCALNT4MEMBER3", + password => "localnt4member3pass", + extra_options =&
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c9adf47ac5a vfs_glusterfs: Return fake fd from pipe() during open from 6c7b722b3fa fuzz_oLschema2ldif: check multiple possible NULLs https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c9adf47ac5a5aa0dd12572c34b08cc51f15b2e97 Author: Anoop C S Date: Wed Aug 14 18:03:01 2019 +0530 vfs_glusterfs: Return fake fd from pipe() during open GlusterFS currently doesn't have an API implementation to set flags on open file descriptor. Thus we use pipe() to provide valid file descriptor from the system. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14241 Signed-off-by: Anoop C S Reviewed-by: Ralph Boehme Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Jan 17 17:14:43 UTC 2020 on sn-devel-184 --- Summary of changes: source3/modules/vfs_glusterfs.c | 14 -- 1 file changed, 12 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index bce7ae5e84a..2520382c42f 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -630,6 +630,7 @@ static int vfs_gluster_open(struct vfs_handle_struct *handle, { glfs_fd_t *glfd; glfs_fd_t **p_tmp; + int fakefd[2]; START_PROFILE(syscall_open); @@ -659,8 +660,15 @@ static int vfs_gluster_open(struct vfs_handle_struct *handle, *p_tmp = glfd; END_PROFILE(syscall_open); - /* An arbitrary value for error reporting, so you know its us. */ - return 13371337; + + if (pipe(fakefd) == -1) { + DBG_ERR("pipe failed: %s\n", strerror(errno)); + return -1; + } + + close(fakefd[1]); + + return fakefd[0]; } static int vfs_gluster_close(struct vfs_handle_struct *handle, @@ -678,6 +686,8 @@ static int vfs_gluster_close(struct vfs_handle_struct *handle, return -1; } + close(fsp->fh->fd); + VFS_REMOVE_FSP_EXTENSION(handle, fsp); ret = glfs_close(glfd); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c6d880a1150 s3-rpcserver: fix security level check for DsRGetForestTrustInformation from beb386b584b fuzz: add a fuzzer for parsing ldb controls https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c6d880a115095c336b8b74f45854a99abb1bbb87 Author: Alexander Bokovoy Date: Tue Jan 7 19:25:53 2020 +0200 s3-rpcserver: fix security level check for DsRGetForestTrustInformation Harmonize _netr_DsRGetForestTrustInformation with source4/ logic which didn't change since DCE RPC channel refactoring. With the current code we return RPC faul as can be seen in the logs: 2019/12/11 17:12:55.463081, 1, pid=20939, effective(128420, 128420), real(128420, 0), class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug) netr_DsRGetForestTrustInformation: struct netr_DsRGetForestTrustInformation in: struct netr_DsRGetForestTrustInformation server_name : * server_name : '\\some-dc.example.com' trusted_domain_name : NULL flags: 0x (0) [2019/12/11 17:12:55.463122, 4, pid=20939, effective(128420, 128420), real(128420, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1561(api_rpcTNP) api_rpcTNP: fault(5) return. This is due to this check in processing a request: if (!(p->pipe_bound && (p->auth.auth_type != DCERPC_AUTH_TYPE_NONE) && (p->auth.auth_level != DCERPC_AUTH_LEVEL_NONE))) { p->fault_state = DCERPC_FAULT_ACCESS_DENIED; return WERR_ACCESS_DENIED; } and since we get AuthZ response, Successful AuthZ: [netlogon,ncacn_np] user [EXAMPLE]\[admin] [S-1-5-21-1234567-890123456-500] at [Wed, 11 Dec 2019 17:12:55.461164 UTC] Remote host [ipv4:Y.Y.Y.Y:59017] local host [ipv4:X.X.X.X:445] [2019/12/11 17:12:55.461584, 4, pid=20939, effective(0, 0), real(0, 0)] ../lib/audit_logging/audit_logging.c:141(audit_log_json) JSON Authorization: {"timestamp": "2019-12-11T17:12:55.461491+", "type": "Authorization", "Authorization": {"version": {"major": 1, "minor": 1}, "localAddress": "ipv4:X.X.X.X:445", "remoteAddress": "ipv4:Y.Y.Y.Y:59017", "serviceDescription": "netlogon", "authType": "ncacn_np", "domain": "EXAMPLE", "account": "admin", "sid": "S-1-5-21-1234567-890123456-500", "sessionId": "c5a2386f-f2cc-4241-9a9e-d104cf5859d5", "logonServer": "SOME-DC", "transportProtection": "SMB", "accountFlags": "0x0010"}} this means we are actually getting anonymous DCE/RPC access to netlogon on top of authenticated SMB connection. In such case we have exactly auth_type set to DCERPC_AUTH_TYPE_NONE and auth_level set to DCERPC_AUTH_LEVEL_NONE in the pipe->auth. Thus, returning an error. Update the code to follow the same security level check as in s4 variant of the call. Signed-off-by: Alexander Bokovoy Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Mon Jan 13 15:05:28 UTC 2020 on sn-devel-184 --- Summary of changes: source3/rpc_server/netlogon/srv_netlog_nt.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index cbbf9feedc7..52b17c10e61 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -2451,10 +2451,10 @@ WERROR _netr_DsRGetForestTrustInformation(struct pipes_struct *p, { NTSTATUS status; struct lsa_ForestTrustInformation *info, **info_ptr; + enum security_user_level security_level; - if (!(p->pipe_bound && (p->auth.auth_type != DCERPC_AUTH_TYPE_NONE) - && (p->auth.auth_level != DCERPC_AUTH_LEVEL_NONE))) { - p->fault_state = DCERPC_FAULT_ACCESS_DENIED; + security_level = security_session_user_level(p->session_info, NULL); + if (security_level < SECURITY_USER) { return WERR_ACCESS_DENIED; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 67f455c3d57 s3:smbspool: Leave early if we print as root via c95d32f685d s3:smbspool: print a hint about smbspool_krb5_wrapper via 58a90358e2e s3:smbspool_krb5_wrapper: ignore unknown values of AUTH_INFO_REQUIRED via 6201b30421f s3:smbspool_krb5_wrapper: Map AUTH_INFO_REQUIRED=none to anonymous via 1b42ccfc23e s3:smbspool: Map AUTH_INFO_REQUIRED=none to anonymous connection from 8987d7eef4f s3:selfest: Do not print the env twice https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 67f455c3d576a0bc3174fd10cf4f3244621b6b13 Author: Andreas Schneider Date: Fri Nov 29 08:28:28 2019 +0100 s3:smbspool: Leave early if we print as root Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Mon Dec 9 14:18:11 UTC 2019 on sn-devel-184 commit c95d32f685d989c91e62a734229d2bd241291315 Author: Mikhail Novosyolov Date: Sun Nov 3 01:47:51 2019 +0300 s3:smbspool: print a hint about smbspool_krb5_wrapper When I first met with the situation that Kerberos kredentials cache of root user was looked for instead of the one of the printing task creator, it took a lot of time to understand that smbspool_krb5_wrapper will resolve this. Signed-off-by: Mikhail Novosyolov Reviewed-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 58a90358e2e8ff70c65eb49a21d00c5ce775ba54 Author: Mikhail Novosyolov Date: Sun Nov 3 01:28:13 2019 +0300 s3:smbspool_krb5_wrapper: ignore unknown values of AUTH_INFO_REQUIRED To make smbspool_krb5_wrapper usable as a default destination for symlink /usr/lib/cups/backend/smb in Linux ditros, it has to be well-prepared for any possible values of AUTH_INFO_REQUIRED set by cupsd and correctly pass printing tasks to smbspool if it sees that Kerberos authentication is not needed. Discussed here: https://lists.samba.org/archive/samba-technical/2019-October/134470.html Signed-off-by: Mikhail Novosyolov Reviewed-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 6201b30421f616ec3f118321fd2998435792a4cc Author: Andreas Schneider Date: Mon Oct 28 09:38:08 2019 +0100 s3:smbspool_krb5_wrapper: Map AUTH_INFO_REQUIRED=none to anonymous Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 1b42ccfc23eaa8f5b007928bc8bb65b944359f36 Author: Andreas Schneider Date: Mon Oct 28 09:35:34 2019 +0100 s3:smbspool: Map AUTH_INFO_REQUIRED=none to anonymous connection Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner --- Summary of changes: selftest/target/Samba4.pm | 3 ++ source3/client/smbspool.c | 13 ++--- source3/client/smbspool_krb5_wrapper.c | 53 +++--- source3/script/tests/test_smbspool.sh | 37 4 files changed, 85 insertions(+), 21 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index 1310e2ff09f..23dafba1574 100755 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -1845,6 +1845,9 @@ sub provision_ad_dc($$) copy = print1 [print3] copy = print1 +[print4] + copy = print1 + guest ok = yes [lp] copy = print1 "; diff --git a/source3/client/smbspool.c b/source3/client/smbspool.c index 36f7f67ca94..5e2d230ab8b 100644 --- a/source3/client/smbspool.c +++ b/source3/client/smbspool.c @@ -287,7 +287,7 @@ main(int argc, /* I - Number of command-line arguments */ auth_info_required = getenv("AUTH_INFO_REQUIRED"); if (auth_info_required == NULL) { - auth_info_required = "none"; + auth_info_required = "samba"; } /* @@ -699,8 +699,8 @@ smb_connect(struct cli_state **output_cli, if (strcmp(auth_info_required, "negotiate") == 0) { if (!kerberos_ccache_is_valid()) { fprintf(stderr, - "ERROR: No valid Kerberos credential cache " - "found!\n"); + "ERROR: No valid Kerberos credential cache found! " + "Using smbspool_krb5_wrapper may help.\n"); return NT_STATUS_LOGON_FAILURE; } user = jobusername; @@ -718,7 +718,9 @@ smb_connect(struct cli_state **output_cli, fprintf(stderr, "DEBUG: Try to connect using username/password ...\n"); - } else
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0ee085b5948 selftest/Samba3.pm: use "winbind use krb5 enterprise principals = yes" for ad_member via e2737a74d44 selftest/Samba3.pm: use "winbind scan trusted domains = no" for ad_member via ad6f0e056ac selftest/tests.py: test pam_winbind for trusts domains via 13e3811c951 selftest: Export TRUST information in the ad_member target environment via f07b542c61f selftest/tests.py: test pam_winbind with a lot of username variations via 36e95e42ea8 selftest/tests.py: test pam_winbind with krb5_auth via 72daf99fd1f selftest/tests.py: prepare looping over pam_winbindd tests via 3d38a8e9135 test_pam_winbind.sh: allow different pam_winbindd config options to be specified via 653e9048585 tests/pam_winbind.py: allow upn names to be used in USERNAME with an empty DOMAIN value via cd3ffaabb56 tests/pam_winbind.py: turn pypamtest.PamTestError into a failure via a77be15d283 s3:winbindd: implement the "winbind use krb5 enterprise principals" logic via 95206523996 docs-xml: add "winbind use krb5 enterprise principals" option via 3bdf023956e krb5_wrap: let smb_krb5_parse_name() accept enterprise principals via 303b7e59a28 s3:libads: ads_krb5_chg_password() should always use the canonicalized principal via 162b4199493 s4:auth: kinit_to_ccache() should always use the canonicalized principal via 5d0bf32ec0a krb5_wrap: smb_krb5_kinit_password_ccache() should always use the canonicalized principal via 0bced73bed4 s3:libads/kerberos: always use the canonicalized principal after kinit via 6ed18c12c57 s3:libsmb: let cli_session_creds_prepare_krb5() update the canonicalized principal to cli_credentials via 361fb0efabf s3:libsmb: avoid wrong debug message in cli_session_creds_prepare_krb5() via bc473e5cf08 s3:libads: let kerberos_kinit_password_ext() return the canonicalized principal/realm via db8fd3d6a31 s4:auth: use the correct client realm in gensec_gssapi_update_internal() via acbf922fc29 nsswitch: add logging to wbc_auth_error_to_pam_error() for non auth errors from 4f5c4df316d wscript_build: string concatenation efficiency cleanup https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0ee085b594878f5e0e83839f465303754f015459 Author: Stefan Metzmacher Date: Wed Sep 18 08:10:26 2019 +0200 selftest/Samba3.pm: use "winbind use krb5 enterprise principals = yes" for ad_member This demonstrates that can do krb5_auth in winbindd without knowning about trusted domains. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Sep 24 19:51:29 UTC 2019 on sn-devel-184 commit e2737a74d4453a3d65e5466ddc4405d68444df27 Author: Stefan Metzmacher Date: Wed Sep 18 08:02:38 2019 +0200 selftest/Samba3.pm: use "winbind scan trusted domains = no" for ad_member This demonstrates that we rely on knowning about trusted domains before we can do krb5_auth in winbindd. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit ad6f0e056ac27ab5c078dbdbff44372da05caab2 Author: Stefan Metzmacher Date: Sat Jun 10 14:38:40 2017 +0200 selftest/tests.py: test pam_winbind for trusts domains BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 13e3811c9510cf213881527877bed40092e0b33c Author: Andreas Schneider Date: Mon Mar 20 11:39:41 2017 +0100 selftest: Export TRUST information in the ad_member target environment BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124 Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Andreas Schneider Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit f07b542c61f84a97c097208e10bf9375ddfa9a15 Author: Stefan Metzmacher Date: Wed Sep 18 14:03:34 2019 +0200 selftest/tests.py: test pam_winbind with a lot of username variations BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 36e95e42ea8a7e5a4091a647215d06d2ab47fab6 Author: Stefan Metzmacher Date: Wed Sep 18 08:08:57 2019 +0200 selftest/tests.py: test pam_winbind with krb5_auth BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 72daf99fd1ffd8269fce25d69458de35e2ae32cc Author: Stefan Metzmacher Date: Wed Sep 18 01:2
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2d5facc9547 s4-torture: add netr_LogonGetDomainInfo NDR(64) tests via 634ab14f0d2 s4-torture: reformat test table in ndr test via fda5b839c70 torture: add torture_suite_add_ndr_pull_io_test_flags() via 742d8ba9c4b s3-rpcclient: add logongetdomaininfo command via 6e47f9ab377 libcli/auth: add netlogon_creds_cli_LogonGetDomainInfo() via 8f0751b8b7c netlogon.idl: fix the marshalling of netr_trust_extension_container for NDR64 via 0fea2707fb0 netlogon.idl: fix the marshalling of netr_OsVersion for NDR64 via c87cf54684b security.idl: add SE_GROUP_INTEGRITY[_ENABLED] to security_GroupAttrs via 09de6f06182 librpc/idl: change from samr_GroupAttrs in samr.idl to security_GroupAttrs in security.idl via 73b93e1a705 security.idl: add GUID_DRS_ALLOWED_TO_AUTHENTICATE via a7e49897c4a misc: fix AD trust attributes in adssearch via 7ba90c17343 lsa: document new LSA trust attributes via d78c87e665e s3-winbindd: fix forest trusts with additional trust attributes. from 82512034563 s3-libads: adapt to coding standards, no code changes https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2d5facc95478801580eb52d4d4441660c5fa2697 Author: Günther Deschner Date: Wed Sep 18 19:41:50 2019 +0200 s4-torture: add netr_LogonGetDomainInfo NDR(64) tests Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Sep 20 02:32:44 UTC 2019 on sn-devel-184 commit 634ab14f0d246fab28cf14ad9664cecf3ca5335a Author: Günther Deschner Date: Thu Sep 19 01:55:09 2019 +0200 s4-torture: reformat test table in ndr test Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit fda5b839c705725301fc17562d08a927751b890b Author: Günther Deschner Date: Wed Sep 18 19:48:40 2019 +0200 torture: add torture_suite_add_ndr_pull_io_test_flags() Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit 742d8ba9c4b9e6e70898f08a50f9929662bbafb6 Author: Günther Deschner Date: Wed Sep 18 04:11:33 2019 +0200 s3-rpcclient: add logongetdomaininfo command Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit 6e47f9ab37744d628cc6b723f4838e81202f2df6 Author: Stefan Metzmacher Date: Mon Jul 20 14:00:05 2015 +0200 libcli/auth: add netlogon_creds_cli_LogonGetDomainInfo() Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 8f0751b8b7cd45fc7186b467d814eb5231821e34 Author: Stefan Metzmacher Date: Thu Aug 15 13:22:43 2019 +0200 netlogon.idl: fix the marshalling of netr_trust_extension_container for NDR64 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 0fea2707fb05897eec3c26bd4814669832142382 Author: Stefan Metzmacher Date: Thu Aug 15 13:22:43 2019 +0200 netlogon.idl: fix the marshalling of netr_OsVersion for NDR64 Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit c87cf54684be606aa8f9b420f5c4f710de2a363a Author: Stefan Metzmacher Date: Tue Mar 20 12:40:25 2018 +0100 security.idl: add SE_GROUP_INTEGRITY[_ENABLED] to security_GroupAttrs Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 09de6f06182ede5bee3cb0c5408ce4082c62ccc2 Author: Stefan Metzmacher Date: Tue Mar 20 12:39:02 2018 +0100 librpc/idl: change from samr_GroupAttrs in samr.idl to security_GroupAttrs in security.idl Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 73b93e1a70508346e813e311179e2ed538adfe6b Author: Stefan Metzmacher Date: Thu Feb 1 23:44:33 2018 +0100 security.idl: add GUID_DRS_ALLOWED_TO_AUTHENTICATE Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit a7e49897c4ad84a5d7710ac78a09802fe66f9d16 Author: Günther Deschner Date: Thu Sep 12 23:27:13 2019 +0200 misc: fix AD trust attributes in adssearch Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit 7ba90c17343cc9921e1d44a5055d39602dbb6ba1 Author: Günther Deschner Date: Thu Sep 12 16:36:20 2019 +0200 lsa: document new LSA trust attributes Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit d78c87e665e23e6470a19a69383ede7137172c26 Author: Günther Deschner Date: Thu Sep 12 16:39:10 2019 +0200 s3-winbindd: fix forest trusts with additional trust attributes. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14130 Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher Reviewed-by: Andreas Schneider
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ad4ef1657e9 s3:ldap: Fix join with don't exists machine account from 9173ae5f7f0 s3/lib/ctdbd_conn: assert hdr following read/recv https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ad4ef1657e9b2a088a3bfadcce196cfcceead1dc Author: Evgeny Sinelnikov Date: Wed Jul 31 23:17:20 2019 +0400 s3:ldap: Fix join with don't exists machine account Add check for requested replies of existing machine object during join machine to domain. This solves regression fail during join with error: "None of the information to be translated has been translated." https://bugzilla.samba.org/show_bug.cgi?id=14007 Reviewed-by: Guenther Deschner Reviewed-by: Alexander Bokovoy Reviewed-by: Stefan Metzmacher Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Sep 4 17:02:37 UTC 2019 on sn-devel-184 --- Summary of changes: source3/libads/ldap.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 4f3d43b02b1..2110390b65f 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -2121,13 +2121,14 @@ ADS_STATUS ads_create_machine_acct(ADS_STRUCT *ads, } ret = ads_find_machine_acct(ads, &res, machine_escaped); - ads_msgfree(ads, res); - if (ADS_ERR_OK(ret)) { + if (ADS_ERR_OK(ret) && ads_count_replies(ads, res) == 1) { DBG_DEBUG("Host account for %s already exists.\n", machine_escaped); ret = ADS_ERROR_LDAP(LDAP_ALREADY_EXISTS); + ads_msgfree(ads, res); goto done; } + ads_msgfree(ads, res); new_dn = talloc_asprintf(ctx, "cn=%s,%s", machine_escaped, org_unit); samAccountName = talloc_asprintf(ctx, "%s$", machine_name); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5522aa1a4c3 vfs:glusterfs_fuse: ensure fileids are constant across nodes from 36b48aa7837 s3:net: add 'net vfs getntacl' command https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5522aa1a4c34ee1a1e81db73cf41594bb10bd989 Author: Michael Adam Date: Sat May 18 11:28:54 2019 +0200 vfs:glusterfs_fuse: ensure fileids are constant across nodes Instead of adding a new gluster-specific mode to the fileid module, this patches provides a fileid algorithm as part of the glusterfs_fuse vfs module. This can not be configured further, simply adding the glusterfs_fuse vfs module to the vfs objects configuration will enable the new fileid mode. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13972 Signed-off-by: Michael Adam Signed-off-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Sat Jul 13 22:54:56 UTC 2019 on sn-devel-184 --- Summary of changes: docs-xml/manpages/vfs_glusterfs_fuse.8.xml | 8 ++ source3/modules/vfs_glusterfs_fuse.c | 193 - 2 files changed, 200 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_glusterfs_fuse.8.xml b/docs-xml/manpages/vfs_glusterfs_fuse.8.xml index b9f7f42c6f2..f2aa624353e 100644 --- a/docs-xml/manpages/vfs_glusterfs_fuse.8.xml +++ b/docs-xml/manpages/vfs_glusterfs_fuse.8.xml @@ -48,6 +48,14 @@ case of an exisiting filename. + + Furthermore, this module implements a substitute file-id + mechanism. The default file-id mechanism is not working + correctly for gluster fuse mount re-exports, so in order to + avoid data loss, users exporting gluster fuse mounts with + Samba should enable this module. + + This module can be combined with other modules, but it should be the last module in the vfs objects diff --git a/source3/modules/vfs_glusterfs_fuse.c b/source3/modules/vfs_glusterfs_fuse.c index 51515aa0df4..c621f9abf8e 100644 --- a/source3/modules/vfs_glusterfs_fuse.c +++ b/source3/modules/vfs_glusterfs_fuse.c @@ -59,10 +59,201 @@ static int vfs_gluster_fuse_get_real_filename(struct vfs_handle_struct *handle, return 0; } +struct device_mapping_entry { + SMB_DEV_T device; /* the local device, for reference */ + uint64_t mapped_device; /* the mapped device */ +}; + +struct vfs_glusterfs_fuse_handle_data { + unsigned num_mapped_devices; + struct device_mapping_entry *mapped_devices; +}; + +/* a 64 bit hash, based on the one in tdb, copied from vfs_fileied */ +static uint64_t vfs_glusterfs_fuse_uint64_hash(const uint8_t *s, size_t len) +{ + uint64_t value; /* Used to compute the hash value. */ + uint32_t i; /* Used to cycle through random values. */ + + /* Set the initial value from the key size. */ + for (value = 0x238F13AFLL * len, i=0; i < len; i++) + value = (value + (((uint64_t)s[i]) << (i*5 % 24))); + + return (1103515243LL * value + 12345LL); +} + +static void vfs_glusterfs_fuse_load_devices( + struct vfs_glusterfs_fuse_handle_data *data) +{ + FILE *f; + struct mntent *m; + + data->num_mapped_devices = 0; + TALLOC_FREE(data->mapped_devices); + + f = setmntent("/etc/mtab", "r"); + if (!f) { + return; + } + + while ((m = getmntent(f))) { + struct stat st; + char *p; + uint64_t mapped_device; + + if (stat(m->mnt_dir, &st) != 0) { + /* TODO: log? */ + continue; + } + + /* strip the host part off of the fsname */ + p = strrchr(m->mnt_fsname, ':'); + if (p == NULL) { + p = m->mnt_fsname; + } else { + /* TODO: consider the case of '' ? */ + p++; + } + + mapped_device = vfs_glusterfs_fuse_uint64_hash( + (const uint8_t *)p, + strlen(p)); + + data->mapped_devices = talloc_realloc(data, + data->mapped_devices, + struct device_mapping_entry, + data->num_mapped_devices + 1); + if (data->mapped_devices == NULL) { + goto nomem;
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fee8cf326bf vfs:glusterfs_fuse: treat ENOATTR as ENOENT via 8899eb21d48 vfs:glusterfs: treat ENOATTR as ENOENT from 6e5bff80a0a s3:notifyd: Handle sigup in notifyd to reparse smb.conf https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fee8cf326bfe240d3a8720569eab43f474349aff Author: Michael Adam Date: Thu Jun 20 15:14:57 2019 +0200 vfs:glusterfs_fuse: treat ENOATTR as ENOENT The original implementation of the virtual xattr get_real_filename in gluster was misusing the ENOENT errno as the authoritative anwer that the file/dir that we were asking the real filename for does not exist. But since the getxattr call is done on the parent directory, this is a violation of the getxattr API which uses ENOENT for the case that the file/dir that the getxattr call is done against does not exist. Now after a recent regression for fuse-mount re-exports due to gluster mapping ENOENT to ESTALE in the fuse-bridge, the gluster implementation is changed to more correctly return ENOATTR if the requested file does not exist. This patch changes the glusterfs_fuse vfs module to treat ENOATTR as ENOENT to be fully functional again with latest gluster. - Without this patch, samba against a new gluster will work correctly, but the get_real_filename optimization for a non-existing entry is lost. - With this patch, Samba will not work correctly any more against very old gluster servers: Those (correctly) returned ENOATTR always, which Samba originally interpreted as EOPNOTSUPP, triggering the expensive directory scan. With this patch, ENOATTR is interpreted as ENOENT, the authoritative answer that the requested entry does not exist, which is wrong unless it really does not exist. Signed-off-by: Michael Adam Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Jun 28 12:52:03 UTC 2019 on sn-devel-184 commit 8899eb21d48b7077328ae560490f9fb9715a6b83 Author: Michael Adam Date: Thu Jun 20 15:14:57 2019 +0200 vfs:glusterfs: treat ENOATTR as ENOENT The original implementation of the virtual xattr get_real_filename in gluster was misusing the ENOENT errno as the authoritative anwer that the file/dir that we were asking the real filename for does not exist. But since the getxattr call is done on the parent directory, this is a violation of the getxattr API which uses ENOENT for the case that the file/dir that the getxattr call is done against does not exist. Now after a recent regression for fuse-mount re-exports due to gluster mapping ENOENT to ESTALE in the fuse-bridge, the gluster implementation is changed to more correctly return ENOATTR if the requested file does not exist. This patch changes the glusterfs vfs module to treat ENOATTR as ENOENT to be fully functional again with latest gluster. - Without this patch, samba against a new gluster will work correctly, but the get_real_filename optimization for a non-existing entry is lost. - With this patch, Samba will not work correctly any more against very old gluster servers: Those (correctly) returned ENOATTR always, which Samba originally interpreted as EOPNOTSUPP, triggering the expensive directory scan. With this patch, ENOATTR is interpreted as ENOENT, the authoritative answer that the requested entry does not exist, which is wrong unless it really does not exist. Signed-off-by: Michael Adam Reviewed-by: Guenther Deschner --- Summary of changes: source3/modules/vfs_glusterfs.c | 2 +- source3/modules/vfs_glusterfs_fuse.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index e8617215355..95f32f9d0a6 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -1473,7 +1473,7 @@ static int vfs_gluster_get_real_filename(struct vfs_handle_struct *handle, GLUSTER_NAME_MAX + 1); if (ret == -1) { if (errno == ENOATTR) { - errno = EOPNOTSUPP; + errno = ENOENT; } return -1; } diff --git a/source3/modules/vfs_glusterfs_fuse.c b/source3/modules/vfs_glusterfs_fuse.c index d92f5e2b08b..51515aa0df4 100644 --- a/source3/modules/vfs_glusterfs_fuse.c +++ b/source3/modules/vfs_glusterfs_fuse.c @@ -45,7 +45,7 @@ static int vfs_gluster_fuse_get_real_filename(struct vfs_handle_struct *handle, ret = getxattr(path, key_buf, val_buf
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7cc9e3fe24d s3/vfs_glusterfs_fuse: Avoid using NAME_MAX directly via e85bb58532f s3/vfs_glusterfs: Avoid using NAME_MAX directly via 01a569bec07 Revert "s3/vfs_glusterfs_fuse: Dynamically determine NAME_MAX" via 1ea533bd5f7 Revert "s3/vfs_glusterfs: Dynamically determine NAME_MAX" from ff4a5f643f4 WHATSNEW.txt: reindex performance, Bind9 logging https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7cc9e3fe24dd476360837c04538345752048e6be Author: Günther Deschner Date: Mon Jun 3 16:28:36 2019 +0200 s3/vfs_glusterfs_fuse: Avoid using NAME_MAX directly BUG: https://bugzilla.samba.org/show_bug.cgi?id=13872 Guenther Signed-off-by: Guenther Deschner Reviewed-by: Volker Lendecke Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Jun 11 00:29:19 UTC 2019 on sn-devel-184 commit e85bb58532fe82daac6e50e88d08bbab66cb1019 Author: Günther Deschner Date: Mon Jun 3 16:25:46 2019 +0200 s3/vfs_glusterfs: Avoid using NAME_MAX directly BUG: https://bugzilla.samba.org/show_bug.cgi?id=13872 Guenther Signed-off-by: Guenther Deschner Reviewed-by: Volker Lendecke commit 01a569bec073ce45f412884d340ecfc50ce41fbe Author: Günther Deschner Date: Mon Jun 3 14:27:44 2019 +0200 Revert "s3/vfs_glusterfs_fuse: Dynamically determine NAME_MAX" This reverts commit e28d172b00cadf492c22bd892e2dda3bf2fe2d70. Signed-off-by: Guenther Deschner Reviewed-by: Volker Lendecke commit 1ea533bd5f7f6febeeb1a4261f2afbb19081e8eb Author: Günther Deschner Date: Mon Jun 3 14:27:18 2019 +0200 Revert "s3/vfs_glusterfs: Dynamically determine NAME_MAX" This reverts commit 8e3a042eb9e502821b147f1bbb2d98d59f17a095. Signed-off-by: Guenther Deschner Reviewed-by: Volker Lendecke --- Summary of changes: source3/modules/vfs_glusterfs.c | 41 ++-- source3/modules/vfs_glusterfs_fuse.c | 34 +++--- 2 files changed, 19 insertions(+), 56 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index 2b5385e44b0..a9415952b4e 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -47,6 +47,7 @@ #include "modules/posixacl_xattr.h" #define DEFAULT_VOLFILE_SERVER "localhost" +#define GLUSTER_NAME_MAX 255 static int read_fd = -1; static int write_fd = -1; @@ -1454,37 +1455,22 @@ static int vfs_gluster_chflags(struct vfs_handle_struct *handle, static int vfs_gluster_get_real_filename(struct vfs_handle_struct *handle, const char *path, const char *name, -TALLOC_CTX *mem_ctx, char **_found_name) +TALLOC_CTX *mem_ctx, char **found_name) { int ret; - char *key_buf = NULL, *val_buf = NULL; - long name_max; - char *found_name = NULL; + char key_buf[GLUSTER_NAME_MAX + 64]; + char val_buf[GLUSTER_NAME_MAX + 1]; - name_max = pathconf(path, _PC_NAME_MAX); - if ((name_max + 1) < 1) { - errno = EINVAL; - return -1; - } - - if (strlen(name) >= name_max) { + if (strlen(name) >= GLUSTER_NAME_MAX) { errno = ENAMETOOLONG; return -1; } - key_buf = talloc_asprintf(mem_ctx, "glusterfs.get_real_filename:%s", - name); - if (key_buf == NULL) { - errno = ENOMEM; - return -1; - } + snprintf(key_buf, GLUSTER_NAME_MAX + 64, +"glusterfs.get_real_filename:%s", name); - val_buf = talloc_zero_array(mem_ctx, char, name_max + 1); - if (val_buf == NULL) { - errno = ENOMEM; - return -1; - } - ret = glfs_getxattr(handle->data, path, key_buf, val_buf, NAME_MAX + 1); + ret = glfs_getxattr(handle->data, path, key_buf, val_buf, + GLUSTER_NAME_MAX + 1); if (ret == -1) { if (errno == ENOATTR) { errno = EOPNOTSUPP; @@ -1492,16 +1478,11 @@ static int vfs_gluster_get_real_filename(struct vfs_handle_struct *handle, return -1; } - found_name = talloc_strdup(mem_ctx, val_buf); - if (found_name == NULL) { + *found_name = talloc_strdup(mem_ctx, val_buf); + if (found_name[0] == NULL) { errno = ENOMEM; return -1; } - *_found_name = found_name; - - TALLOC_FRE
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 633698c9715 Revert "lib/replace: define NAME_MAX for platforms that don't have it" via e28d172b00c s3/vfs_glusterfs_fuse: Dynamically determine NAME_MAX via 8e3a042eb9e s3/vfs_glusterfs: Dynamically determine NAME_MAX from b50ca162733 gitlab-ci: Remove Ubuntu 14.04 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 633698c971598090b6883d39d370ba202514ef32 Author: Günther Deschner Date: Thu Apr 25 14:49:48 2019 +0200 Revert "lib/replace: define NAME_MAX for platforms that don't have it" BUG: https://bugzilla.samba.org/show_bug.cgi?id=13872 This reverts commit e3c894fb6b87df8aa56e29ef3b16ae1ef456a875. Signed-off-by: Günther Deschner Reviewed-by: Ralph Boehme Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Apr 26 13:03:05 UTC 2019 on sn-devel-184 commit e28d172b00cadf492c22bd892e2dda3bf2fe2d70 Author: Anoop C S Date: Thu Apr 25 16:42:01 2019 +0530 s3/vfs_glusterfs_fuse: Dynamically determine NAME_MAX This allows the vfs_glusterfs_fuse build to complete on AIX. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13872 Signed-off-by: Anoop C S Reviewed-by: Guenther Deschner Reviewed-by: Ralph Boehme commit 8e3a042eb9e502821b147f1bbb2d98d59f17a095 Author: Anoop C S Date: Thu Apr 25 16:41:53 2019 +0530 s3/vfs_glusterfs: Dynamically determine NAME_MAX BUG: https://bugzilla.samba.org/show_bug.cgi?id=13872 Signed-off-by: Anoop C S Reviewed-by: Guenther Deschner Reviewed-by: Ralph Boehme --- Summary of changes: lib/replace/replace.h| 4 source3/modules/vfs_glusterfs.c | 37 source3/modules/vfs_glusterfs_fuse.c | 32 +-- 3 files changed, 55 insertions(+), 18 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/replace/replace.h b/lib/replace/replace.h index 4d9b81f6825..212ed265d4a 100644 --- a/lib/replace/replace.h +++ b/lib/replace/replace.h @@ -858,10 +858,6 @@ typedef unsigned long long ptrdiff_t ; #define PATH_MAX 1024 #endif -#ifndef NAME_MAX -#define NAME_MAX 255 -#endif - #ifndef MAX_DNS_NAME_LENGTH #define MAX_DNS_NAME_LENGTH 256 /* Actually 255 but +1 for terminating null. */ #endif diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index ba8973fa6d3..2b5385e44b0 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -1454,20 +1454,36 @@ static int vfs_gluster_chflags(struct vfs_handle_struct *handle, static int vfs_gluster_get_real_filename(struct vfs_handle_struct *handle, const char *path, const char *name, -TALLOC_CTX *mem_ctx, char **found_name) +TALLOC_CTX *mem_ctx, char **_found_name) { int ret; - char key_buf[NAME_MAX + 64]; - char val_buf[NAME_MAX + 1]; + char *key_buf = NULL, *val_buf = NULL; + long name_max; + char *found_name = NULL; - if (strlen(name) >= NAME_MAX) { + name_max = pathconf(path, _PC_NAME_MAX); + if ((name_max + 1) < 1) { + errno = EINVAL; + return -1; + } + + if (strlen(name) >= name_max) { errno = ENAMETOOLONG; return -1; } - snprintf(key_buf, NAME_MAX + 64, -"glusterfs.get_real_filename:%s", name); + key_buf = talloc_asprintf(mem_ctx, "glusterfs.get_real_filename:%s", + name); + if (key_buf == NULL) { + errno = ENOMEM; + return -1; + } + val_buf = talloc_zero_array(mem_ctx, char, name_max + 1); + if (val_buf == NULL) { + errno = ENOMEM; + return -1; + } ret = glfs_getxattr(handle->data, path, key_buf, val_buf, NAME_MAX + 1); if (ret == -1) { if (errno == ENOATTR) { @@ -1476,11 +1492,16 @@ static int vfs_gluster_get_real_filename(struct vfs_handle_struct *handle, return -1; } - *found_name = talloc_strdup(mem_ctx, val_buf); - if (found_name[0] == NULL) { + found_name = talloc_strdup(mem_ctx, val_buf); + if (found_name == NULL) { errno = ENOMEM; return -1; } + *_found_name = found_name; + + TALLOC_FREE(key_buf); + TALLOC_FREE(val_buf); + return 0; } diff --git a/source3/modules/vfs_glusterfs_fuse.c b/source3/modules/vfs_glusterfs_fuse.c index 8855cd18d01..0b1de9fcdb2 100644 --- a/source3/modules/vfs_glusterfs_fuse
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e3c894fb6b8 lib/replace: define NAME_MAX for platforms that don't have it from a187b7ef8fe smbd: Remove share_mode_lease and the leases array from share_mode_entry https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e3c894fb6b87df8aa56e29ef3b16ae1ef456a875 Author: Günther Deschner Date: Tue Apr 16 12:01:58 2019 +0200 lib/replace: define NAME_MAX for platforms that don't have it This allows the vfs_glusterfs_fuse build to complete on AIX. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13872 Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Apr 16 15:14:50 UTC 2019 on sn-devel-144 --- Summary of changes: lib/replace/replace.h | 4 1 file changed, 4 insertions(+) Changeset truncated at 500 lines: diff --git a/lib/replace/replace.h b/lib/replace/replace.h index 212ed265d4a..4d9b81f6825 100644 --- a/lib/replace/replace.h +++ b/lib/replace/replace.h @@ -858,6 +858,10 @@ typedef unsigned long long ptrdiff_t ; #define PATH_MAX 1024 #endif +#ifndef NAME_MAX +#define NAME_MAX 255 +#endif + #ifndef MAX_DNS_NAME_LENGTH #define MAX_DNS_NAME_LENGTH 256 /* Actually 255 but +1 for terminating null. */ #endif -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8c92702d152 vfs_ceph: refactor if-error-return-else logic via 9c2d15c254b vfs_glusterfs: check for VFS_ADD_FSP_EXTENSION() failure from d4baed454fb WHATSNEW: winbind authentication logging https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8c92702d152e16277b658be81496a60841a03e85 Author: David Disseldorp Date: Tue Feb 19 00:33:06 2019 +0100 vfs_ceph: refactor if-error-return-else logic vfs_ceph has quite a few occurrences of: if (result < 0) { WRAP_RETURN(result);/* calls return */ } else { ... } This change drops the superfluous else {} encapsulation and also removes duplication of ceph statx debug messages. Signed-off-by: David Disseldorp Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Feb 20 13:56:09 CET 2019 on sn-devel-144 commit 9c2d15c254b6b3f7c46d72c7fe22a402ef110a64 Author: David Disseldorp Date: Mon Feb 18 17:41:08 2019 +0100 vfs_glusterfs: check for VFS_ADD_FSP_EXTENSION() failure Signed-off-by: David Disseldorp Reviewed-by: Guenther Deschner --- Summary of changes: source3/modules/vfs_ceph.c | 102 +++- source3/modules/vfs_glusterfs.c | 10 +++- 2 files changed, 58 insertions(+), 54 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c index d863c8add5a..60afd73efe6 100644 --- a/source3/modules/vfs_ceph.c +++ b/source3/modules/vfs_ceph.c @@ -260,19 +260,20 @@ static int cephwrap_statvfs(struct vfs_handle_struct *handle, ret = ceph_statfs(handle->data, smb_fname->base_name, &statvfs_buf); if (ret < 0) { WRAP_RETURN(ret); - } else { - statbuf->OptimalTransferSize = statvfs_buf.f_frsize; - statbuf->BlockSize = statvfs_buf.f_bsize; - statbuf->TotalBlocks = statvfs_buf.f_blocks; - statbuf->BlocksAvail = statvfs_buf.f_bfree; - statbuf->UserBlocksAvail = statvfs_buf.f_bavail; - statbuf->TotalFileNodes = statvfs_buf.f_files; - statbuf->FreeFileNodes = statvfs_buf.f_ffree; - statbuf->FsIdentifier = statvfs_buf.f_fsid; - DBG_DEBUG("[CEPH] f_bsize: %ld, f_blocks: %ld, f_bfree: %ld, f_bavail: %ld\n", - (long int)statvfs_buf.f_bsize, (long int)statvfs_buf.f_blocks, - (long int)statvfs_buf.f_bfree, (long int)statvfs_buf.f_bavail); } + + statbuf->OptimalTransferSize = statvfs_buf.f_frsize; + statbuf->BlockSize = statvfs_buf.f_bsize; + statbuf->TotalBlocks = statvfs_buf.f_blocks; + statbuf->BlocksAvail = statvfs_buf.f_bfree; + statbuf->UserBlocksAvail = statvfs_buf.f_bavail; + statbuf->TotalFileNodes = statvfs_buf.f_files; + statbuf->FreeFileNodes = statvfs_buf.f_ffree; + statbuf->FsIdentifier = statvfs_buf.f_fsid; + DBG_DEBUG("[CEPH] f_bsize: %ld, f_blocks: %ld, f_bfree: %ld, f_bavail: %ld\n", + (long int)statvfs_buf.f_bsize, (long int)statvfs_buf.f_blocks, + (long int)statvfs_buf.f_bfree, (long int)statvfs_buf.f_bavail); + return ret; } @@ -676,9 +677,21 @@ static int cephwrap_fsync_recv(struct tevent_req *req, static void init_stat_ex_from_ceph_statx(struct stat_ex *dst, const struct ceph_statx *stx) { - if ((stx->stx_mask & SAMBA_STATX_ATTR_MASK) != SAMBA_STATX_ATTR_MASK) + DBG_DEBUG("[CEPH]\tstx = {dev = %llx, ino = %llu, mode = 0x%x, " + "nlink = %llu, uid = %d, gid = %d, rdev = %llx, size = %llu, " + "blksize = %llu, blocks = %llu, atime = %llu, mtime = %llu, " + "ctime = %llu, btime = %llu}\n", + llu(stx->stx_dev), llu(stx->stx_ino), stx->stx_mode, + llu(stx->stx_nlink), stx->stx_uid, stx->stx_gid, + llu(stx->stx_rdev), llu(stx->stx_size), llu(stx->stx_blksize), + llu(stx->stx_blocks), llu(stx->stx_atime.tv_sec), + llu(stx->stx_mtime.tv_sec), llu(stx->stx_ctime.tv_sec), + llu(stx->stx_btime.tv_sec)); + + if ((stx->stx_mask & SAMBA_STATX_ATTR_MASK) != SAMBA_STATX_ATTR_MASK) { DBG_WARNING("%s: stx->stx_mask is incorrect (wanted %x, got %x)", __func__, SAMBA_STATX_ATTR_MASK, stx->stx_mask); + } dst->st_ex_dev = stx->stx_dev; dst->st_ex_rdev = stx-&
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3a793497796 waf: Check for libnscd from 0c15c4b1db9 Make sure results from GetAttrString are decref'ed where needed https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3a793497796395ffa3efda5807bdb1ca8e09e35b Author: Christof Schmitt Date: Tue Feb 12 12:28:32 2019 -0700 waf: Check for libnscd The check was in the old autoconf, but not in waf. As the code is still in source3/lib/util_nscd.c, add the check for libnscd to allow building and using the code. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13787 Signed-off-by: Christof Schmitt Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Feb 13 17:58:33 CET 2019 on sn-devel-144 --- Summary of changes: source3/wscript | 3 +++ source3/wscript_build | 1 + 2 files changed, 4 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/wscript b/source3/wscript index 0cd7f40317a..e5d519d7fc8 100644 --- a/source3/wscript +++ b/source3/wscript @@ -1648,6 +1648,9 @@ main() { conf.CHECK_HEADERS('rpc/xdr.h', lib='tirpc') +if conf.CHECK_FUNCS_IN('nscd_flush_cache', 'nscd', headers='libnscd.h'): +conf.DEFINE('HAVE_NSCD_FLUSH_CACHE', '1') + forced_static_modules.extend(TO_LIST('auth_builtin auth_sam auth_winbind')) default_static_modules.extend(TO_LIST('''pdb_smbpasswd pdb_tdbsam auth_unix diff --git a/source3/wscript_build b/source3/wscript_build index 11c877818c2..6f6d74211ba 100644 --- a/source3/wscript_build +++ b/source3/wscript_build @@ -178,6 +178,7 @@ bld.SAMBA3_SUBSYSTEM('pdb', LIBCLI_AUTH flag_mapping samba-credentials +nscd ''') bld.SAMBA3_LIBRARY('smbldaphelper', -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via adffe0dcf00 s3-vfs: add glusterfs_fuse vfs module. from 10e54a095f0 netcmd: Try to improve domain backup error message https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit adffe0dcf002aa4721dc7897261895e3486d5271 Author: Günther Deschner Date: Thu Jan 17 15:21:07 2019 +0100 s3-vfs: add glusterfs_fuse vfs module. This module only implements the get_real_filename function by accessing a distinct extended attribute that is available over a glusterfs fuse mount. By implementing this vfs function users of a glusterfs fuse mount achieve a much better performance in create based workloads where samba then can avoid trying multiple case folding options to detect the real filename. Patch is based on an initial patch provided by Poornima G Guenther Signed-off-by: Günther Deschner Reviewed-by: Ralph Boehme Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Jan 22 18:37:56 CET 2019 on sn-devel-144 --- Summary of changes: docs-xml/manpages/vfs_glusterfs_fuse.8.xml | 103 + docs-xml/wscript_build | 1 + source3/modules/vfs_glusterfs_fuse.c | 71 source3/modules/wscript_build | 8 +++ source3/wscript| 1 + 5 files changed, 184 insertions(+) create mode 100644 docs-xml/manpages/vfs_glusterfs_fuse.8.xml create mode 100644 source3/modules/vfs_glusterfs_fuse.c Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_glusterfs_fuse.8.xml b/docs-xml/manpages/vfs_glusterfs_fuse.8.xml new file mode 100644 index 000..b9f7f42c6f2 --- /dev/null +++ b/docs-xml/manpages/vfs_glusterfs_fuse.8.xml @@ -0,0 +1,103 @@ + +http://www.samba.org/samba/DTD/samba-doc";> + + + + vfs_glusterfs_fuse + 8 + Samba + System Administration tools + &doc.version; + + + + + vfs_glusterfs_fuse + + Utilize features provided by GlusterFS + + + + + + vfs objects = glusterfs_fuse + + + + + DESCRIPTION + + This VFS module is part of the + samba + 8 suite. + + + GlusterFS + (http://www.gluster.org/";>http://www.gluster.org) + is an Open Source clustered file system capable of scaling to + several peta-bytes. With its FUSE based native client, + GlusterFS is available as a POSIX compliant file system and can + hence be shared by Samba without additional steps. + + + + The vfs_glusterfs_fuse VFS module provides an enhanced way + to access a Gluster filesystem using a Gluster FUSE mount. It provides support + for the get_real_filename VFS call which enhances file access performance + by avoiding multiple expensive case folding lookup calls to detect the appropriate + case of an exisiting filename. + + + + This module can be combined with other modules, but it + should be the last module in the vfs objects + list. Modules added to this list to the right of the glusterfs + entry may not have any effect at all. + + + + + CONFIGURATION + + + A basic configuration looks like this. + + + + + glusterfs_fuse + /absolute/path_of_fusemount + + + + Note that vfs_glusterfs_fuse requires a Gluster mount. For accessing glusterfs directly + over the GFAPI library please use the vfs_glusterfs module. + + + + + OPTIONS + + This module does currently have no further options. + + + + + VERSION + + + This man page is part of version &doc.version; of the Samba suite. + + + + + AUTHOR + + The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed. + + + + diff --git a/docs-xml/wscript_build b/docs-xml/wscript_build index 1b4335cbb5d..86600ae4a82 100644 --- a/docs-xml/wscript_build +++ b/docs-xml/wscript_build @@ -82,6 +82,7 @@ vfs_module_manpages = ['vfs_acl_tdb', 'vfs_fruit', 'vfs_full_audit', 'vfs_glusterfs', + 'vfs_glusterfs_fuse', 'vfs_gpfs', 'vfs_l
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 09effcb53a9 s3-smbd: use fruit:model string for mDNS registration from d40ad902aea WHATSNEW: Start release notes for Samba 4.11.0pre1. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 09effcb53a97a935f3281a6c770f3608bc21f992 Author: Günther Deschner Date: Tue Jan 15 14:26:17 2019 +0100 s3-smbd: use fruit:model string for mDNS registration With this change we now allow to modify the icon to represent Samba in Finder. Possible values are at least: fruit:model = iMac fruit:model = MacBook fruit:model = MacPro fruit:model = Xserve fruit:model = RackMac Prior to this change we only displayed the correct icon when a mac client negotiated the apple create context over SMB. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13746 Based on proposed patch from Rouven WEILER Guenther Signed-off-by: Guenther Deschner Reviewed-by: Ralph Boehme Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Jan 15 21:27:20 CET 2019 on sn-devel-144 --- Summary of changes: source3/smbd/avahi_register.c | 27 +++ 1 file changed, 27 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/smbd/avahi_register.c b/source3/smbd/avahi_register.c index 6c87669ba36..883c862c374 100644 --- a/source3/smbd/avahi_register.c +++ b/source3/smbd/avahi_register.c @@ -111,8 +111,10 @@ static void avahi_client_callback(AvahiClient *c, AvahiClientState status, size_t dk = 0; AvahiStringList *adisk = NULL; AvahiStringList *adisk2 = NULL; + AvahiStringList *dinfo = NULL; const char *hostname = NULL; enum mdns_name_values mdns_name = lp_mdns_name(); + const char *model = NULL; DBG_DEBUG("AVAHI_CLIENT_S_RUNNING\n"); @@ -196,6 +198,31 @@ static void avahi_client_callback(AvahiClient *c, AvahiClientState status, } } + model = lp_parm_const_string(-1, "fruit", "model", "MacSamba"); + + dinfo = avahi_string_list_add_printf(NULL, "model=%s", model); + if (dinfo == NULL) { + DBG_DEBUG("avahi_string_list_add_printf" + "failed: returned NULL\n"); + avahi_entry_group_free(state->entry_group); + state->entry_group = NULL; + break; + } + + error = avahi_entry_group_add_service_strlst( + state->entry_group, AVAHI_IF_UNSPEC, + AVAHI_PROTO_UNSPEC, 0, hostname, + "_device-info._tcp", NULL, NULL, 0, + dinfo); + avahi_string_list_free(dinfo); + if (error != AVAHI_OK) { + DBG_DEBUG("avahi_entry_group_add_service failed: %s\n", + avahi_strerror(error)); + avahi_entry_group_free(state->entry_group); + state->entry_group = NULL; + break; + } + error = avahi_entry_group_commit(state->entry_group); if (error != AVAHI_OK) { DBG_DEBUG("avahi_entry_group_commit failed: %s\n", -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 90fab07f071 s3-smbd: avoid assuming fsp is always intact after close_file call. from 944c92a15db ctdb-daemon: Modernise debug during record deletion for vacuuming https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 90fab07f0710bb2061d3f14326c874dd049823fc Author: Günther Deschner Date: Tue Dec 18 11:10:04 2018 +0100 s3-smbd: avoid assuming fsp is always intact after close_file call. Instead use the already copied smb_fname directly. https://bugzilla.samba.org/show_bug.cgi?id=13720 Guenther Signed-off-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Dec 18 20:11:07 CET 2018 on sn-devel-144 --- Summary of changes: source3/smbd/smb2_close.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_close.c b/source3/smbd/smb2_close.c index 33863d32f5f..1888736e4ae 100644 --- a/source3/smbd/smb2_close.c +++ b/source3/smbd/smb2_close.c @@ -263,7 +263,7 @@ static NTSTATUS smbd_smb2_close(struct smbd_smb2_request *req, status = close_file(smbreq, fsp, NORMAL_CLOSE); if (!NT_STATUS_IS_OK(status)) { DEBUG(5,("smbd_smb2_close: close_file[%s]: %s\n", -fsp_str_dbg(fsp), nt_errstr(status))); +smb_fname_str_dbg(smb_fname), nt_errstr(status))); return status; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 75d15484f3b s3-vfs: Prevent NULL pointer dereference in vfs_glusterfs. from 884eeca39e9 s4:web_server: Fix build error https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 75d15484f3b71b1a2684c4a73e53aaa467f9932b Author: Günther Deschner Date: Wed Oct 10 17:32:25 2018 +0200 s3-vfs: Prevent NULL pointer dereference in vfs_glusterfs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13708 Guenther Signed-off-by: Guenther Deschner Reviewed-by: Ralph Boehme Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Dec 11 17:26:31 CET 2018 on sn-devel-144 --- Summary of changes: source3/modules/vfs_glusterfs.c | 176 +--- 1 file changed, 147 insertions(+), 29 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index 431f6fff48c..9b623a4658b 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -496,11 +496,33 @@ static DIR *vfs_gluster_opendir(struct vfs_handle_struct *handle, return (DIR *) fd; } +static glfs_fd_t *vfs_gluster_fetch_glfd(struct vfs_handle_struct *handle, +files_struct *fsp) +{ + glfs_fd_t **glfd = (glfs_fd_t **)VFS_FETCH_FSP_EXTENSION(handle, fsp); + if (glfd == NULL) { + DBG_INFO("Failed to fetch fsp extension\n"); + return NULL; + } + if (*glfd == NULL) { + DBG_INFO("Empty glfs_fd_t pointer\n"); + return NULL; + } + + return *glfd; +} + static DIR *vfs_gluster_fdopendir(struct vfs_handle_struct *handle, files_struct *fsp, const char *mask, uint32_t attributes) { - return (DIR *) *(glfs_fd_t **)VFS_FETCH_FSP_EXTENSION(handle, fsp); + glfs_fd_t *glfd = vfs_gluster_fetch_glfd(handle, fsp); + if (glfd == NULL) { + DBG_ERR("Failed to fetch gluster fd\n"); + return NULL; + } + + return (DIR *)glfd; } static int vfs_gluster_closedir(struct vfs_handle_struct *handle, DIR *dirp) @@ -591,8 +613,12 @@ static int vfs_gluster_open(struct vfs_handle_struct *handle, static int vfs_gluster_close(struct vfs_handle_struct *handle, files_struct *fsp) { - glfs_fd_t *glfd; - glfd = *(glfs_fd_t **)VFS_FETCH_FSP_EXTENSION(handle, fsp); + glfs_fd_t *glfd = vfs_gluster_fetch_glfd(handle, fsp); + if (glfd == NULL) { + DBG_ERR("Failed to fetch gluster fd\n"); + return -1; + } + VFS_REMOVE_FSP_EXTENSION(handle, fsp); return glfs_close(glfd); } @@ -601,7 +627,13 @@ static ssize_t vfs_gluster_pread(struct vfs_handle_struct *handle, files_struct *fsp, void *data, size_t n, off_t offset) { - return glfs_pread(*(glfs_fd_t **)VFS_FETCH_FSP_EXTENSION(handle, fsp), data, n, offset, 0); + glfs_fd_t *glfd = vfs_gluster_fetch_glfd(handle, fsp); + if (glfd == NULL) { + DBG_ERR("Failed to fetch gluster fd\n"); + return -1; + } + + return glfs_pread(glfd, data, n, offset, 0); } struct glusterfs_aio_state; @@ -803,6 +835,12 @@ static struct tevent_req *vfs_gluster_pread_send(struct vfs_handle_struct struct glusterfs_aio_state *state = NULL; struct tevent_req *req = NULL; int ret = 0; + glfs_fd_t *glfd = vfs_gluster_fetch_glfd(handle, fsp); + + if (glfd == NULL) { + DBG_ERR("Failed to fetch gluster fd\n"); + return NULL; + } state = aio_state_create(mem_ctx); @@ -826,8 +864,7 @@ static struct tevent_req *vfs_gluster_pread_send(struct vfs_handle_struct tevent_req_defer_callback(req, ev); PROFILE_TIMESTAMP(&state->start); - ret = glfs_pread_async(*(glfs_fd_t **)VFS_FETCH_FSP_EXTENSION(handle, - fsp), data, n, offset, 0, aio_glusterfs_done, + ret = glfs_pread_async(glfd, data, n, offset, 0, aio_glusterfs_done, state); if (ret < 0) { tevent_req_error(req, -ret); @@ -847,6 +884,12 @@ static struct tevent_req *vfs_gluster_pwrite_send(struct vfs_handle_struct struct glusterfs_aio_state *state = NULL; struct tevent_req *req = NULL; int ret = 0; + glfs_fd_t *glfd = vfs_gluster_fetch_glfd(handle, fsp); + + if (glfd == NULL) { + DBG_ERR("Failed to fetch gluster fd\n"); + return NULL; +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cb8e61b docs: Only build vfs manpages if the module is enabled from 36cb85b samba-tool domain backup: fix py2.6 incompatible format https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cb8e61b5234a614c1203db6e5ac55afb7513985d Author: Andreas Schneider Date: Fri Sep 21 18:58:53 2018 +0200 docs: Only build vfs manpages if the module is enabled Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Sep 26 20:10:07 CEST 2018 on sn-devel-144 --- Summary of changes: docs-xml/wscript_build | 95 ++ 1 file changed, 49 insertions(+), 46 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/wscript_build b/docs-xml/wscript_build index 0ba4faf..1b4335c 100644 --- a/docs-xml/wscript_build +++ b/docs-xml/wscript_build @@ -49,50 +49,6 @@ manpages=''' manpages/testparm.1 manpages/traffic_learner.7 manpages/traffic_replay.7 - manpages/vfs_acl_tdb.8 - manpages/vfs_acl_xattr.8 - manpages/vfs_aio_fork.8 - manpages/vfs_aio_pthread.8 - manpages/vfs_audit.8 - manpages/vfs_btrfs.8 - manpages/vfs_cacheprime.8 - manpages/vfs_cap.8 - manpages/vfs_catia.8 - manpages/vfs_ceph.8 - manpages/vfs_commit.8 - manpages/vfs_crossrename.8 - manpages/vfs_default_quota.8 - manpages/vfs_dirsort.8 - manpages/vfs_extd_audit.8 - manpages/vfs_fake_perms.8 - manpages/vfs_fileid.8 - manpages/vfs_fruit.8 - manpages/vfs_full_audit.8 - manpages/vfs_glusterfs.8 - manpages/vfs_gpfs.8 - manpages/vfs_linux_xfs_sgid.8 - manpages/vfs_media_harmony.8 - manpages/vfs_netatalk.8 - manpages/vfs_nfs4acl_xattr.8 - manpages/vfs_offline.8 - manpages/vfs_prealloc.8 - manpages/vfs_preopen.8 - manpages/vfs_readahead.8 - manpages/vfs_readonly.8 - manpages/vfs_recycle.8 - manpages/vfs_shadow_copy.8 - manpages/vfs_shadow_copy2.8 - manpages/vfs_shell_snap.8 - manpages/vfs_snapper.8 - manpages/vfs_streams_depot.8 - manpages/vfs_streams_xattr.8 - manpages/vfs_syncops.8 - manpages/vfs_time_audit.8 - manpages/vfs_tsmsm.8 - manpages/vfs_unityed_media.8 - manpages/vfs_virusfilter.8 - manpages/vfs_worm.8 - manpages/vfs_xattr_tdb.8 manpages/vfstest.1 manpages/wbinfo.1 manpages/winbindd.8 @@ -106,6 +62,52 @@ pam_winbind_manpages = ''' krb5_locator_manpages = 'manpages/winbind_krb5_locator.8' krb5_localauth_manpages = 'manpages/winbind_krb5_localauth.8' +vfs_module_manpages = ['vfs_acl_tdb', + 'vfs_acl_xattr', + 'vfs_aio_fork', + 'vfs_aio_pthread', + 'vfs_audit', + 'vfs_btrfs', + 'vfs_cacheprime', + 'vfs_cap', + 'vfs_catia', + 'vfs_ceph', + 'vfs_commit', + 'vfs_crossrename', + 'vfs_default_quota', + 'vfs_dirsort', + 'vfs_extd_audit', + 'vfs_fake_perms', + 'vfs_fileid', + 'vfs_fruit', + 'vfs_full_audit', + 'vfs_glusterfs', + 'vfs_gpfs', + 'vfs_linux_xfs_sgid', + 'vfs_media_harmony', + 'vfs_netatalk', + 'vfs_nfs4acl_xattr', + 'vfs_offline', + 'vfs_prealloc', + 'vfs_preopen', + 'vfs_readahead', + 'vfs_readonly', + 'vfs_recycle', + 'vfs_shadow_copy', + 'vfs_shadow_copy2', + 'vfs_shell_snap', + 'vfs_snapper', + 'vfs_streams_depot', + 'vfs_streams_xattr', + 'vfs_syncops', +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6de9d87 python/samba/tests: make sure samba.tests can be imported without SamDB via 1faaeb0 s4-dsdb: only build dsdb Python modules for AD DC via 2114768 s4-dns_server: Only build dns server Python code for AD DC from 582ce5d s3: smbd: Fix AIX sendfile() for SMB2. Ensure we don't spin on EAGAIN. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6de9d878b5f63e5b5ac7f8b5dd2ca50e4ba8fa1a Author: Alexander Bokovoy Date: Sat Jul 21 12:05:15 2018 +0300 python/samba/tests: make sure samba.tests can be imported without SamDB We are using samba.tests Python module __init__.py file as a catch-all for all types of helpers. Some of these helpers are only usable with Samba AD DC targets. When SamDB is not available in a non-Samba AD DC target, provide a dummy replacement that simply returns None. This allows to complete initialization for non-Samba AD DC target tests which do not use connect_samdb() helper. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13542 Signed-off-by: Alexander Bokovoy Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Mon Jul 23 19:36:56 CEST 2018 on sn-devel-144 commit 1faaeb00b5b8217c7a2cb145673ceba847b94cf2 Author: Alexander Bokovoy Date: Fri Jul 20 12:32:20 2018 +0300 s4-dsdb: only build dsdb Python modules for AD DC BUG: https://bugzilla.samba.org/show_bug.cgi?id=13542 Signed-off-by: Alexander Bokovoy Reviewed-by: Jeremy Allison Reviewed-by: Guenther Deschner commit 2114768a8e64647e4f429e0b4e464e0cfc056feb Author: Alexander Bokovoy Date: Fri Jul 20 12:31:20 2018 +0300 s4-dns_server: Only build dns server Python code for AD DC BUG: https://bugzilla.samba.org/show_bug.cgi?id=13542 Signed-off-by: Alexander Bokovoy Reviewed-by: Jeremy Allison Reviewed-by: Guenther Deschner --- Summary of changes: python/samba/tests/__init__.py | 7 ++- source4/dns_server/wscript_build | 8 +--- source4/dsdb/wscript_build | 11 +++ 3 files changed, 18 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/__init__.py b/python/samba/tests/__init__.py index 1d50710..dcee691 100644 --- a/python/samba/tests/__init__.py +++ b/python/samba/tests/__init__.py @@ -38,7 +38,12 @@ import samba.dcerpc.base from samba.compat import PY3, text_type from samba.compat import string_types from random import randint -from samba.samdb import SamDB +try: +from samba.samdb import SamDB +except ImportError: +# We are built without samdb support, +# imitate it so that connect_samdb() can recover +SamDB = lambda *x: None import samba.ndr import samba.dcerpc.dcerpc import samba.dcerpc.epmapper diff --git a/source4/dns_server/wscript_build b/source4/dns_server/wscript_build index c24f455..c01e618 100644 --- a/source4/dns_server/wscript_build +++ b/source4/dns_server/wscript_build @@ -71,6 +71,8 @@ for env in bld.gen_python_environments(): pytalloc_util = bld.pyembed_libname('pytalloc-util') bld.SAMBA_PYTHON('python_dsdb_dns', -source='pydns.c', -deps='samdb %s %s dnsserver_common %s' % (pyldb_util, pyrpc_util, pytalloc_util), -realname='samba/dsdb_dns.so') + source='pydns.c', + deps='samdb %s %s dnsserver_common %s' % ( + pyldb_util, pyrpc_util, pytalloc_util), + realname='samba/dsdb_dns.so', + enabled=bld.AD_DC_BUILD_IS_ENABLED()) diff --git a/source4/dsdb/wscript_build b/source4/dsdb/wscript_build index be99e99..34ba8ed 100644 --- a/source4/dsdb/wscript_build +++ b/source4/dsdb/wscript_build @@ -40,12 +40,14 @@ bld.SAMBA_MODULE('service_drepl', bld.SAMBA_LIBRARY('dsdb_garbage_collect_tombstones', source='kcc/garbage_collect_tombstones.c', deps='samdb RPC_NDR_DRSUAPI', - private_library=True) + private_library=True, + enabled=bld.AD_DC_BUILD_IS_ENABLED()) bld.SAMBA_LIBRARY('scavenge_dns_records', source='kcc/scavenge_dns_records.c', deps='samdb RPC_NDR_DRSUAPI dnsserver_common', - private_library=True) + private_library=True, + enabled=bld.AD_DC_BUILD_IS_ENABLED()) bld.SAMBA_MODULE('service_kcc', source='kcc/kcc_service.c kcc/kcc_connection.c kcc/kcc_periodic.c kcc/kcc_drs_replica_info.c', @@
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a9084dc s3:utils: Remove double error check from 2916301 ldap_server: Fix CID 1435721 Unchecked return value https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a9084dce29d9e0e76a3485edfca26add361988ba Author: Andreas Schneider Date: Wed May 23 17:35:15 2018 +0200 s3:utils: Remove double error check Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu May 24 18:07:03 CEST 2018 on sn-devel-144 --- Summary of changes: source3/utils/net_dns.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/net_dns.c b/source3/utils/net_dns.c index 9ee856c..b94bef9 100644 --- a/source3/utils/net_dns.c +++ b/source3/utils/net_dns.c @@ -96,10 +96,9 @@ DNS_ERROR DoDNSUpdate(char *pszServerName, if (!ERR_DNS_IS_OK(err)) goto error; err = dns_update_transaction(mem_ctx, conn, req, &resp); - if (!ERR_DNS_IS_OK(err)) goto error; - if (!ERR_DNS_IS_OK(err)) { DEBUG(3,("DoDNSUpdate: unsigned update failed\n")); + goto error; } if ((dns_response_code(resp->flags) == DNS_NO_ERROR) && -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 46e6626 vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async from 2a85bcb ldb_debug tests: Fix binary data in debug log https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 46e6626f73f42c84f254507c3ec2b591e2e732ba Author: Poornima G Date: Thu Feb 22 16:21:35 2018 +0530 vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async BUG: https://bugzilla.samba.org/show_bug.cgi?id=13297 Pair-Programmed-With: Anoop C S Signed-off-by: Poornima G Reviewed-by: Guenther Deschner Reviewed-by: Michael Adam Autobuild-User(master): Günther Deschner Autobuild-Date(master): Mon Feb 26 20:17:50 CET 2018 on sn-devel-144 --- Summary of changes: source3/modules/vfs_glusterfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index f9a96fa..38abb78 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -961,7 +961,7 @@ static struct tevent_req *vfs_gluster_fsync_send(struct vfs_handle_struct PROFILE_TIMESTAMP(&state->start); ret = glfs_fsync_async(*(glfs_fd_t **)VFS_FETCH_FSP_EXTENSION(handle, - fsp), aio_glusterfs_done, req); + fsp), aio_glusterfs_done, state); if (ret < 0) { tevent_req_error(req, -ret); return tevent_req_post(req, ev); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6a59619 build: fix libceph-common detection from 8c83347 util/rfc1738: update preamble https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6a59619844e0def505a6bfa778c17721c062e0ee Author: Günther Deschner Date: Mon Jan 15 23:20:39 2018 +0100 build: fix libceph-common detection BUG: https://bugzilla.samba.org/show_bug.cgi?id=13277 Guenther Signed-off-by: Guenther Deschner Reviewed-by: David Disseldorp Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Feb 22 19:30:12 CET 2018 on sn-devel-144 --- Summary of changes: source3/wscript | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/wscript b/source3/wscript index 2deb7ff..e33ecaf 100644 --- a/source3/wscript +++ b/source3/wscript @@ -1526,11 +1526,13 @@ main() { conf.env['CPPPATH_CEPHFS'] = Options.options.libcephfs_dir + '/include' conf.env['LIBPATH_CEPHFS'] = Options.options.libcephfs_dir + '/lib' conf.env['LIBPATH_CEPH-COMMON'] = Options.options.libcephfs_dir + '/lib/ceph' +else: +conf.env['LIBPATH_CEPH-COMMON'] = Options.options.LIBDIR + '/ceph' if (Options.options.with_cephfs and conf.CHECK_HEADERS('cephfs/libcephfs.h', False, False, 'cephfs') and -conf.CHECK_LIB('cephfs', shlib=True) and -conf.CHECK_LIB('ceph-common', shlib=True)): +conf.CHECK_LIB('cephfs', shlib=True)): +conf.CHECK_LIB('ceph-common', shlib=True) if Options.options.with_acl_support: conf.DEFINE('HAVE_CEPH', '1') if conf.CHECK_FUNCS_IN('ceph_statx', 'cephfs ceph-common', -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8224a3d packaging: fix default systemd-dir path. via 1129388 python: fix the build with python3. from 7a3f97f selftest: fix envvars for creation of default user in wait_for_start https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8224a3d6a03aeb4648bb624f775b139115567a8f Author: Günther Deschner Date: Tue Jan 16 16:25:01 2018 +0100 packaging: fix default systemd-dir path. https://bugzilla.samba.org/show_bug.cgi?id=13227 By default we should not end up with a /usr/usr/lib/systemd/system path. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Jan 16 21:02:28 CET 2018 on sn-devel-144 commit 112938879f9e04a9a4f3d2ed69efacf2bce83799 Author: Günther Deschner Date: Mon Jan 15 21:56:22 2018 +0100 python: fix the build with python3. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13221 Guenther Signed-off-by: Guenther Deschner Reviewed-by: Alexander Bokovoy --- Summary of changes: packaging/wscript | 4 ++-- python/samba/emulate/traffic_packets.py| 2 +- python/samba/forest_update.py | 4 ++-- python/samba/tests/blackbox/traffic_summary.py | 2 +- python/samba/tests/samba_tool/visualize.py | 6 +++--- 5 files changed, 9 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/packaging/wscript b/packaging/wscript index 76158e9..6cee6b9 100644 --- a/packaging/wscript +++ b/packaging/wscript @@ -10,9 +10,9 @@ def set_options(opt): action="store_true", dest="systemd_install_services", default=False) gr.add_option('--with-systemddir', - help=("systemd service directory [PREFIX/usr/lib/systemd/system]"), + help=("systemd service directory [PREFIX/lib/systemd/system]"), action="store", dest="SYSTEMDDIR", - default="${PREFIX}/usr/lib/systemd/system") + default="${PREFIX}/lib/systemd/system") # # extra service directives # diff --git a/python/samba/emulate/traffic_packets.py b/python/samba/emulate/traffic_packets.py index 1df21f9..185d1d5 100644 --- a/python/samba/emulate/traffic_packets.py +++ b/python/samba/emulate/traffic_packets.py @@ -84,7 +84,7 @@ name_formats = [ def warning(message): -print "\033[37;41;1m" "Warning: %s" "\033[00m" % (message) +print("\033[37;41;1m" "Warning: %s" "\033[00m" % (message)) ### # diff --git a/python/samba/forest_update.py b/python/samba/forest_update.py index 9f6ddf6..ba6f859 100644 --- a/python/samba/forest_update.py +++ b/python/samba/forest_update.py @@ -300,8 +300,8 @@ objectClass: container "SCHEMA_DN": str(self.schema_dn)}) if self.verbose: -print "UPDATE (LDIF) -- OPERATION %d" % op -print sub_ldif +print("UPDATE (LDIF) -- OPERATION %d" % op) +print(sub_ldif) self.samdb.modify_ldif(sub_ldif) if self.add_update_container: diff --git a/python/samba/tests/blackbox/traffic_summary.py b/python/samba/tests/blackbox/traffic_summary.py index b2bbc2c..99fe6b8 100644 --- a/python/samba/tests/blackbox/traffic_summary.py +++ b/python/samba/tests/blackbox/traffic_summary.py @@ -59,7 +59,7 @@ class TrafficSummaryTests(BlackboxTestCase): with temp_file(self.tempdir) as output: command = "%s %s >%s" % (SCRIPT, INPUT, output) -print command +print(command) self.check_run(command) expected = open(EXPECTED_FN).readlines() actual = open(output).readlines() diff --git a/python/samba/tests/samba_tool/visualize.py b/python/samba/tests/samba_tool/visualize.py index 292d496..c00c6ea 100644 --- a/python/samba/tests/samba_tool/visualize.py +++ b/python/samba/tests/samba_tool/visualize.py @@ -284,7 +284,7 @@ class SambaToolVisualizeLdif(SambaToolCmdTest): self.tempdir, self.lp, tag='disconnected') dburl = 'tdb://' + dbfile -print dbfile +print(dbfile) result, output, err = self.runsubcmd("visualize", "ntdsconn", '-H',
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 732ba3c vfs_glusterfs: include glusterfs/api/glfs.h without relying on -I options from 7470b9b smbc_opendir should not return EEXIST with invalid login credentials https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 732ba3c84a2d40040550ea36b0478dd6af9a173a Author: Niels de Vos Date: Tue Oct 31 15:52:49 2017 +0100 vfs_glusterfs: include glusterfs/api/glfs.h without relying on -I options BUG: https://bugzilla.samba.org/show_bug.cgi?id=13125 The glfs.h header file has always resided under glusterfs/api/ in the standard include directory. The glusterfs-api.pc file adds the unneeded -I${includedir}/glusterfs compiler option. This option will be removed from future versions of the pkg-config file. This change can safely be backported to older versions if there is a need to have them build against glusterfs-3.13 or newer. URL: https://review.gluster.org/18576 CC: Andrea Bolognani Signed-off-by: Niels de Vos Reviewed-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Nov 9 22:37:30 CET 2017 on sn-devel-144 --- Summary of changes: source3/modules/vfs_glusterfs.c | 2 +- source3/wscript | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index 3534ed7..8c24557 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -38,7 +38,7 @@ #include "includes.h" #include "smbd/smbd.h" #include -#include "api/glfs.h" +#include #include "lib/util/dlinklist.h" #include "lib/util/tevent_unix.h" #include "smbd/globals.h" diff --git a/source3/wscript b/source3/wscript index 8144334..e311f5f 100644 --- a/source3/wscript +++ b/source3/wscript @@ -1580,10 +1580,10 @@ main() { if Options.options.with_glusterfs: conf.CHECK_CFG(package='glusterfs-api', args='"glusterfs-api >= 4" --cflags --libs', msg='Checking for glusterfs-api >= 4', uselib_store="GFAPI") -conf.CHECK_HEADERS('api/glfs.h', lib='gfapi') +conf.CHECK_HEADERS('glusterfs/api/glfs.h', lib='gfapi') conf.CHECK_LIB('gfapi', shlib=True) -if conf.CONFIG_SET('HAVE_API_GLFS_H'): +if conf.CONFIG_SET('HAVE_GLUSTERFS_API_GLFS_H'): if Options.options.with_acl_support: conf.DEFINE('HAVE_GLUSTERFS', '1') else: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7917f97 vfs_fruit: Replace closedir() by SMB_VFS_CLOSEDIR from 2abc127 docs-xml: Fix a typo in manpage for vfs_fruit https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7917f9721c9f8efdf9e7b7c50a9e5147250e36fe Author: Anoop C S Date: Fri Oct 13 20:38:31 2017 +0530 vfs_fruit: Replace closedir() by SMB_VFS_CLOSEDIR Pointer to directory 'dh' inside fruit_rmdir() is obtained using SMB_VFS_OPENDIR. But this handle is closed directly by invoking closedir() rather than SMB_VFS_CLOSEDIR. This will result in a smbd crash if this handle was not obtained from local file system. Therefore use SMB_VFS_CLOSEDIR corresponding to SMB_VFS_OPENDIR to correctly close the directory handle. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13086 Signed-off-by: Anoop C S Reviewed-by: Ralph Boehme Reviewed-by: Jeremy Allison Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Mon Oct 16 19:56:55 CEST 2017 on sn-devel-144 --- Summary of changes: source3/modules/vfs_fruit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c index 2771980..b0dd0f0 100644 --- a/source3/modules/vfs_fruit.c +++ b/source3/modules/vfs_fruit.c @@ -3785,7 +3785,7 @@ static int fruit_rmdir(struct vfs_handle_struct *handle, exit_rmdir: if (dh) { - closedir(dh); + SMB_VFS_CLOSEDIR(handle->conn, dh); } return SMB_VFS_NEXT_RMDIR(handle, smb_fname); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5f2576a lib: gpo: Put enforced GPOs at the end of the list. via 69410c0 lib: gpo: Fixes issue with GPOPTIONS_BLOCK_INHERITANCE. via 6a53177 lib: gpo: Changes order to match GPO application order. from c40531d ldb: Release ldb 1.3.0 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5f2576a9af4f3c33121ad2b27a621b5f3bb34374 Author: Lutz Justen Date: Thu Sep 21 10:32:05 2017 -0700 lib: gpo: Put enforced GPOs at the end of the list. Enforced GPOs should be applied on top of all non-enforced GPOs, so that they override policies set in non-enforced GPOs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046 Signed-off-by: Lutz Justen Reviewed-by: Jeremy Allison Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Sat Sep 23 05:25:19 CEST 2017 on sn-devel-144 commit 69410c0a02f7b4d7d20eadf4b4fda8ea064e4a0e Author: Lutz Justen Date: Thu Sep 21 10:11:15 2017 -0700 lib: gpo: Fixes issue with GPOPTIONS_BLOCK_INHERITANCE. GP links with the GPOPTIONS_BLOCK_INHERITANCE option set were blocking GPOs from the same link (i.e. an OU with the flag set would block its own GPOs). This patch makes sure the GPOs from the link are added to the list. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046 Signed-off-by: Lutz Justen Reviewed-by: Jeremy Allison Reviewed-by: Guenther Deschner commit 6a531773b841f6b713226d1166a1e7d4dbc9b282 Author: Lutz Justen Date: Thu Sep 21 10:01:58 2017 -0700 lib: gpo: Changes order to match GPO application order. The order of GPOs in a gpo_list generated by ads_get_gpo_list did not match the order of application. Since GPOs are pushed to the FRONT of gpo_list, GPOs have to be pushed in the opposite order of application. (Pushing to front is useful to get inheritance blocking right). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046 Signed-off-by: Lutz Justen Reviewed-by: Jeremy Allison Reviewed-by: Guenther Deschner --- Summary of changes: libgpo/gpo_ldap.c | 221 +++--- 1 file changed, 142 insertions(+), 79 deletions(-) Changeset truncated at 500 lines: diff --git a/libgpo/gpo_ldap.c b/libgpo/gpo_ldap.c index 4533d61..fec0005 100644 --- a/libgpo/gpo_ldap.c +++ b/libgpo/gpo_ldap.c @@ -554,6 +554,7 @@ ADS_STATUS ads_get_gpo(ADS_STRUCT *ads, static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct GROUP_POLICY_OBJECT **gpo_list, +struct GROUP_POLICY_OBJECT **forced_gpo_list, const char *link_dn, struct GP_LINK *gp_link, enum GPO_LINK_TYPE link_type, @@ -561,11 +562,20 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads, const struct security_token *token) { ADS_STATUS status; - int i; - - for (i = 0; i < gp_link->num_links; i++) { - + uint32_t count; + + /* +* Note: DLIST_ADD pushes to the front, +* so loop from last to first to get the +* order right. +*/ + for (count = gp_link->num_links; count > 0; count--) { + /* NB. Index into arrays is one less than counter. */ + uint32_t i = count - 1; + struct GROUP_POLICY_OBJECT **target_list = NULL; struct GROUP_POLICY_OBJECT *new_gpo = NULL; + bool is_forced = + (gp_link->link_opts[i] & GPO_LINK_OPT_ENFORCED) != 0; if (gp_link->link_opts[i] & GPO_LINK_OPT_DISABLED) { DEBUG(10,("skipping disabled GPO\n")); @@ -574,7 +584,7 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads, if (only_add_forced_gpos) { - if (!(gp_link->link_opts[i] & GPO_LINK_OPT_ENFORCED)) { + if (!is_forced) { DEBUG(10,("skipping nonenforced GPO link " "because GPOPTIONS_BLOCK_INHERITANCE " "has been set\n")); @@ -617,7 +627,8 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads, new_gpo->link = link_dn; new_gpo->link_type = link_type; - DLIST_ADD(*gpo_list, new_gpo); + target_list = is_forced ? forced_gpo_list : gpo_lis
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via df0db9d vfs_fruit: don't use MS NFS ACEs with Windows clients from 4e68d37 ctdb-docs: Update documentation of ipreallocated event https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit df0db9d8f893f9245c6289200303b94a6e2d48d0 Author: Ralph Boehme Date: Wed Jul 12 09:33:59 2017 +0200 vfs_fruit: don't use MS NFS ACEs with Windows clients Bug: https://bugzilla.samba.org/show_bug.cgi?id=12897 Signed-off-by: Ralph Boehme Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Jul 13 22:21:08 CEST 2017 on sn-devel-144 --- Summary of changes: source3/modules/vfs_fruit.c | 6 ++ 1 file changed, 6 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c index 3482d4e..7c481cd 100644 --- a/source3/modules/vfs_fruit.c +++ b/source3/modules/vfs_fruit.c @@ -2606,6 +2606,9 @@ static NTSTATUS check_ms_nfs(vfs_handle_struct *handle, struct fruit_config_data, return NT_STATUS_UNSUCCESSFUL); + if (!global_fruit_config.nego_aapl) { + return NT_STATUS_OK; + } if (psd->dacl == NULL || !config->unix_info_enabled) { return NT_STATUS_OK; } @@ -5280,6 +5283,9 @@ static NTSTATUS fruit_fget_nt_acl(vfs_handle_struct *handle, /* * Add MS NFS style ACEs with uid, gid and mode */ + if (!global_fruit_config.nego_aapl) { + return NT_STATUS_OK; + } if (!config->unix_info_enabled) { return NT_STATUS_OK; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 259e170 vfs_fruit: add fruit:model = parametric option from 539714e ctdb-scripts: Fix inline comments in 10.interface https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 259e1706e3206b215e136ea9d5beef4c9e3fcdee Author: Günther Deschner Date: Wed Jun 28 18:10:28 2017 +0200 vfs_fruit: add fruit:model = parametric option fruit:model = iMac fruit:model = MacBook fruit:model = MacPro fruit:model = Xserve will all display a different icon inside Finder. Formerly, we used "Samba" which resulted in a "?" icon in Finder, with the new default "MacSamba" we appear with a computer box icon at least. Guenther Bug: https://bugzilla.samba.org/show_bug.cgi?id=12840 Signed-off-by: Guenther Deschner Signed-off-by: Ralph Boehme Reviewed-by: Ralph Boehme Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Jul 12 03:17:57 CEST 2017 on sn-devel-144 --- Summary of changes: docs-xml/manpages/vfs_fruit.8.xml | 9 + source3/modules/vfs_fruit.c | 6 +- source4/torture/vfs/fruit.c | 8 +++- 3 files changed, 21 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_fruit.8.xml b/docs-xml/manpages/vfs_fruit.8.xml index a86dec6..7097aac 100644 --- a/docs-xml/manpages/vfs_fruit.8.xml +++ b/docs-xml/manpages/vfs_fruit.8.xml @@ -160,6 +160,15 @@ + + fruit:model = MacSamba + + This option defines the model string inside the AAPL + extension and will determine the appearance of the icon representing the + Samba server in the Finder window. + The default is MacSamba. + + diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c index b49ee1c..3482d4e 100644 --- a/source3/modules/vfs_fruit.c +++ b/source3/modules/vfs_fruit.c @@ -138,6 +138,7 @@ struct fruit_config_data { bool veto_appledouble; bool posix_rename; bool aapl_zero_file_id; + const char *model; /* * Additional options, all enabled by default, @@ -1628,6 +1629,9 @@ static int init_fruit_config(vfs_handle_struct *handle) config->readdir_attr_max_access = lp_parm_bool( SNUM(handle->conn), "readdir_attr", "aapl_max_access", true); + config->model = lp_parm_const_string( + -1, FRUIT_PARAM_TYPE_NAME, "model", "MacSamba"); + SMB_VFS_HANDLE_SET_DATA(handle, config, NULL, struct fruit_config_data, return -1); @@ -2272,7 +2276,7 @@ static NTSTATUS check_aapl(vfs_handle_struct *handle, if (req_bitmap & SMB2_CRTCTX_AAPL_MODEL_INFO) { ok = convert_string_talloc(req, CH_UNIX, CH_UTF16LE, - "Samba", strlen("Samba"), + config->model, strlen(config->model), &model, &modellen); if (!ok) { return NT_STATUS_UNSUCCESSFUL; diff --git a/source4/torture/vfs/fruit.c b/source4/torture/vfs/fruit.c index 2ab153a..c78c906 100644 --- a/source4/torture/vfs/fruit.c +++ b/source4/torture/vfs/fruit.c @@ -1252,7 +1252,13 @@ static bool enable_aapl(struct torture_context *tctx, torture_assert_goto(tctx, aapl != NULL, ret, done, "missing AAPL context"); if (!is_osx_server) { - torture_assert_goto(tctx, aapl->data.length == 50, ret, done, "bad AAPL size"); + size_t exptected_aapl_ctx_size; + + exptected_aapl_ctx_size = strlen("MacSamba") * 2 + 40; + + torture_assert_goto( + tctx, aapl->data.length == exptected_aapl_ctx_size, + ret, done, "bad AAPL size"); } aapl_server_caps = BVAL(aapl->data.data, 16); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cb17fcc s3-spoolss: add winreg_del_driver_package_internal() via dceb6dc s3-rpc_cli: add winreg_del_driver_package() via 1e81178 s3-spoolss: add winreg_get_driver_package_internal() via 7ced1c3 s3-rpc_cli: add winreg_get_driver_package() via 5a3b99b s3-spoolss: add winreg_add_driver_package_internal() via 1494e94 s3-rpc_cli: add winreg_add_driver_package() via 48e65a1 s3-spoolss: add winreg_add_core_driver_internal() via f22c5f1 s3-rpc_cli: add winreg_add_core_driver() via 5eeb178 s3-spoolss: add winreg_get_core_driver_internal() via 071faf5 s3-rpc_cli: add winreg_get_core_driver() from 547524d s3: popt: Change to NULL from talloc_autofree_context() now we correctly free on exit. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cb17fcc5f53f336d802f6105e6bf3239ac2106a4 Author: Günther Deschner Date: Wed Nov 2 18:17:58 2016 +0100 s3-spoolss: add winreg_del_driver_package_internal() Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue May 9 20:44:17 CEST 2017 on sn-devel-144 commit dceb6dc3864206a6562d02499f066e21a61e60d0 Author: Günther Deschner Date: Wed Nov 2 18:17:37 2016 +0100 s3-rpc_cli: add winreg_del_driver_package() Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider commit 1e81178e2bf48470f3e5866b70f0f9d305db6438 Author: Günther Deschner Date: Wed Nov 2 14:37:02 2016 +0100 s3-spoolss: add winreg_get_driver_package_internal() Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider commit 7ced1c30fcadfcab239a8796292f736a74a4357a Author: Günther Deschner Date: Wed Nov 2 14:36:45 2016 +0100 s3-rpc_cli: add winreg_get_driver_package() Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider commit 5a3b99b7ce6a7342a8a427b941268a6a302ee158 Author: Günther Deschner Date: Wed Nov 2 13:43:34 2016 +0100 s3-spoolss: add winreg_add_driver_package_internal() Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider commit 1494e94700be68d8c07753371dc8d09b120584fc Author: Günther Deschner Date: Wed Nov 2 13:40:00 2016 +0100 s3-rpc_cli: add winreg_add_driver_package() Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider commit 48e65a15ac306051c0f37520a86d38f254b04321 Author: Günther Deschner Date: Mon Oct 31 18:07:50 2016 +0100 s3-spoolss: add winreg_add_core_driver_internal() Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider commit f22c5f1b9aaac39fea7b58817f67654595f74658 Author: Günther Deschner Date: Mon Oct 31 18:07:33 2016 +0100 s3-rpc_cli: add winreg_add_core_driver() Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider commit 5eeb178fe8942b0a4c41dee4ed1195ffa4ab524e Author: Günther Deschner Date: Mon Oct 31 17:43:58 2016 +0100 s3-spoolss: add winreg_get_core_driver_internal() Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider commit 071faf59dc528a78f724a48b20754318da252968 Author: Günther Deschner Date: Mon Oct 31 17:43:28 2016 +0100 s3-rpc_cli: add winreg_get_core_driver() Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider --- Summary of changes: source3/include/registry.h| 1 + source3/registry/reg_backend_db.c | 1 + source3/registry/reg_init_full.c | 1 + source3/rpc_client/cli_winreg_spoolss.c | 728 ++ source3/rpc_client/cli_winreg_spoolss.h | 114 source3/rpc_server/spoolss/srv_spoolss_util.c | 160 ++ source3/rpc_server/spoolss/srv_spoolss_util.h | 30 ++ 7 files changed, 1035 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/include/registry.h b/source3/include/registry.h index 0de392f..7d2aad9 100644 --- a/source3/include/registry.h +++ b/source3/include/registry.h @@ -103,6 +103,7 @@ struct registry_key { #define KEY_TCPIP_PARAMS "HKLM\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters" #define KEY_PROD_OPTIONS "HKLM\\SYSTEM\\CurrentControlSet\\Control\\ProductOptions" #define KEY_PRINTING "HKLM\\SYSTEM\\CurrentControlSet\\Control\\Print" +#define KEY_PCC"HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Print\\PackageInstallation" #define KEY_PRINTING_2K"HKLM\\SOFTWARE\\
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via bbeef55 lib/crypto: implement samba.crypto Python module for RC4 from 64b20a1 examples:clifuse: Add a stub for getattr https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit bbeef554f2c15e739f6095fcb57d9ef6646b411c Author: Alexander Bokovoy Date: Fri Mar 10 16:20:06 2017 +0200 lib/crypto: implement samba.crypto Python module for RC4 Implement a small Python module that exposes arcfour_crypt_blob() function widely used in Samba C code. When Samba Python bindings are used to call LSA CreateTrustedDomainEx2, there is a need to encrypt trusted credentials with RC4 cipher. Current Samba Python code relies on Python runtime to provide RC4 cipher. However, in FIPS 140-2 mode system crypto libraries do not provide access RC4 cipher at all. According to Microsoft dochelp team, Windows is treating AuthenticationInformation blob encryption as 'plain text' in terms of FIPS 140-2, thus doing application-level encryption. Replace samba.arcfour_encrypt() implementation with a call to samba.crypto.arcfour_crypt_blob(). Signed-off-by: Alexander Bokovoy Reviewed-by: Simo Sorce Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Mar 15 01:30:24 CET 2017 on sn-devel-144 --- Summary of changes: lib/crypto/py_crypto.c | 90 lib/crypto/wscript_build | 7 python/samba/__init__.py | 16 ++--- 3 files changed, 99 insertions(+), 14 deletions(-) create mode 100644 lib/crypto/py_crypto.c Changeset truncated at 500 lines: diff --git a/lib/crypto/py_crypto.c b/lib/crypto/py_crypto.c new file mode 100644 index 000..bf7f9f4 --- /dev/null +++ b/lib/crypto/py_crypto.c @@ -0,0 +1,90 @@ +/* + Unix SMB/CIFS implementation. + Samba crypto functions + + Copyright (C) Alexander Bokovoy 2017 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include +#include "includes.h" +#include "python/py3compat.h" +#include "lib/crypto/arcfour.h" + +static PyObject *py_crypto_arcfour_crypt_blob(PyObject *module, PyObject *args, PyObject *kwargs) +{ + DATA_BLOB data, key; + PyObject *py_data, *py_key, *result; + TALLOC_CTX *ctx; + + if (!PyArg_ParseTuple(args, "OO", &py_data, &py_key)) + return NULL; + + if (!PyBytes_Check(py_data)) { + PyErr_Format(PyExc_TypeError, "bytes expected"); + return NULL; + } + + if (!PyBytes_Check(py_key)) { + PyErr_Format(PyExc_TypeError, "bytes expected"); + return NULL; + } + + ctx = talloc_new(NULL); + + data.length = PyBytes_Size(py_data); + data.data = talloc_memdup(ctx, PyBytes_AsString(py_data), data.length); + if (!data.data) { + talloc_free(ctx); + return PyErr_NoMemory(); + } + + key.data = (uint8_t *)PyBytes_AsString(py_key); + key.length = PyBytes_Size(py_key); + + arcfour_crypt_blob(data.data, data.length, &key); + + result = PyBytes_FromStringAndSize((const char*) data.data, data.length); + talloc_free(ctx); + return result; +} + + +static const char py_crypto_arcfour_crypt_blob_doc[] = "arcfour_crypt_blob(data, key)\n" +"Encrypt the data with RC4 algorithm using the key"; + +static PyMethodDef py_crypto_methods[] = { + { "arcfour_crypt_blob", (PyCFunction)py_crypto_arcfour_crypt_blob, METH_VARARGS, py_crypto_arcfour_crypt_blob_doc }, + { NULL }, +}; + +static struct PyModuleDef moduledef = { + PyModuleDef_HEAD_INIT, + .m_name = "crypto", + .m_doc = "Crypto functions required for SMB", + .m_size = -1, + .m_methods = py_crypto_methods, +}; + +MODULE_INIT_FUNC(crypto) +{ + PyObject *m; + + m = PyModule_Create(&moduledef); + if (m == NULL) + return NULL; + + return m; +} diff --git a/lib/crypto/wscrip
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b1dc72d s3-waf: remove duplicate ctags definition from 03c4cf5 tests/ndrdump: Add a test for --hex-input https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b1dc72df2305748ecd02085c0845377b17c5ead9 Author: Günther Deschner Date: Mon Jan 23 16:45:53 2017 +0100 s3-waf: remove duplicate ctags definition Guenther Signed-off-by: Guenther Deschner Reviewed-by: Volker Lendecke Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Feb 14 17:38:34 CET 2017 on sn-devel-144 --- Summary of changes: source3/wscript | 9 - 1 file changed, 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/wscript b/source3/wscript index b886e1b..07338e9 100644 --- a/source3/wscript +++ b/source3/wscript @@ -1869,12 +1869,3 @@ main() { Logs.info("%s: %s" % (shared_env, ','.join(conf.env[shared_env]))) conf.SAMBA_CONFIG_H('include/config.h') - -def ctags(ctx): -"build 'tags' file using ctags" -import Utils -source_root = os.path.dirname(Utils.g_module.root_path) -cmd = 'ctags $(find %s/.. -name "*.[ch]" | grep -v "*_proto\.h")' % source_root -print("Running: %s" % cmd) -os.system(cmd) - -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 17a6e57 s4-torture: add more NDR tests for GetCorePrinterDrivers via db7b812 librpc/ndr: add [to_null] keyword to szPackageId in spoolss_CorePrinterDriver. via 56255c1 s4-torture: add some NDR tests for validating ndr_push_charset behavior. via d30b008 pidl: use ndr_push_charset_to_null() when [to_null] keyword is used in IDL via 303ae2a librpc/ndr: add ndr_push_charset_to_null and increase library version (abi change) from 9b0fc29 winbind: Don't add duplicate IDs in wbinfo -r https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 17a6e57fcc37c56d4d9b52fad475531f32abac10 Author: Günther Deschner Date: Fri Nov 25 17:32:51 2016 +0100 s4-torture: add more NDR tests for GetCorePrinterDrivers Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Jan 24 14:42:34 CET 2017 on sn-devel-144 commit db7b8121496bc68679b450d1a413c0d010bf7c52 Author: Günther Deschner Date: Tue Nov 1 18:19:02 2016 +0100 librpc/ndr: add [to_null] keyword to szPackageId in spoolss_CorePrinterDriver. Guenther Signed-off-by: Guenther Deschner commit 56255c1c602fa24654ac41c518a6aaa75bc6415b Author: Günther Deschner Date: Fri Jan 13 13:16:22 2017 +0100 s4-torture: add some NDR tests for validating ndr_push_charset behavior. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit d30b008a642c9bb0d85519f42aef56a53e44cc77 Author: Günther Deschner Date: Mon Jan 23 14:50:45 2017 +0100 pidl: use ndr_push_charset_to_null() when [to_null] keyword is used in IDL Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit 303ae2a023dda7686cfded36951ec2baad30d9b6 Author: Günther Deschner Date: Wed Jan 11 16:57:49 2017 +0100 librpc/ndr: add ndr_push_charset_to_null and increase library version (abi change) We were crashing earlier when calculating the length of NULL strings in fixed size arrays (noticed while replying with an empty spoolss_CorePrinterDriver struct within the spoolss_GetCorePrinterDrivers call). Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher --- Summary of changes: librpc/ABI/{ndr-0.0.8.sigs => ndr-0.0.9.sigs} | 1 + librpc/idl/spoolss.idl| 2 +- librpc/ndr/libndr.h | 1 + librpc/ndr/ndr_string.c | 16 +++ librpc/wscript_build | 2 +- pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 6 +- source4/torture/ndr/charset.c | 91 source4/torture/ndr/ndr.c | 1 + source4/torture/ndr/spoolss.c | 143 ++ source4/torture/wscript_build | 1 + 10 files changed, 261 insertions(+), 3 deletions(-) copy librpc/ABI/{ndr-0.0.8.sigs => ndr-0.0.9.sigs} (99%) create mode 100644 source4/torture/ndr/charset.c Changeset truncated at 500 lines: diff --git a/librpc/ABI/ndr-0.0.8.sigs b/librpc/ABI/ndr-0.0.9.sigs similarity index 99% copy from librpc/ABI/ndr-0.0.8.sigs copy to librpc/ABI/ndr-0.0.9.sigs index 6bf637c..b363b96 100644 --- a/librpc/ABI/ndr-0.0.8.sigs +++ b/librpc/ABI/ndr-0.0.9.sigs @@ -177,6 +177,7 @@ ndr_push_array_uint8: enum ndr_err_code (struct ndr_push *, int, const uint8_t * ndr_push_blob: DATA_BLOB (struct ndr_push *) ndr_push_bytes: enum ndr_err_code (struct ndr_push *, const uint8_t *, uint32_t) ndr_push_charset: enum ndr_err_code (struct ndr_push *, int, const char *, uint32_t, uint8_t, charset_t) +ndr_push_charset_to_null: enum ndr_err_code (struct ndr_push *, int, const char *, uint32_t, uint8_t, charset_t) ndr_push_dlong: enum ndr_err_code (struct ndr_push *, int, int64_t) ndr_push_double: enum ndr_err_code (struct ndr_push *, int, double) ndr_push_enum_uint16: enum ndr_err_code (struct ndr_push *, int, uint16_t) diff --git a/librpc/idl/spoolss.idl b/librpc/idl/spoolss.idl index 078f69f..e759d2d 100644 --- a/librpc/idl/spoolss.idl +++ b/librpc/idl/spoolss.idl @@ -3288,7 +3288,7 @@ cpp_quote("#define spoolss_security_descriptor security_descriptor") GUID core_driver_guid; NTTIME driver_date; hyper driver_version; - [charset(UTF16)] uint16 szPackageID[260]; + [charset(UTF16),to_null] uint16 szPackageID[260]; } spoolss_CorePrinterDriver; [public] HRESULT spoolss_GetCorePrinterDrivers( diff --git a/librpc/ndr/libndr.h b/librpc/ndr/libndr.h index 0c3c55a..7337e86 100644 --- a/librpc/ndr/libndr.h +++ b/librpc/n
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1a59014 docs-xml: Remove duplicate listing of configfile option in man pages from 0383034 WHATSNEW: CTDB updates https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1a5901440272158025a01a4619c1d178dfefc732 Author: Anoop C S Date: Thu Dec 15 16:06:35 2016 +0530 docs-xml: Remove duplicate listing of configfile option in man pages stdarg.configfile option is hierarchically included within common.samba.client entity. So explicit inclusion of this term will generate man pages with configfile option listed twice. Signed-off-by: Anoop C S Reviewed-by: Guenther Deschner Reviewed-by: David Disseldorp Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Dec 21 13:13:16 CET 2016 on sn-devel-144 --- Summary of changes: docs-xml/manpages/net.8.xml| 1 - docs-xml/manpages/smbcontrol.1.xml | 1 - 2 files changed, 2 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml index 6e852fd..8ce2413 100644 --- a/docs-xml/manpages/net.8.xml +++ b/docs-xml/manpages/net.8.xml @@ -108,7 +108,6 @@ &stdarg.netbios.name; - &stdarg.configfile; -S|--server server diff --git a/docs-xml/manpages/smbcontrol.1.xml b/docs-xml/manpages/smbcontrol.1.xml index 03836aa..ebbb8dc 100644 --- a/docs-xml/manpages/smbcontrol.1.xml +++ b/docs-xml/manpages/smbcontrol.1.xml @@ -50,7 +50,6 @@ &popt.autohelp; - &stdarg.configfile; &popt.common.samba.client; -t|--timeout -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8577456 support volfile fetch from multiple glusterd nodes from 1d2d0c3 ctdb-scripts: Strengthen check to see if ctdbd is running https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 857745655bd29656de3b0f96765d6b65221f3a3e Author: Raghavendra Talur Date: Thu Aug 25 16:03:55 2016 +0530 support volfile fetch from multiple glusterd nodes glusterfs:volfile_server option can be used in smb.conf to define where to fetch the volfile from. Currently it supports only a single IP or a hostname. The default is 'localhost'. glfs_set_volfile_server() has been enhanced in gfapi to support multiple invocations. A list is maintained in libgfapi which gets appended on every invocation. When glfs_init is performed, libgfapi would first try to fetch the volfile from glusterd on that node. However, on failure to fetch the volfile, it would proceed to contact glusterd on every node in the list until it gets the volfile or exhausts the list. This enhacement was done in Gluster commit [2]. This commit is available in 3.6, 3.7, 3.8 versions of Gluster. As we cannot have multiple lines having the same key of glusterfs:volfile_server in a share definition in smb.conf, we propose a scheme like this: where value of glusterfs:volfile_server could be list of white space seperated elements where each element could be unix+/path/to/socket/file or [tcp+]IP|hostname|\[IPv6\][:port]. Note the restriction on naming a IPv6 host, it follows the same restriction that is based on IPv6 naming in URL as per RFC 2732[1]. [1] http://www.ietf.org/rfc/rfc2732.txt [2] 0c1d78f5c52c69268ec3a1d8d5fcb1a1bf15f243 Signed-off-by: Raghavendra Talur Reviewed-by: Jeremy Allison Reviewed-by: Michael Adam Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Oct 14 17:09:24 CEST 2016 on sn-devel-144 --- Summary of changes: docs-xml/manpages/vfs_glusterfs.8.xml | 16 - source3/modules/vfs_glusterfs.c | 128 ++ 2 files changed, 130 insertions(+), 14 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_glusterfs.8.xml b/docs-xml/manpages/vfs_glusterfs.8.xml index 5e18e53..5e67f71 100644 --- a/docs-xml/manpages/vfs_glusterfs.8.xml +++ b/docs-xml/manpages/vfs_glusterfs.8.xml @@ -131,7 +131,19 @@ Defines which volfile server to use, defaults to - localhost. + localhost. It could be list of white space + seperated elements where each element could be + + + 1. unix+/path/to/socket/file + + + 2. [tcp+]IP|hostname|\[IPv6\][:port] + + + Note the restriction on naming a IPv6 host, it follows + the same restriction that is based on IPv6 naming in + URL as per RFC 2732. @@ -153,7 +165,7 @@ VERSION - This man page is correct for version 4.2.0 of the Samba suite. + This man page is correct for version 4.6.0 of the Samba suite. diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index b0ff0f6..3e15ce6 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -157,13 +157,116 @@ static void glfs_clear_preopened(glfs_t *fs) } } +static int vfs_gluster_set_volfile_servers(glfs_t *fs, + const char *volfile_servers) +{ + char *server = NULL; + int server_count = 0; + int server_success = 0; + int ret = -1; + TALLOC_CTX *frame = talloc_stackframe(); + + DBG_INFO("servers list %s\n", volfile_servers); + + while (next_token_talloc(frame, &volfile_servers, &server, " \t")) { + char *transport = NULL; + char *host = NULL; + int port = 0; + + server_count++; + DBG_INFO("server %d %s\n", server_count, server); + + /* Determine the transport type */ + if (strncmp(server, "unix+", 5) == 0) { + port = 0; + transport = talloc_strdup(frame, "unix"); + if (!transport) { + errno = ENOMEM; + goto out; +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d7214a8 spoolss: Fix caching of printername->sharename from 7accec7 Update smbrun to allow for settings environment variables. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d7214a82169e777a6432347ad3dbab8013b83194 Author: Volker Lendecke Date: Wed Oct 12 11:06:51 2016 +0200 spoolss: Fix caching of printername->sharename time_mono() gives seconds since boot, gencache expects seconds since epoch. With time_mono(), the values are always expired immediately. Bug: https://bugzilla.samba.org/show_bug.cgi?id=12374 Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Oct 13 13:48:52 CEST 2016 on sn-devel-144 --- Summary of changes: source3/rpc_server/spoolss/srv_spoolss_nt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c index c8ff449..9f1d44f 100644 --- a/source3/rpc_server/spoolss/srv_spoolss_nt.c +++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c @@ -705,13 +705,13 @@ static WERROR set_printer_hnd_name(TALLOC_CTX *mem_ctx, if (!found) { gencache_set(cache_key, printer_not_found, -time_mono(NULL) + 300); +time(NULL) + 300); TALLOC_FREE(cache_key); DEBUGADD(4,("Printer not found\n")); return WERR_INVALID_PRINTER_NAME; } - gencache_set(cache_key, sname, time_mono(NULL) + 300); + gencache_set(cache_key, sname, time(NULL) + 300); TALLOC_FREE(cache_key); DEBUGADD(4,("set_printer_hnd_name: Printer found: %s -> %s\n", aprinter, sname)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 06281e8 vfs_glusterfs: Fix a memory leak in connect path from 945e55c s3-selftest: Add a substituions testcase https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 06281e8f1b912540a8cc2a79497b074dbe559d53 Author: Anoop C S Date: Fri Oct 7 16:05:29 2016 +0530 vfs_glusterfs: Fix a memory leak in connect path Early return in case of failure to set snapdir-entry-path xlator option leaks talloced tmp_ctx. Signed-off-by: Anoop C S Reviewed-by: Guenther Deschner Reviewed-by: Andreas Schneider Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Oct 7 19:39:11 CEST 2016 on sn-devel-144 --- Summary of changes: source3/modules/vfs_glusterfs.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c index a467235..732ca51 100644 --- a/source3/modules/vfs_glusterfs.c +++ b/source3/modules/vfs_glusterfs.c @@ -224,8 +224,7 @@ static int vfs_gluster_connect(struct vfs_handle_struct *handle, if (ret < 0) { DEBUG(0, ("%s: Failed to set xlator option:" " snapdir-entry-path\n", volume)); - glfs_fini(fs); - return -1; + goto done; } ret = glfs_set_logging(fs, logfile, loglevel); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f85b233a s4-kdc: Fix Coverity ID #1373385 (OVERRUN) via 9ad014e s4-kdc: Fix Coverity ID #1373386 (Resource Leak) via 9e98ac0 autobuild: add system-mitkrb5 build environment. from 28eae08 gensec_krb5: Implement smb_krb5_rd_req_decoded() with MIT Kerberos https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f85b233a3e71447428aef312d8d369a37653f399 Author: Günther Deschner Date: Tue Sep 27 18:34:38 2016 +0200 s4-kdc: Fix Coverity ID #1373385 (OVERRUN) Guenther Pair-Programmed-With: Volker Lendecke Pair-Programmed-With: Andreas Schneider Signed-off-by: Guenther Deschner Signed-off-by: Andreas Schneider Signed-off-by: Volker Lendecke Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Sep 29 22:16:52 CEST 2016 on sn-devel-144 commit 9ad014ea4f9e0a770e4d90815410844180e22461 Author: Günther Deschner Date: Tue Sep 27 18:30:29 2016 +0200 s4-kdc: Fix Coverity ID #1373386 (Resource Leak) Guenther Pair-Programmed-With: Volker Lendecke Signed-off-by: Guenther Deschner commit 9e98ac05c24bac7e49821160b0b3330fb95b68c2 Author: Günther Deschner Date: Mon Sep 26 02:46:56 2016 +0200 autobuild: add system-mitkrb5 build environment. We finally need to make sure the build with MIT Kerberos does not break all the time. Guenther Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Guenther Deschner Signed-off-by: Stefan Metzmacher --- Summary of changes: script/autobuild.py | 17 - source4/kdc/db-glue.c | 8 2 files changed, 20 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/script/autobuild.py b/script/autobuild.py index b435790..356b7fa 100755 --- a/script/autobuild.py +++ b/script/autobuild.py @@ -29,6 +29,7 @@ builddirs = { "samba-libs" : ".", "samba-static" : ".", "samba-test-only" : ".", +"samba-systemkrb5" : ".", "ldb" : "lib/ldb", "tdb" : "lib/tdb", "talloc" : "lib/talloc", @@ -40,7 +41,7 @@ builddirs = { "retry" : "." } -defaulttasks = [ "ctdb", "samba", "samba-xc", "samba-o3", "samba-ctdb", "samba-libs", "samba-static", "ldb", "tdb", "talloc", "replace", "tevent", "pidl" ] +defaulttasks = [ "ctdb", "samba", "samba-xc", "samba-o3", "samba-ctdb", "samba-libs", "samba-static", "samba-systemkrb5", "ldb", "tdb", "talloc", "replace", "tevent", "pidl" ] if os.environ.get("AUTOBUILD_SKIP_SAMBA_O3", "0") == "1": defaulttasks.remove("samba-o3") @@ -162,6 +163,20 @@ tasks = { ("nonshared-configure", "./configure.developer " + samba_configure_params + " --bundled-libraries=talloc,tdb,pytdb,ldb,pyldb,tevent,pytevent --with-static-modules=ALL --nonshared-binary=smbtorture,smbd/smbd", "text/plain"), ("nonshared-make", "make -j", "text/plain")], +"samba-systemkrb5" : [ + ("random-sleep", "script/random-sleep.sh 60 600", "text/plain"), + ("configure", "./configure.developer " + samba_configure_params + " --with-system-mitkrb5 --without-ad-dc", "text/plain"), + ("make", "make -j", "text/plain"), + # we currently cannot run a full make test, a limited list of tests could be run + # via "make test TESTS=sometests" + # ("test", "make test FAIL_IMMEDIATELY=1", "text/plain"), + ("install", "make install", "text/plain"), + ("check-clean-tree", "script/clean-source-tree.sh", "text/plain"), + ("clean", "make clean", "text/plain") + ], + + + "ldb" : [ ("random-sleep", "../../script/random-sleep.sh 60 600", "text/plain"), ("configure", "./configure --enable-developer -C ${PREF
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 28eae08 gensec_krb5: Implement smb_krb5_rd_req_decoded() with MIT Kerberos via 64b2b0d gensec_krb5: Create a MIT Kerberos gensec_krb5_session_info() via 32ae672 s3: winbind: refresh_sequence_number is only ever called with 'false'. via a5264b1 mit: make it possible to build with MIT kerberos and --picky-developer via cad43f2 lib: Annotate well known SID names from ccfba25 s3: auth: Use wbcAuthenticateUserEx to prime the caches. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 28eae08ef71094f9ce053ca27a35f91e040d983c Author: Andreas Schneider Date: Thu Aug 11 11:29:53 2016 +0200 gensec_krb5: Implement smb_krb5_rd_req_decoded() with MIT Kerberos Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Sep 29 11:56:41 CEST 2016 on sn-devel-144 commit 64b2b0dacd1491c1801a6e3dc147afe023630dae Author: Andreas Schneider Date: Fri Aug 12 09:21:42 2016 +0200 gensec_krb5: Create a MIT Kerberos gensec_krb5_session_info() Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 32ae6721cf02412af3c5a82d5da4806f4d931bcd Author: Jeremy Allison Date: Wed Sep 28 10:12:36 2016 -0700 s3: winbind: refresh_sequence_number is only ever called with 'false'. Remove redundant parameter. Signed-off-by: Jeremy Allison Reviewed-by: Ira Cooper Reviewed-by: Guenther Deschner commit a5264b187b9b9c777c567c8bbb39c1259c03ab9d Author: Günther Deschner Date: Wed Sep 28 19:19:06 2016 +0200 mit: make it possible to build with MIT kerberos and --picky-developer Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider commit cad43f2cd49956a386a2911424da2854a4a1f06e Author: Steve French Date: Mon Sep 26 21:12:07 2016 -0500 lib: Annotate well known SID names Add Samba specific well known SIDs for Unix UID and GID owner. Signed-off-by: Steve French Reviewed-by: Guenther Deschner --- Summary of changes: auth/credentials/credentials_krb5.c | 3 +- auth/kerberos/gssapi_pac.c| 3 +- libcli/security/util_sid.c| 36 +- librpc/idl/security.idl | 4 ++ source3/librpc/crypto/gse.c | 3 +- source3/winbindd/winbindd_cache.c | 37 +- source4/auth/gensec/gensec_krb5.c | 123 +- source4/auth/gensec/gensec_krb5_mit.c | 102 source4/auth/gensec/wscript_build | 8 ++- 9 files changed, 293 insertions(+), 26 deletions(-) create mode 100644 source4/auth/gensec/gensec_krb5_mit.c Changeset truncated at 500 lines: diff --git a/auth/credentials/credentials_krb5.c b/auth/credentials/credentials_krb5.c index 36c8a32..4c903f2 100644 --- a/auth/credentials/credentials_krb5.c +++ b/auth/credentials/credentials_krb5.c @@ -520,6 +520,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, struct ccache_container *ccache; #ifdef HAVE_GSS_KRB5_CRED_NO_CI_FLAGS_X gss_buffer_desc empty_buffer = GSS_C_EMPTY_BUFFER; + gss_OID oid = discard_const(GSS_KRB5_CRED_NO_CI_FLAGS_X); #endif krb5_enctype *etypes = NULL; @@ -645,7 +646,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, * http://krbdev.mit.edu/rt/Ticket/Display.html?id=6938 */ maj_stat = gss_set_cred_option(&min_stat, &gcc->creds, - GSS_KRB5_CRED_NO_CI_FLAGS_X, + oid, &empty_buffer); if (maj_stat) { talloc_free(gcc); diff --git a/auth/kerberos/gssapi_pac.c b/auth/kerberos/gssapi_pac.c index bcc1ba4..253976a 100644 --- a/auth/kerberos/gssapi_pac.c +++ b/auth/kerberos/gssapi_pac.c @@ -112,10 +112,11 @@ NTSTATUS gssapi_obtain_pac_blob(TALLOC_CTX *mem_ctx, &pac_buffer, &pac_display_buffer, &more); if (gss_maj != 0) { + gss_OID oid = discard_const(gss_mech_krb5); DBG_NOTICE("obtaining PAC via GSSAPI gss_get_name_attribute " "failed: %s\n", gssapi_error_string(mem_ctx, gss_maj, gss_min, - gss_mech_krb5)); + oid)); return NT_STATUS_ACCESS_DENIED; } else if (authenticated && complete) { /* The PAC blob is returned directly */ diff --
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via dc17549 s3-modules: fix build warning in vfs shadow copy2 module from 631e063 s3-lib: Do not set an empty string in split_domain_user() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dc1754937fcff9456f28acc6ce835a867d380e65 Author: Günther Deschner Date: Sun Sep 25 03:30:19 2016 +0200 s3-modules: fix build warning in vfs shadow copy2 module Guenther Signed-off-by: Guenther Deschner Reviewed-by: Volker Lendecke Autobuild-User(master): Günther Deschner Autobuild-Date(master): Sun Sep 25 16:42:30 CEST 2016 on sn-devel-144 --- Summary of changes: source3/modules/vfs_shadow_copy2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_shadow_copy2.c b/source3/modules/vfs_shadow_copy2.c index 1f876e7..6a25c87 100644 --- a/source3/modules/vfs_shadow_copy2.c +++ b/source3/modules/vfs_shadow_copy2.c @@ -194,7 +194,7 @@ static bool shadow_copy2_update_snaplist(struct vfs_handle_struct *handle, * time. */ if (seconds > 0 || (priv->snaps->snaplist == NULL)) { - smb_fname.base_name = "."; + smb_fname.base_name = discard_const_p(char, "."); fsp.fsp_name = &smb_fname; ret = shadow_copy2_get_shadow_copy_data(handle, &fsp, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 872a18b s4-torture: parse spoolss ndr packets using iremotewinspool calls via 5b1cc2c s4-torture: add IRemoteWinspool ndr testsuite. via ac5e69b idl: compile iremotewinspool.idl. via a13c585 librpc: add IRemoteWinspool idl via fac9471 s4-torture: add new test to compare "ServerSecurityDescriptor" and GetPrinter level 3. via 4ca831d s3-spoolss: in _spoolss_OpenPrinterEx map max_allowed for the print server via 52b8b59 s3-spoolss: allow SetPrinter level 3 for server handles as well. via b9475e8 s3-spoolss: use server sd stored in the backend in _spoolss_GetPrinter level 3 via b78c96d s4-torture: test spoolss_SetPrinter level 3 on server handle. via 23a3abf s3-rpc_client: add winreg_set_printserver_secdesc. via 302cb08 s3-rpc_client: add winreg_get_printserver_secdesc. via e207feb s3-spoolss: Fix _spoolss_GetPrinter behaviour for server handles. via 7ef26d3 s4-torture: test GetPrinter level 3 on server handle (security descriptor query) via c6d700e spoolss: rename RPC_PrintNamedProperty to spoolss_PrintNamedProperty via 1e4ea50 spoolss: rename spoolss_RpcSendRecvBidiData to spoolss_SendRecvBidiData via 6476153 spoolss: rename spoolss_RpcEnumJobNamedProperties to spoolss_EnumJobNamedProperties via cdf9588 spoolss: rename spoolss_RpcDeleteJobNamedProperty to spoolss_DeleteJobNamedProperty via 17d94d0 spoolss: rename spoolss_RpcSetJobNamedProperty to spoolss_SetJobNamedProperty via d64b316 spoolss: rename spoolss_RpcGetJobNamedPropertyValue to spoolss_GetJobNamedPropertyValue via 23f404b spoolss: rename spoolss_EnumPrintProcDataTypes to spoolss_EnumPrintProcessorDataTypes from 0ec0182 ctdb-daemon: Log when removing stale Unix domain socket https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 872a18bbb46db9cff6eb0776415ab6044842b1b0 Author: Günther Deschner Date: Tue Aug 30 18:55:39 2016 +0200 s4-torture: parse spoolss ndr packets using iremotewinspool calls Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Sep 22 16:16:30 CEST 2016 on sn-devel-144 commit 5b1cc2c9c726b43b7c77476a338676e12852d8a5 Author: Günther Deschner Date: Thu May 16 18:20:20 2013 +0200 s4-torture: add IRemoteWinspool ndr testsuite. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit ac5e69b86859e00e164acc41e2c5dbce6a2cb2fc Author: Günther Deschner Date: Tue Jan 15 15:20:32 2013 +0100 idl: compile iremotewinspool.idl. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit a13c58574b9fd0f7bfa929642953221ea4b4b3d3 Author: Günther Deschner Date: Tue Aug 4 18:52:52 2009 +0200 librpc: add IRemoteWinspool idl Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit fac947194bda3ab42a25bff40bd3a33c42828fb5 Author: Günther Deschner Date: Tue Sep 13 09:28:03 2016 +0200 s4-torture: add new test to compare "ServerSecurityDescriptor" and GetPrinter level 3. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit 4ca831d09cecc1e157eb18b44f4e3c8edec84a13 Author: Günther Deschner Date: Sat Sep 10 11:11:12 2016 +0200 s3-spoolss: in _spoolss_OpenPrinterEx map max_allowed for the print server TODO: do real access checks against the security descriptor. Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Guenther Deschner Signed-off-by: Stefan Metzmacher commit 52b8b592c28e772986f808d4d463348692baf702 Author: Günther Deschner Date: Sat Sep 10 11:10:12 2016 +0200 s3-spoolss: allow SetPrinter level 3 for server handles as well. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit b9475e88deaa0626e9d302c7559308b707a96229 Author: Günther Deschner Date: Sat Sep 10 11:09:44 2016 +0200 s3-spoolss: use server sd stored in the backend in _spoolss_GetPrinter level 3 Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit b78c96d878e959d0f91b13b0ce040c233ac8c6cc Author: Günther Deschner Date: Sat Sep 10 11:07:06 2016 +0200 s4-torture: test spoolss_SetPrinter level 3 on server handle. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher commit 23a3abfe0097f782b2cba134db2ead2c5b47237e Author: Günther Deschner Date: Sat Sep 10 00:07:23 2016 +0200 s3-rpc_client: add winreg_set_printserver_secdesc. Guenther Signed-off-by: Guenther Deschner
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 82778a6 pidl: fix field2name wireshark dissector test. via 0ee5c99 pidl: Keep case from fieldnames. via 5bbaf81 s4:torture:smb2 prefer torture_comment() to printf(). via 1659225 s4:torture:smb2:acls: prefer torture_comment() to printf(). via dcfe4df s4:torture:smb2:scan: prefer torture_comment() to printf(). via e9e1099 s4:torture:smb2:getinfo: prefer torture_comment() to printf(). via d06d6bd s4:torture:smb2:maxwrite: compile maxwrite test at least. via 240ca83 s4-torture: reformat TORTURE_SMB2 wscript_build list. via 1488f7e s4:torture:smb2:maxwrite: prefer torture_comment() to printf(). via d3e4106 source4/torture/rpc/testjoin.c: prefer torture_comment() over printf(). via 351a5f3 s4:torture:smb2:connect: prefer torture_comment() to printf(). from 839cd98 s4-torture: cleanup torture_suite_add_ndr_pull_validate_test API. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 82778a6d04580fc05f3f83d44f57f221ad4e8ac4 Author: Günther Deschner Date: Tue Sep 6 22:37:12 2016 +0200 pidl: fix field2name wireshark dissector test. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Stefan Metzmacher Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Sep 7 16:05:26 CEST 2016 on sn-devel-144 commit 0ee5c9997e6c91f5fdffa36b9abf72883f67545d Author: Günther Deschner Date: Wed May 11 15:41:02 2016 +0200 pidl: Keep case from fieldnames. Change-Id: I5626cfa0487cc88eb65cc349c05ae1762bc953f4 Signed-off-by: Guenther Deschner Reviewed-on: https://code.wireshark.org/review/16720 Petri-Dish: Michael Mann Tested-by: Petri Dish Buildbot Reviewed-by: Michael Mann Reviewed-by: Stefan Metzmacher commit 5bbaf816122429004101da4e6401ddd12ea52988 Author: Günther Deschner Date: Mon Feb 22 15:40:50 2016 +0100 s4:torture:smb2 prefer torture_comment() to printf(). Guenther Signed-off-by: Guenther Deschner Reviewed-by: Uri Simchoni commit 16592252cfa7e037edf58736c1f298243d62ea9e Author: Günther Deschner Date: Mon Feb 22 16:27:44 2016 +0100 s4:torture:smb2:acls: prefer torture_comment() to printf(). Guenther Signed-off-by: Guenther Deschner Reviewed-by: Uri Simchoni commit dcfe4df2eef2e6d247da37bc0cf5551e743438e0 Author: Günther Deschner Date: Mon Feb 22 16:06:51 2016 +0100 s4:torture:smb2:scan: prefer torture_comment() to printf(). Guenther Signed-off-by: Guenther Deschner Reviewed-by: Uri Simchoni commit e9e109979c557965ed5071abc6b71c66573ca603 Author: Günther Deschner Date: Mon Feb 22 15:51:06 2016 +0100 s4:torture:smb2:getinfo: prefer torture_comment() to printf(). Guenther Signed-off-by: Guenther Deschner Reviewed-by: Uri Simchoni commit d06d6bdc8ca6fb4ab8dbb7fcc05d357a2228d106 Author: Günther Deschner Date: Fri Feb 26 17:25:58 2016 +0100 s4:torture:smb2:maxwrite: compile maxwrite test at least. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Uri Simchoni commit 240ca83cc9779e212fb17d11ba9a5628ab0a6505 Author: Günther Deschner Date: Fri Feb 26 17:15:32 2016 +0100 s4-torture: reformat TORTURE_SMB2 wscript_build list. Guenther Signed-off-by: Günther Deschner Reviewed-by: Uri Simchoni commit 1488f7e9445d708b1af2c3375ae410cdd85a55c9 Author: Günther Deschner Date: Mon Feb 22 15:46:24 2016 +0100 s4:torture:smb2:maxwrite: prefer torture_comment() to printf(). Guenther Signed-off-by: Guenther Deschner Reviewed-by: Uri Simchoni commit d3e4106420c2108d8f834fda4728a788f28017e9 Author: Günther Deschner Date: Mon Feb 22 17:39:19 2016 +0100 source4/torture/rpc/testjoin.c: prefer torture_comment() over printf(). Guenther Signed-off-by: Guenther Deschner Reviewed-by: Uri Simchoni commit 351a5f38754ccdcf5dab408813c1bd60e0f7c0c4 Author: Günther Deschner Date: Mon Feb 22 15:30:26 2016 +0100 s4:torture:smb2:connect: prefer torture_comment() to printf(). Guenther Signed-off-by: Günther Deschner Reviewed-by: Uri Simchoni --- Summary of changes: pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 2 +- pidl/tests/wireshark-ndr.pl | 2 +- source4/torture/rpc/testjoin.c | 90 +++-- source4/torture/smb2/acls.c | 4 +- source4/torture/smb2/connect.c | 109 ++- source4/torture/smb2/create.c| 2 +- source4/torture/smb2/dir.c | 4 +- source4/torture/smb2/getinfo.c | 38 ++-- source4/torture/smb2/maxwrite.c | 43 -- source4/torture/smb2
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d8b57e3 s3-spoolss: fix _spoolss_GetPrinterDataEx by moving the keyname lengthcheck. via 518b2a3 s4-torture: test GetPrinterData with server handle and 0 keylength. via d569bda pidl: support HRESULT as return code in wireshark autogenerated dissectors. from fee1f4c tevent: fix confused documentation https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d8b57e3828eac084ad302a90b33c35ff4e918e5a Author: Günther Deschner Date: Thu Sep 1 19:55:40 2016 +0200 s3-spoolss: fix _spoolss_GetPrinterDataEx by moving the keyname lengthcheck. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Sep 7 03:00:14 CEST 2016 on sn-devel-144 commit 518b2a3f5f3a4814e96546505487b775b5dbca40 Author: Günther Deschner Date: Thu Sep 1 19:54:46 2016 +0200 s4-torture: test GetPrinterData with server handle and 0 keylength. This is what e.g. Windows 10 does a lot. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Andreas Schneider commit d569bda1e5452e13aa3dcf63a501aa581930589f Author: Günther Deschner Date: Mon Sep 28 07:28:28 2015 +0200 pidl: support HRESULT as return code in wireshark autogenerated dissectors. Guenther Change-Id: I68b7c579c5a519e429d2f4c2b3f63247e02f24e3 Signed-off-by: Günther Deschner Reviewed-on: https://code.wireshark.org/review/16718 Reviewed-by: Michael Mann Reviewed-by: Stefan Metzmacher --- Summary of changes: pidl/lib/Parse/Pidl/Wireshark/NDR.pm| 9 - source3/rpc_server/spoolss/srv_spoolss_nt.c | 12 ++-- source4/torture/rpc/spoolss.c | 22 +++--- 3 files changed, 29 insertions(+), 14 deletions(-) Changeset truncated at 500 lines: diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm index 8161646..21ef714 100644 --- a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm +++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm @@ -571,7 +571,7 @@ sub Function($$$) $self->pidl_code("{"); $self->indent; if ( not defined($fn->{RETURN_TYPE})) { - } elsif ($fn->{RETURN_TYPE} eq "NTSTATUS" or $fn->{RETURN_TYPE} eq "WERROR") + } elsif ($fn->{RETURN_TYPE} eq "NTSTATUS" or $fn->{RETURN_TYPE} eq "WERROR" or $fn->{RETURN_TYPE} eq "HRESULT") { $self->pidl_code("guint32 status;\n"); } elsif (my $type = getType($fn->{RETURN_TYPE})) { @@ -607,6 +607,11 @@ sub Function($$$) $self->pidl_code("\tcol_append_fstr(pinfo->cinfo, COL_INFO, \", Error: %s\", val_to_str(status, WERR_errors, \"Unknown DOS error 0x%08x\"));\n"); $return_types{$ifname}->{"werror"} = ["WERROR", "Windows Error"]; + } elsif ($fn->{RETURN_TYPE} eq "HRESULT") { + $self->pidl_code("offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, di, drep, hf\_$ifname\_hresult, &status);\n"); + $self->pidl_code("if (status != 0)"); + $self->pidl_code("\tcol_append_fstr(pinfo->cinfo, COL_INFO, \", Error: %s\", val_to_str(status, HRES_errors, \"Unknown HRES error 0x%08x\"));\n"); + $return_types{$ifname}->{"hresult"} = ["HRESULT", "HRES Windows Error"]; } elsif (my $type = getType($fn->{RETURN_TYPE})) { if ($type->{DATA}->{TYPE} eq "ENUM") { my $return_type = "g".Parse::Pidl::Typelist::enum_type_fn($type->{DATA}); @@ -1099,6 +1104,8 @@ sub Initialize($$) "offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, di, drep, \@HF\@, \@PARAM\@);","FT_UINT32", "BASE_DEC", 0, "VALS(WERR_errors)", 4); $self->register_type("NTSTATUS", "offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, di, drep, \@HF\@, \@PARAM\@);","FT_UINT32", "BASE_DEC", 0, "VALS(NT_errors)", 4); + $self->register_type("HRESULT", + "offset = PIDL_dissect_uint32(tvb, offset, pinfo, tree, di, drep, \@HF\@, \@PARAM\@);","FT_UINT32", "BASE_DEC", 0, "VALS(HRES_errors)", 4); $self->register_type("ipv6address", "proto_tree_add_item(tree, \@HF\@, tvb, offset, 16, ENC_NA); offset += 16;", "FT_IPv6", "BASE_NONE"
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f5e7494 Wrap krb5_cc_copy_creds and krb5_cc_copy_cache from 5505e36 kcc: fix a typo https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f5e749414fd6bca8a7d1ed73ebb793d1bd98961c Author: Alexander Bokovoy Date: Sun Jul 24 15:47:33 2016 +0300 Wrap krb5_cc_copy_creds and krb5_cc_copy_cache Heimdal and MIT Kerberos have different API to copy credentials from a ccache. Wrap it via lib/krb5_wrap/. Signed-off-by: Alexander Bokovoy Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Mon Jul 25 21:27:58 CEST 2016 on sn-devel-144 --- Summary of changes: auth/credentials/credentials_krb5.c | 4 ++-- lib/krb5_wrap/krb5_samba.c | 12 lib/krb5_wrap/krb5_samba.h | 3 +++ source4/heimdal_build/wscript_configure | 1 + wscript_configure_system_mitkrb5| 1 + 5 files changed, 19 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/auth/credentials/credentials_krb5.c b/auth/credentials/credentials_krb5.c index 0bd6595..82b6de9 100644 --- a/auth/credentials/credentials_krb5.c +++ b/auth/credentials/credentials_krb5.c @@ -763,8 +763,8 @@ static int cli_credentials_shallow_ccache(struct cli_credentials *cred) TALLOC_FREE(ccache_name); - ret = krb5_cc_copy_cache(ccc->smb_krb5_context->krb5_context, -old_ccc->ccache, ccc->ccache); + ret = smb_krb5_cc_copy_creds(ccc->smb_krb5_context->krb5_context, +old_ccc->ccache, ccc->ccache); if (ret != 0) { TALLOC_FREE(ccc); return ret; diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c index 8064f17..2943b33 100644 --- a/lib/krb5_wrap/krb5_samba.c +++ b/lib/krb5_wrap/krb5_samba.c @@ -3039,6 +3039,18 @@ krb5_error_code krb5_warnx(krb5_context context, const char *fmt, ...) } #endif +krb5_error_code smb_krb5_cc_copy_creds(krb5_context context, + krb5_ccache incc, krb5_ccache outcc) +{ +#ifdef HAVE_KRB5_CC_COPY_CACHE /* Heimdal */ + return krb5_cc_copy_cache(context, incc, outcc); +#elif defined(HAVE_KRB5_CC_COPY_CREDS) + return krb5_cc_copy_creds(context, incc, outcc); +#else +#error UNKNOWN_KRB5_CC_COPY_CACHE_OR_CREDS_FUNCTION +#endif +} + #else /* HAVE_KRB5 */ /* this saves a few linking headaches */ int cli_krb5_get_ticket(TALLOC_CTX *mem_ctx, diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h index f988858..2d31619 100644 --- a/lib/krb5_wrap/krb5_samba.h +++ b/lib/krb5_wrap/krb5_samba.h @@ -396,6 +396,9 @@ int smb_krb5_principal_get_type(krb5_context context, krb5_error_code krb5_warnx(krb5_context context, const char *fmt, ...); #endif +krb5_error_code smb_krb5_cc_copy_creds(krb5_context context, + krb5_ccache incc, krb5_ccache outcc); + #endif /* HAVE_KRB5 */ int cli_krb5_get_ticket(TALLOC_CTX *mem_ctx, diff --git a/source4/heimdal_build/wscript_configure b/source4/heimdal_build/wscript_configure index 79b461c..67ac34b 100755 --- a/source4/heimdal_build/wscript_configure +++ b/source4/heimdal_build/wscript_configure @@ -104,6 +104,7 @@ conf.define('HAVE_INITIALIZE_KRB5_ERROR_TABLE', 1) conf.define('HAVE_KRB5_ADDRESSES', 1) conf.define('HAVE_KRB5_AUTH_CON_SETKEY', 1) conf.define('HAVE_KRB5_CC_GET_LIFETIME', 1) +conf.define('HAVE_KRB5_CC_COPY_CACHE', 1) conf.define('HAVE_KRB5_CREATE_CHECKSUM', 1) conf.define('HAVE_KRB5_CRYPTO', 1) conf.define('HAVE_KRB5_CRYPTO_DESTROY', 1) diff --git a/wscript_configure_system_mitkrb5 b/wscript_configure_system_mitkrb5 index 0d47ccb..57a729d 100644 --- a/wscript_configure_system_mitkrb5 +++ b/wscript_configure_system_mitkrb5 @@ -118,6 +118,7 @@ conf.CHECK_FUNCS(''' krb5_get_init_creds_keyblock krb5_get_init_creds_keytab krb5_make_principal krb5_build_principal_alloc_va krb5_cc_get_lifetime krb5_cc_retrieve_cred + krb5_cc_copy_creds krb5_free_checksum_contents krb5_c_make_checksum krb5_create_checksum krb5_config_get_bool_default krb5_get_profile krb5_data_copy -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 234a470 s3:libnet: accept empty realm for AD domains when only security=domain is set. via 632faa8 s3-libnet: Print error string even on successfuly completion of libnetjoin. via 169e8ae s3-libnetapi: Correctly check for lp_realm. from 4c408f6 libnet_join: use sitename if it was set by pre-join detection https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 234a470f198f8f09f46aaeaf58f966faccedef18 Author: Günther Deschner Date: Tue May 31 18:47:34 2016 +0200 s3:libnet: accept empty realm for AD domains when only security=domain is set. Initial patch from Matt Rogers @ RedHat. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11977 Guenther Pair-Programmed-With: Andreas Schneider Signed-off-by: Guenther Deschner Signed-off-by: Andreas Schneider Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Jun 15 20:28:31 CEST 2016 on sn-devel-144 commit 632faa87610b3afca3f8d3e9f3f46ee6b87f362a Author: Günther Deschner Date: Wed Jun 15 16:04:29 2016 +0200 s3-libnet: Print error string even on successfuly completion of libnetjoin. Sometimes useful information should be printed to the users. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11977 Guenther Signed-off-by: Guenther Deschner commit 169e8aeda5e9d851ec818b5c2543ec59c8bc0c31 Author: Andreas Schneider Date: Wed Jun 15 16:05:58 2016 +0200 s3-libnetapi: Correctly check for lp_realm. Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner --- Summary of changes: source3/lib/netapi/joindomain.c | 11 +++ source3/libnet/libnet_join.c| 17 + source3/utils/net_ads.c | 5 + source3/utils/net_rpc.c | 10 ++ 4 files changed, 39 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/netapi/joindomain.c b/source3/lib/netapi/joindomain.c index 632c8c6..dc224b6 100644 --- a/source3/lib/netapi/joindomain.c +++ b/source3/lib/netapi/joindomain.c @@ -175,6 +175,7 @@ WERROR NetUnjoinDomain_l(struct libnetapi_ctx *mem_ctx, const char *domain = NULL; WERROR werr; struct libnetapi_private_ctx *priv; + const char *realm = lp_realm(); priv = talloc_get_type_abort(mem_ctx->private_data, struct libnetapi_private_ctx); @@ -186,8 +187,8 @@ WERROR NetUnjoinDomain_l(struct libnetapi_ctx *mem_ctx, werr = libnet_init_UnjoinCtx(mem_ctx, &u); W_ERROR_NOT_OK_RETURN(werr); - if (lp_realm()) { - domain = lp_realm(); + if (realm[0] != '\0') { + domain = realm; } else { domain = lp_workgroup(); } @@ -352,8 +353,10 @@ WERROR NetGetJoinInformation_r(struct libnetapi_ctx *ctx, WERROR NetGetJoinInformation_l(struct libnetapi_ctx *ctx, struct NetGetJoinInformation *r) { - if ((lp_security() == SEC_ADS) && lp_realm()) { - *r->out.name_buffer = talloc_strdup(ctx, lp_realm()); + const char *realm = lp_realm(); + + if ((lp_security() == SEC_ADS) && realm[0] != '\0') { + *r->out.name_buffer = talloc_strdup(ctx, realm); } else { *r->out.name_buffer = talloc_strdup(ctx, lp_workgroup()); } diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index c007183..abb9cff 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -2367,9 +2367,26 @@ static WERROR libnet_join_check_config(TALLOC_CTX *mem_ctx, W_ERROR_HAVE_NO_MEMORY(wrong_conf); } + /* +* We should generate the warning for the special case when +* domain is AD, "security = domain" and the realm parameter is +* not set. +*/ + if (lp_security() == SEC_DOMAIN && + r->out.domain_is_ad && + !valid_realm) { + libnet_join_set_error_string(mem_ctx, r, + "Warning: when joining AD domains with security=domain, " + "\"realm\" should be defined in the configuration (%s) " + "and configuration modification was not requested", + wrong_conf); + return WERR_OK; + } + libnet_join_set_error_string(mem_ctx, r, "Invalid configuration (%s) and configuration modification "
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f15b23f packaging: Set default limit for core file size in service files via ba9ccc6 packaging: Set default limit for core file size in init scripts via 46524b4 packaging: Remove ulimit usage for setting core file size limit from aa57604 s3:smbd: fix anonymous authentication if signing is mandatory https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f15b23f8358d7b2f60b1df0f81bb93a2c8789af4 Author: Anoop C S Date: Tue May 10 15:08:07 2016 +0530 packaging: Set default limit for core file size in service files This change adds the missing LimitCORE variable setting in nmb and winbind service files to have no limit for coredumps by default. Signed-off-by: Anoop C S Reviewed-by: Jose A. Rivera Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed May 18 19:26:49 CEST 2016 on sn-devel-144 commit ba9ccc6be48e8541748afbf31d5e5dba7d1baf8e Author: Anoop C S Date: Tue May 10 21:07:01 2016 +0530 packaging: Set default limit for core file size in init scripts SysV init scripts used for initiating smb and winbind services determines the value for default limit of coredump from variable named DAEMON_COREFILE_LIMIT within a bash env. Therefore this patch explicitly sets this variable to 'unlimited' so as to have no limit for core file size by default. Signed-off-by: Anoop C S Reviewed-by: Jose A. Rivera Reviewed-by: Guenther Deschner commit 46524b4543acc9d104d85136c0a4a9e006fc099c Author: Anoop C S Date: Tue May 10 14:50:14 2016 +0530 packaging: Remove ulimit usage for setting core file size limit Recent commit ebd139c4db7e51a2d7843a773991f15cadf504dd modified smb.init to set core file size to 'unlimited' by default using the ulimit command. But when smb and winbind services are initiated via sysv init scripts, another variable named DAEMON_COREFILE_LIMIT takes higher priority in deciding the core file size. Therefore setting default value using ulimit command is useless. Signed-off-by: Anoop C S Reviewed-by: Jose A. Rivera Reviewed-by: Guenther Deschner --- Summary of changes: packaging/RHEL-CTDB/setup/smb.init | 3 ++- packaging/RHEL-CTDB/setup/winbind.init | 2 ++ packaging/RHEL/setup/smb.init | 3 ++- packaging/RHEL/setup/winbind.init | 2 ++ packaging/systemd/nmb.service | 1 + packaging/systemd/winbind.service | 1 + 6 files changed, 10 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/packaging/RHEL-CTDB/setup/smb.init b/packaging/RHEL-CTDB/setup/smb.init index 00984d2..39bf0a8 100644 --- a/packaging/RHEL-CTDB/setup/smb.init +++ b/packaging/RHEL-CTDB/setup/smb.init @@ -18,6 +18,8 @@ else exit 0 fi +DAEMON_COREFILE_LIMIT='unlimited' + # Avoid using root's TMPDIR unset TMPDIR @@ -51,7 +53,6 @@ RETVAL=0 start() { KIND="SMB" echo -n $"Starting $KIND services: " - ulimit -c unlimited daemon smbd $SMBDOPTIONS RETVAL=$? echo diff --git a/packaging/RHEL-CTDB/setup/winbind.init b/packaging/RHEL-CTDB/setup/winbind.init index a99038f..2a9dd82 100644 --- a/packaging/RHEL-CTDB/setup/winbind.init +++ b/packaging/RHEL-CTDB/setup/winbind.init @@ -16,6 +16,8 @@ else exit 0 fi +DAEMON_COREFILE_LIMIT='unlimited' + # Avoid using root's TMPDIR unset TMPDIR diff --git a/packaging/RHEL/setup/smb.init b/packaging/RHEL/setup/smb.init index dff9cd8..96fb74a 100644 --- a/packaging/RHEL/setup/smb.init +++ b/packaging/RHEL/setup/smb.init @@ -18,6 +18,8 @@ else exit 0 fi +DAEMON_COREFILE_LIMIT='unlimited' + # Avoid using root's TMPDIR unset TMPDIR @@ -50,7 +52,6 @@ RETVAL=0 start() { KIND="SMB" echo -n $"Starting $KIND services: " - ulimit -c unlimited daemon smbd $SMBDOPTIONS RETVAL=$? echo diff --git a/packaging/RHEL/setup/winbind.init b/packaging/RHEL/setup/winbind.init index a99038f..2a9dd82 100644 --- a/packaging/RHEL/setup/winbind.init +++ b/packaging/RHEL/setup/winbind.init @@ -16,6 +16,8 @@ else exit 0 fi +DAEMON_COREFILE_LIMIT='unlimited' + # Avoid using root's TMPDIR unset TMPDIR diff --git a/packaging/systemd/nmb.service b/packaging/systemd/nmb.service index 3d71a7d..992c0cd 100644 --- a/packaging/systemd/nmb.service +++ b/packaging/systemd/nmb.service @@ -9,6 +9,7 @@ PIDFile=/run/nmbd.pid EnvironmentFile=-/etc/sysconfig/samba ExecStart=/usr/sbin/nmbd $NMBDOPTIONS ExecReload=/usr/bin/kill -HUP $MAINPID +LimitCORE=infinity [Install] WantedBy=multi-user.target diff --git a/pack
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ebd139c init: set core file size to unlimited by default from 866ca59 ctdb-recoverd: Fold IP allocation house-keeping into IP verification https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ebd139c4db7e51a2d7843a773991f15cadf504dd Author: Raghavendra Talur Date: Mon May 2 16:14:06 2016 +0530 init: set core file size to unlimited by default BUG: https://bugzilla.samba.org/show_bug.cgi?id=11907 Signed-off-by: Raghavendra Talur Reviewed-by: Guenther Deschner Reviewed-by: Jose A. Rivera Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri May 6 19:15:17 CEST 2016 on sn-devel-144 --- Summary of changes: packaging/RHEL-CTDB/setup/smb.init | 1 + packaging/RHEL/setup/smb.init | 1 + packaging/systemd/smb.service | 1 + 3 files changed, 3 insertions(+) Changeset truncated at 500 lines: diff --git a/packaging/RHEL-CTDB/setup/smb.init b/packaging/RHEL-CTDB/setup/smb.init index 4dd5b23..00984d2 100644 --- a/packaging/RHEL-CTDB/setup/smb.init +++ b/packaging/RHEL-CTDB/setup/smb.init @@ -51,6 +51,7 @@ RETVAL=0 start() { KIND="SMB" echo -n $"Starting $KIND services: " + ulimit -c unlimited daemon smbd $SMBDOPTIONS RETVAL=$? echo diff --git a/packaging/RHEL/setup/smb.init b/packaging/RHEL/setup/smb.init index af85b2c..dff9cd8 100644 --- a/packaging/RHEL/setup/smb.init +++ b/packaging/RHEL/setup/smb.init @@ -50,6 +50,7 @@ RETVAL=0 start() { KIND="SMB" echo -n $"Starting $KIND services: " + ulimit -c unlimited daemon smbd $SMBDOPTIONS RETVAL=$? echo diff --git a/packaging/systemd/smb.service b/packaging/systemd/smb.service index 9810891..6053a5c 100644 --- a/packaging/systemd/smb.service +++ b/packaging/systemd/smb.service @@ -10,6 +10,7 @@ LimitNOFILE=16384 EnvironmentFile=-/etc/sysconfig/samba ExecStart=/usr/sbin/smbd $SMBDOPTIONS ExecReload=/usr/bin/kill -HUP $MAINPID +LimitCORE=infinity [Install] WantedBy=multi-user.target -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a5e349a docs: Add manpage for cifsdd via 23d2c7f s4-client: Fix cifsdd arg parsing for skip via 0ae75b0 examples: Fix script interpreter line from 833a2f4 lib: tevent: Fix memory leak reported by Pavel Březina when old signal action restored. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a5e349a5ffaba56c47dc73b809b427f17abe1c65 Author: Andreas Schneider Date: Thu Feb 11 10:49:39 2016 +0100 docs: Add manpage for cifsdd BUG: https://bugzilla.samba.org/show_bug.cgi?id=11730 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Feb 18 18:05:55 CET 2016 on sn-devel-144 commit 23d2c7f6707fee14330881c341249d6ce766dda0 Author: Andreas Schneider Date: Thu Feb 11 10:47:58 2016 +0100 s4-client: Fix cifsdd arg parsing for skip BUG: https://bugzilla.samba.org/show_bug.cgi?id=11730 Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit 0ae75b04237bafbb6e4fbc04665cf79f3c4340df Author: Andreas Schneider Date: Thu Feb 11 10:06:43 2016 +0100 examples: Fix script interpreter line Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner --- Summary of changes: docs-xml/manpages/cifsdd.8.xml | 101 + docs-xml/wscript_build | 1 + examples/misc/wall.perl| 2 +- source4/client/cifsdd.c| 2 +- 4 files changed, 104 insertions(+), 2 deletions(-) create mode 100644 docs-xml/manpages/cifsdd.8.xml Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/cifsdd.8.xml b/docs-xml/manpages/cifsdd.8.xml new file mode 100644 index 000..572ed7b --- /dev/null +++ b/docs-xml/manpages/cifsdd.8.xml @@ -0,0 +1,101 @@ + +http://www.samba.org/samba/DTD/samba-doc";> + + + + cifsdd + 8 + Samba + System Administration tools + 4.4 + + + + + cifsdd + convert and copy a file over SMB + + + + + cifsdd + OPERAND... + + + cifsdd + OPTION + + + + + DESCRIPTION + + This tool is part of the samba + 7 suite. + + Copy a file, converting and formatting according to the operands. + + + + bs=BYTES + read and write up to BYTES bytes at a time (default: 4096) + + + ibs=BYTES + read up to BYTES bytes at a time (default: 4096) + + + obs=BYTES + write BYTES bytes at a time (default: 4096) + + + + if=FILE + read from FILE instead of stdin + + + of=FILE + write to FILE instead of stdout + + + + count=N + copy only N input blocks + + + seek=N + skip N obs-sized blocks at start of output + + + skip=N + skip N ibs-sized blocks at start of input + + + + direct + use direct I/O for data + + + sync + use synchronous writes + + + oplock + take oplocks on the input and output files + + + + + + AUTHOR + + The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed. + + The cifsdd manpage was written by Andreas + Schneider. + + + diff --git a/docs-xml/wscript_build b/docs-xml/wscript_build index 3a87ad1..11b826b 100644 --- a/docs-xml/wscript_build +++ b/docs-xml/wscript_build @@ -1,6 +1,7 @@ #!/usr/bin/env python from samba_utils import save_file manpages=''' + manpages/cifsdd.8 manpages/dbwrap_tool.1 manpages/eventlogadm.8 manpages/findsmb.1 diff --git a/examples/misc/wall.perl b/examples/misc/wall.perl index 9303658..efa4ee5 100644 --- a/examples/misc/wall.perl +++ b/examples/misc/wall.perl @@ -1,4 +1,4 @@ -#!/usr/local/bin/perl +#! /usr/bin/env perl # #@(#) smb-wall.pl Description: #@(#) A perl script which allows you to announce
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7434723 tldap: Parse a search entry only if it is one via f09cebd4 tldap: Make tldap_search use tldap_search_all via 0d1165a tldap: Add tldap_pending_reqs() via d29c45c tldap: Add tldap_search_all via b6244ae tldap: Avoid a "ret == false" via 372bf52 asn1: Fix whitespace via ceb75ad spnego: Some simplifications via e46e030 asn1: Simplify _ber_read_OID_String_impl via 7d8006f ldap: Correctly check asn1_tag_remaining retval via 024c619 spnego: Correctly check asn1_tag_remaining retval via f3dbaac libads: Factor out ldap_schema_oids.h via d56e42d ldb: Avoid a "talloc_steal" via 11c5513 ldb: Fix some whitespace via 465c646 smbtorture3: Convert the tldap caller to TLDAPRC via 2c3cf3c lib: Introduce TLDAPRC via 2bd88bf tldap: Parse the sasl output blob Reviewed-by: Guenther Deschner via 3673752 tldap: Slightly simplify tldap_search_cb via 22f06c2 tldap: Mark server down if read failed via 59c1b10 tldap: Add some required includes from 2d80498 smbd: Fix CID 1351215 Improper use of negative value https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7434723ecda802e0fcefa075e583983b7671d927 Author: Volker Lendecke Date: Tue Feb 2 12:15:49 2016 +0100 tldap: Parse a search entry only if it is one Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Feb 3 18:12:44 CET 2016 on sn-devel-144 commit f09cebd4fcae562e110a5356d6144ce9d2e220a5 Author: Volker Lendecke Date: Sun Jan 31 15:29:29 2016 +0100 tldap: Make tldap_search use tldap_search_all Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit 0d1165a4241c67f88d5f0f1b718e29597698d515 Author: Volker Lendecke Date: Sun Jan 31 15:15:46 2016 +0100 tldap: Add tldap_pending_reqs() Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit d29c45ce41c3360726b67e4683703b9eb433e29d Author: Volker Lendecke Date: Tue Dec 22 13:32:01 2015 +0100 tldap: Add tldap_search_all Signed-off-by: Volker Lendecke TLDAPRC Reviewed-by: Guenther Deschner commit b6244ae2573ce6a9fef4a17172d58afa097fc200 Author: Volker Lendecke Date: Sun Jan 31 12:25:32 2016 +0100 tldap: Avoid a "ret == false" Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit 372bf525bf7dab6fe12dfd6509dc428732d2130a Author: Volker Lendecke Date: Sun Jan 31 11:12:23 2016 +0100 asn1: Fix whitespace Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit ceb75ad09e99c46e6593575867a03759b6ff58bd Author: Volker Lendecke Date: Mon Jan 11 21:58:25 2016 +0100 spnego: Some simplifications asn1_tag_remaining already checks for has_error and only returns positive if there is error-free space left Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit e46e030ee2af8d89f055ce07ec5b19f657629c38 Author: Volker Lendecke Date: Mon Jan 11 22:05:43 2016 +0100 asn1: Simplify _ber_read_OID_String_impl Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit 7d8006f3b4e4bd435db7177002198f205ca3781a Author: Volker Lendecke Date: Mon Jan 11 21:49:21 2016 +0100 ldap: Correctly check asn1_tag_remaining retval Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit 024c619fa82960ae4f8af029b6872102202ffd07 Author: Volker Lendecke Date: Mon Jan 11 21:49:21 2016 +0100 spnego: Correctly check asn1_tag_remaining retval Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit f3dbaaca4121a5c9cd4d989c36b6b50fed32faf9 Author: Volker Lendecke Date: Mon Jan 25 16:29:01 2016 +0100 libads: Factor out ldap_schema_oids.h Make the oids accessible without having to include ADS_STRUCT&friends Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit d56e42de64af84ad839749beaa22450f71bec58a Author: Volker Lendecke Date: Mon Jan 25 12:40:53 2016 +0100 ldb: Avoid a "talloc_steal" There's only one caller of "next_chunk" that does a talloc_steal right after the call. Pass in a talloc context. Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit 11c5513bb121fd43f566eacfe7b2af64f3cb3a83 Author: Volker Lendecke Date: Mon Jan 25 12:38:36 2016 +0100 ldb: Fix some whitespace Signed-off-by: Volker Lendecke Reviewed-by: Guenther Deschner commit 465c64676b09e46f7ee991a7ee5437c337ed0b50 Author: Volker Lendecke Date: Mon Jan 25 09:26:06 2016 +0100 smbtorture3: Convert
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 943e69c libsmb/pysmb: add pytalloc-util dependency to fix the build. from 8a9493f s4-dsdb: Add debug message if we have a ldb error string https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 943e69ca8fd4491004eafbf29ed2ca748b0b7480 Author: Günther Deschner Date: Mon Feb 1 23:11:13 2016 +0100 libsmb/pysmb: add pytalloc-util dependency to fix the build. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Michael Adam Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Feb 2 15:49:14 CET 2016 on sn-devel-144 --- Summary of changes: source3/wscript_build | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/wscript_build b/source3/wscript_build index 145..0c7dfc2 100755 --- a/source3/wscript_build +++ b/source3/wscript_build @@ -1494,7 +1494,7 @@ bld.SAMBA3_PYTHON('pysmbd', bld.SAMBA3_PYTHON('pylibsmb', source='libsmb/pylibsmb.c', - deps='smbclient samba-credentials', + deps='smbclient samba-credentials pytalloc-util', realname='samba/samba3/libsmb_samba_internal.so' ) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 19d3fd1 s4-rpc_server: Add missing include for ROLE_ACTIVE_DIRECTORY_DC from 7362c27 vfs_shadow_copy2: add a blackbox test suite https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 19d3fd190e039a9cd84bb93c2c2ea1b21f77583e Author: Andreas Schneider Date: Wed Jan 13 12:36:54 2016 +0100 s4-rpc_server: Add missing include for ROLE_ACTIVE_DIRECTORY_DC Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Jan 13 20:17:20 CET 2016 on sn-devel-144 --- Summary of changes: source4/rpc_server/backupkey/dcesrv_backupkey.c | 1 + 1 file changed, 1 insertion(+) Changeset truncated at 500 lines: diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c index eabaeea..5fb49b0 100644 --- a/source4/rpc_server/backupkey/dcesrv_backupkey.c +++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c @@ -34,6 +34,7 @@ #include "../lib/tsocket/tsocket.h" #include "../libcli/security/security.h" #include "librpc/gen_ndr/ndr_security.h" +#include "libds/common/roles.h" #include #include -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e6f88c1 libads: Fix picky const warning with krb5_set_password_using_ccache via 0733ce3 gensec: Fix picky unused variable errors via ab0cbf9 auth: Fix picky const warnings in gssapi_pac via e0504a8 s4-auth: Fix picky unused variable warning via e9e306b krb5_wrap: Fix picky const compiler warnings via bf10446 selftest: Fix Samba::bindir_path() with a valid directory. from 8aab442 dbwrap_tdb: Fix a typo https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e6f88c1451f8843fca9ca361cd2dbdf3e77ff47c Author: Andreas Schneider Date: Tue Oct 6 14:05:15 2015 +0200 libads: Fix picky const warning with krb5_set_password_using_ccache Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Mon Nov 23 18:20:31 CET 2015 on sn-devel-104 commit 0733ce3c6ed1e8d97690c9ec80c2768a05690dfd Author: Andreas Schneider Date: Tue Oct 6 13:25:49 2015 +0200 gensec: Fix picky unused variable errors Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit ab0cbf9bbac6c7a9450f26e2eeb4f8e794db8d89 Author: Andreas Schneider Date: Tue Oct 6 13:24:41 2015 +0200 auth: Fix picky const warnings in gssapi_pac Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit e0504a80dcf70ec9da0e8fa9f2d5bd7f042468f6 Author: Andreas Schneider Date: Tue Oct 6 13:03:41 2015 +0200 s4-auth: Fix picky unused variable warning Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit e9e306b1d57e9d9c40cd37d3fbb981606ca87223 Author: Andreas Schneider Date: Tue Oct 6 13:03:19 2015 +0200 krb5_wrap: Fix picky const compiler warnings Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner commit bf10446a69b0f328441ab334a8e35ad14c3d47e8 Author: Andreas Schneider Date: Mon May 12 16:45:55 2014 +0200 selftest: Fix Samba::bindir_path() with a valid directory. Signed-off-by: Andreas Schneider Reviewed-by: Guenther Deschner --- Summary of changes: auth/kerberos/gssapi_pac.c| 12 ++-- lib/krb5_wrap/krb5_samba.c| 5 +++-- selftest/target/Samba.pm | 2 +- source3/libads/krb5_setpw.c | 13 ++--- source4/auth/gensec/gensec_gssapi.c | 4 +++- source4/auth/kerberos/kerberos_util.c | 4 6 files changed, 31 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/auth/kerberos/gssapi_pac.c b/auth/kerberos/gssapi_pac.c index c6fa909..685d0ec 100644 --- a/auth/kerberos/gssapi_pac.c +++ b/auth/kerberos/gssapi_pac.c @@ -113,7 +113,11 @@ NTSTATUS gssapi_obtain_pac_blob(TALLOC_CTX *mem_ctx, if (gss_maj != 0) { DEBUG(0, ("obtaining PAC via GSSAPI gss_get_name_attribute failed: %s\n", - gssapi_error_string(mem_ctx, gss_maj, gss_min, gss_mech_krb5))); + gssapi_error_string(mem_ctx, + gss_maj, + gss_min, + discard_const_p(struct gss_OID_desc_struct, + gss_mech_krb5; return NT_STATUS_ACCESS_DENIED; } else if (authenticated && complete) { /* The PAC blob is returned directly */ @@ -199,7 +203,11 @@ NTSTATUS gssapi_get_session_key(TALLOC_CTX *mem_ctx, &gse_sesskey_inq_oid, &set); if (gss_maj) { DEBUG(0, ("gss_inquire_sec_context_by_oid failed [%s]\n", - gssapi_error_string(mem_ctx, gss_maj, gss_min, gss_mech_krb5))); + gssapi_error_string(mem_ctx, + gss_maj, + gss_min, + discard_const_p(struct gss_OID_desc_struct, + gss_mech_krb5; return NT_STATUS_NO_USER_SESSION_KEY; } diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c index 8c70273..13984e9 100644 --- a/lib/krb5_wrap/krb5_samba.c +++ b/lib/krb5_wrap/krb5_samba.c @@ -2143,7 +2143,7 @@ krb5_error_code smb_krb5_make_principal(krb5_context context, va_list ap; if (_realm) { - realm = _realm; + realm = discard_const_p(char, _realm); free_realm = false; } else { code = krb5_get_default_realm(context, &realm); @@ -2324,7 +2324,8 @@ char *smb_krb5_principal_get_re
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c6ae462 doc: fix a typo in the smb.conf manpage, explanation of idmap config from 23663b9 vfs_gpfs: Re-enable share modes https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c6ae462a020648c851fe6f6724ae9cf32c9d0ab8 Author: Michael Adam Date: Thu Nov 5 16:43:34 2015 +0100 doc: fix a typo in the smb.conf manpage, explanation of idmap config Signed-off-by: Michael Adam Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Nov 6 06:26:34 CET 2015 on sn-devel-104 --- Summary of changes: docs-xml/smbdotconf/winbind/idmapconfig.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/winbind/idmapconfig.xml b/docs-xml/smbdotconf/winbind/idmapconfig.xml index 434d379..1cf5d4a 100644 --- a/docs-xml/smbdotconf/winbind/idmapconfig.xml +++ b/docs-xml/smbdotconf/winbind/idmapconfig.xml @@ -65,7 +65,7 @@ mixture of the tdb and rid backend. It creates ranges for each domain encountered and then uses the rid algorithm for each of these automatically configured domains individually. - The ad backend usees unix IDs stored in Active Directory via + The ad backend uses unix IDs stored in Active Directory via the standard schema extensions. The nss backend reverses the standard winbindd setup and gets the unixids via names from nsswitch which can be useful in an ldap setup. -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6755376 kerberos: make sure we only use prompter type when available. from e524ab9 winbind: Fix 100% loop https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6755376cedaf0c88230b47e04c584c7d9fce13e3 Author: Günther Deschner Date: Fri Oct 2 04:23:59 2015 +0200 kerberos: make sure we only use prompter type when available. We also verified that we cannot simply remove the prompter as several older versions of Heimdal would crash. Guenther Signed-off-by: Günther Deschner Reviewed-by: Volker Lendecke Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Oct 2 07:29:43 CEST 2015 on sn-devel-104 --- Summary of changes: source3/libads/kerberos.c | 12 +++- source4/heimdal_build/wscript_configure | 1 + wscript_configure_system_mitkrb5| 2 ++ 3 files changed, 14 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 7fe864b..9a7a1e7 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -47,6 +47,16 @@ kerb_prompter(krb5_context ctx, void *data, krb5_prompt prompts[]) { if (num_prompts == 0) return 0; +#if HAVE_KRB5_PROMPT_TYPE + + /* +* only heimdal has a prompt type and we need to deal with it here to +* avoid loops. +* +* removing the prompter completely is not an option as at least these +* versions would crash: heimdal-1.0.2 and heimdal-1.1. Later heimdal +* version have looping detection and return with a proper error code. +*/ if ((num_prompts == 2) && (prompts[0].type == KRB5_PROMPT_TYPE_NEW_PASSWORD) && @@ -63,7 +73,7 @@ kerb_prompter(krb5_context ctx, void *data, */ return KRB5KDC_ERR_KEY_EXPIRED; } - +#endif /* HAVE_KRB5_PROMPT_TYPE */ memset(prompts[0].reply->data, '\0', prompts[0].reply->length); if (prompts[0].reply->length > 0) { if (data) { diff --git a/source4/heimdal_build/wscript_configure b/source4/heimdal_build/wscript_configure index 710a53d..2635b8a 100755 --- a/source4/heimdal_build/wscript_configure +++ b/source4/heimdal_build/wscript_configure @@ -168,6 +168,7 @@ conf.define('HAVE_KRB5_PRINCIPAL_SET_REALM', 1) conf.define('HAVE_KRB5_PRINCIPAL_SET_TYPE', 1) conf.define('HAVE_KRB5_PRINCIPAL_GET_TYPE', 1) conf.define('HAVE_KRB5_WARNX', 1) +conf.define('HAVE_KRB5_PROMPT_TYPE', 1) heimdal_includedirs = [] heimdal_libdirs = [] diff --git a/wscript_configure_system_mitkrb5 b/wscript_configure_system_mitkrb5 index 351e9d8..4b3a69f 100644 --- a/wscript_configure_system_mitkrb5 +++ b/wscript_configure_system_mitkrb5 @@ -137,6 +137,8 @@ conf.CHECK_STRUCTURE_MEMBER('krb5_address', 'addrtype', headers='krb5.h', define='HAVE_ADDRTYPE_IN_KRB5_ADDRESS') conf.CHECK_STRUCTURE_MEMBER('krb5_ap_req', 'ticket', headers='krb5.h', define='HAVE_TICKET_POINTER_IN_KRB5_AP_REQ') +conf.CHECK_STRUCTURE_MEMBER('krb5_prompt', 'type', headers='krb5.h', +define='HAVE_KRB5_PROMPT_TYPE') conf.CHECK_TYPE('krb5_encrypt_block', headers='krb5.h') -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via adbd6d3 pidl: merge multiple 'genpad' implementations into one. via 3d0b23d vfs: fix build warning in smb traffic analyzer. via 2443c34 s4-torture: don't build the lsa forest trust krb5 tests when building with MIT Kerberos. from c596ac6 install_with_python: Secure Python download with sha256 checks. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit adbd6d32531a339046a2bcf73d3f22ee34d7184b Author: Günther Deschner Date: Wed Jul 22 18:57:57 2015 +0200 pidl: merge multiple 'genpad' implementations into one. Guenther Signed-off-by: Günther Deschner Reviewed-by: Andreas Schneider Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Jul 24 16:44:16 CEST 2015 on sn-devel-104 commit 3d0b23dbd443381be1f265305ddda5434c0580aa Author: Günther Deschner Date: Wed Jul 22 14:52:06 2015 +0200 vfs: fix build warning in smb traffic analyzer. Guenther Signed-off-by: Günther Deschner Reviewed-by: Andreas Schneider commit 2443c34c91035778c36cc0eb4e51e9e922aeea1b Author: Günther Deschner Date: Fri Jul 10 09:44:40 2015 +0200 s4-torture: don't build the lsa forest trust krb5 tests when building with MIT Kerberos. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11411 Guenther Signed-off-by: Günther Deschner Reviewed-by: Andreas Schneider --- Summary of changes: pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm| 11 +-- pidl/lib/Parse/Pidl/Samba3/Template.pm | 11 ++- pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm | 11 +-- pidl/lib/Parse/Pidl/Samba4/Template.pm | 11 ++- pidl/lib/Parse/Pidl/Util.pm| 16 +++- source3/modules/vfs_smb_traffic_analyzer.c | 4 ++-- source3/modules/wscript_build | 1 - source4/torture/rpc/lsa.c | 11 +++ 8 files changed, 34 insertions(+), 42 deletions(-) Changeset truncated at 500 lines: diff --git a/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm b/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm index aa913f1..28d5245 100644 --- a/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm +++ b/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm @@ -13,7 +13,7 @@ use Exporter; use strict; use Parse::Pidl qw(fatal warning error); -use Parse::Pidl::Util qw(has_property ParseExpr); +use Parse::Pidl::Util qw(has_property ParseExpr genpad); use Parse::Pidl::NDR qw(ContainsPipe); use Parse::Pidl::Typelist qw(mapTypeName); use Parse::Pidl::Samba4 qw(DeclLong); @@ -28,15 +28,6 @@ sub pidl($$) { my ($self,$txt) = @_; $self->{res} .= $txt ? "$self->{tabs}$txt\n sub pidl_hdr($$) { my ($self, $txt) = @_; $self->{res_hdr} .= "$txt\n"; } sub fn_declare($$) { my ($self,$n) = @_; $self->pidl($n); $self->pidl_hdr("$n;"); } -sub genpad($) -{ - my ($s) = @_; - my $nt = int((length($s)+1)/8); - my $lt = ($nt*8)-1; - my $ns = (length($s)-$lt); - return "\t"x($nt)." "x($ns); -} - sub new($) { my ($class) = shift; diff --git a/pidl/lib/Parse/Pidl/Samba3/Template.pm b/pidl/lib/Parse/Pidl/Samba3/Template.pm index 3496927..4750cef 100644 --- a/pidl/lib/Parse/Pidl/Samba3/Template.pm +++ b/pidl/lib/Parse/Pidl/Samba3/Template.pm @@ -8,19 +8,12 @@ package Parse::Pidl::Samba3::Template; use vars qw($VERSION); $VERSION = '0.01'; +use Parse::Pidl::Util qw(genpad); + use strict; my($res); -sub genpad($) -{ - my ($s) = @_; - my $nt = int((length($s)+1)/8); - my $lt = ($nt*8)-1; - my $ns = (length($s)-$lt); - return "\t"x($nt)." "x($ns); -} - # # produce boilerplate code for a interface sub Template($) diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm index ee68090..040cd5a 100644 --- a/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm +++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm @@ -11,7 +11,7 @@ use Exporter; @EXPORT_OK = qw(Parse); use Parse::Pidl qw(fatal warning error); -use Parse::Pidl::Util qw(has_property ParseExpr); +use Parse::Pidl::Util qw(has_property ParseExpr genpad); use Parse::Pidl::NDR qw(ContainsPipe); use Parse::Pidl::Typelist qw(mapTypeName); use Parse::Pidl::Samba4 qw(choose_header is_intree DeclLong); @@ -29,15 +29,6 @@ sub pidl_hdr($$) { my ($self, $txt) = @_; $self->{res_hdr} .= "$txt\n"; } sub pidl_both($$) { my ($self, $txt) = @_; $self->{hdr} .= "$txt\n"; $self->{res_hdr} .= "$txt\n"; } sub fn_declare($$) { my ($self,$n) = @_; $self->pidl($n); $self->pidl_hdr("$n;"); } -sub genpad($) -{ - my ($s) =
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7105bd3 docs:smb.conf: fix typo in 'smb encrypt' text. from e736a16 docs: Documents length limitations for NetBIOS name https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7105bd370a559a24c7f0deb67e63139ca236500a Author: Michael Adam Date: Wed Jul 15 16:23:12 2015 +0200 docs:smb.conf: fix typo in 'smb encrypt' text. Signed-off-by: Michael Adam Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Wed Jul 15 22:40:54 CEST 2015 on sn-devel-104 --- Summary of changes: docs-xml/smbdotconf/security/smbencrypt.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/security/smbencrypt.xml b/docs-xml/smbdotconf/security/smbencrypt.xml index ae0682b..b44ed9a 100644 --- a/docs-xml/smbdotconf/security/smbencrypt.xml +++ b/docs-xml/smbdotconf/security/smbencrypt.xml @@ -142,7 +142,7 @@ - These features can be crontrolled with settings of + These features can be controlled with settings of smb encrypt as follows: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 117e87d librpc:ndr:witness: remove an unneeded block, reducing indentation. via dd0f79d librpc:ndr:witness: move variables into scope via 76f8d0f smbd:trans2: treat new SMB_SIGNING_DESIRED in case via fd16861 librpc:ndr:witness: fix CID 1311245: Memory - illegal accesses (UNINIT) from 0afea2c WHATSNEW: Spotlight https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 117e87d8040c6a7e625aa2c52cbc7ab350bf669a Author: Michael Adam Date: Tue Jul 7 09:50:21 2015 +0200 librpc:ndr:witness: remove an unneeded block, reducing indentation. Check with "git diff -w". Signed-off-by: Michael Adam Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Jul 7 23:37:05 CEST 2015 on sn-devel-104 commit dd0f79df94d6aabe5a55211c17df8955ddff4e02 Author: Michael Adam Date: Tue Jul 7 09:47:51 2015 +0200 librpc:ndr:witness: move variables into scope Signed-off-by: Michael Adam Reviewed-by: Guenther Deschner commit 76f8d0fbada15c9466f66a2d9961bebd1425d141 Author: Michael Adam Date: Tue Jul 7 17:15:00 2015 +0200 smbd:trans2: treat new SMB_SIGNING_DESIRED in case Signed-off-by: Michael Adam Reviewed-by: Guenther Deschner commit fd16861839ec6f5c255db78288ef13a7bc110839 Author: Michael Adam Date: Tue Jul 7 08:52:20 2015 +0200 librpc:ndr:witness: fix CID 1311245: Memory - illegal accesses (UNINIT) Signed-off-by: Michael Adam Reviewed-by: Guenther Deschner --- Summary of changes: librpc/ndr/ndr_witness.c | 80 source3/smbd/trans2.c| 1 + 2 files changed, 41 insertions(+), 40 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/ndr/ndr_witness.c b/librpc/ndr/ndr_witness.c index 40586f4..288e640 100644 --- a/librpc/ndr/ndr_witness.c +++ b/librpc/ndr/ndr_witness.c @@ -60,51 +60,51 @@ _PUBLIC_ enum ndr_err_code ndr_push_witness_notifyResponse(struct ndr_push *ndr, _PUBLIC_ enum ndr_err_code ndr_pull_witness_notifyResponse(struct ndr_pull *ndr, int ndr_flags, struct witness_notifyResponse *r) { - uint32_t size_messages_0 = 0; - uint32_t cntr_messages_0; - TALLOC_CTX *_mem_save_messages_0; - { - uint32_t _flags_save_STRUCT = ndr->flags; - ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); - NDR_PULL_CHECK_FLAGS(ndr, ndr_flags); - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_witness_notifyResponse_type(ndr, NDR_SCALARS, &r->type)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->length)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num)); - { - uint32_t _flags_save_witness_notifyResponse_message = ndr->flags; - uint32_t _ptr_messages; - ndr_set_flags(&ndr->flags, LIBNDR_FLAG_REMAINING); - NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_messages)); - if (_ptr_messages) { - NDR_PULL_ALLOC(ndr, r->messages); - } else { - r->messages = NULL; - } - if (r->messages) { - size_messages_0 = r->num; - NDR_PULL_ALLOC_N(ndr, r->messages, size_messages_0); - _mem_save_messages_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->messages, 0); - { - struct ndr_pull *_ndr_messages; - NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_messages, 4, r->length)); - for (cntr_messages_0 = 0; cntr_messages_0 < (size_messages_0); cntr_messages_0++) { - NDR_CHECK(ndr_pull_set_switch_value(_ndr_messages, &r->messages[cntr_messages_0], r->type)); - NDR_CHECK(ndr_pull_witness_notifyResponse_message(_ndr_messages, NDR_SCALARS, &r->messages[cntr_messages_0])); - } - NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_messa
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 66736fe s4:torture/rpc: use dcerpc_secondary_auth_connection with creds via 87bf1a6 s4:torture/rpc: use dcerpc_secondary_auth_connection with anon creds via e0bb97f s4:torture/samba3rpc: use pipe_bind_smb_auth() via 810d630 s4:torture/samba3rpc: add pipe_bind_smb_auth() via f42d4e9 s4:torture/samba3rpc: use pipe_bind_smb2() via 1df9416 s4:torture/samba3rpc: add pipe_bind_smb2() via d80c389 s4:torture/samba3rpc: use pipe_bind_smb() in more places via 5a849c1 s4:torture/samba3rpc: move pipe_bind_smb() to the top via 07b1e37 s4:libnet: make use of dcerpc_secondary_auth_connection_send/recv() via f036683 s4:libcli/clilsa: only remember the dcerpc_binding_handle via 8c22f81 s4:librpc/rpc: add dcerpc_secondary_auth_connection() via 9c165e5 dcerpc.idl: fix calculatin of uint16 secondary_address_size; via 9f62c4e pidl:Samba4/NDR/Parser: always initialize _mem_save_ pointers to NULL via 856c9aa pidl:Samba3/ServerNDR: add pidl_reset() and pidl_return() helper functions via 16952dc pidl:Samba3/ServerNDR: make CallWithStruct() more flexible via b3de334 pidl:Samba3/ServerNDR: simplify CallWithStruct() via 365d9d8 docs:smb.conf: explain effect of new setting 'desired' of smb encrypt via 1435770 smbd:smb2: use encryption_desired in send_break via 41cb881 smbd:smb2: only enable encryption in tcon if desired via fc22802 smbd:smb2: only enable encryption in session if desired via 3bb2999 smbd:smb2: separate between encryption required and enc desired via a3ea6db smbXsrv: add bools encryption_desired to session and tcon via 204cbe3 Introduce setting "desired" for 'smb encrypt' and 'client/server signing' from 8fec359 vfs_fruit: Fix CID 1311244 Out-of-bounds read https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 66736fee3a896edf5571dc627a9cf6d8eee405b0 Author: Stefan Metzmacher Date: Fri Jan 17 13:39:45 2014 +0100 s4:torture/rpc: use dcerpc_secondary_auth_connection with creds This is the same as calling dcerpc_secondary_connection/dcerpc_bind_auth. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Tue Jul 7 17:07:49 CEST 2015 on sn-devel-104 commit 87bf1a6edd2395b1a98775af0edb0a0b5be59c62 Author: Stefan Metzmacher Date: Fri Jan 17 09:54:39 2014 +0100 s4:torture/rpc: use dcerpc_secondary_auth_connection with anon creds This is the same as calling dcerpc_secondary_connection/dcerpc_bind_auth_none. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit e0bb97fde61bf3577651a8624bc1014561087d31 Author: Stefan Metzmacher Date: Thu Jan 16 07:20:37 2014 +0100 s4:torture/samba3rpc: use pipe_bind_smb_auth() Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 810d630bd5120f12540ce9ab09e106c41a028347 Author: Stefan Metzmacher Date: Thu Jan 16 07:20:20 2014 +0100 s4:torture/samba3rpc: add pipe_bind_smb_auth() Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit f42d4e9dd342f207b206f7cf00a75e690ded76ed Author: Stefan Metzmacher Date: Thu Jan 16 07:19:49 2014 +0100 s4:torture/samba3rpc: use pipe_bind_smb2() Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 1df9416bdb9ce569618a94df4dbcdbb016b8f8a1 Author: Stefan Metzmacher Date: Thu Jan 16 07:19:26 2014 +0100 s4:torture/samba3rpc: add pipe_bind_smb2() Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit d80c38990fa8821cbda554aa18c19a50207172a9 Author: Stefan Metzmacher Date: Thu Jan 16 07:18:30 2014 +0100 s4:torture/samba3rpc: use pipe_bind_smb() in more places Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 5a849c13a7100fe5c3a84386988b0910608b3ece Author: Stefan Metzmacher Date: Thu Jan 16 07:17:00 2014 +0100 s4:torture/samba3rpc: move pipe_bind_smb() to the top Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 07b1e375e561dfe4bac9e8dd495401df1b4fcff7 Author: Stefan Metzmacher Date: Wed Jan 22 12:49:58 2014 +0100 s4:libnet: make use of dcerpc_secondary_auth_connection_send/recv() This avoid the bogus usage of dcerpc_pipe_auth(). Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit f0366838960888fa09d040ccafa76bb0723c8174 Author: Stefan Metzmacher Date: Thu Jan 16 08:57:30 2014 +0100 s4:libcli/clilsa: only remember the dcerpc_binding_handle We don't need the 'dcerpc_pipe'. Signed-off-by: Stefan
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9ebf380 lib/util:charset/tests: improve strlen_m[_term[_null]]() testing via bf6f032 lib/util: let strlen_m_term[_null]() use strlen_m_ext_term[_null]() via cd8bcec lib/util: add strlen_m_ext_term_null() helper function via 3cdac4a s4:pyrpc: remove pointless alter_context() method via 8499344 python:samba/tests: don't use the x.alter_context() method in dcerpc/bare.py via 828e1d3 s4:torture/rpc: expect NT_STATUS_CONNECTION_DISCONNECTED in torture_rpc_alter_context() via 58a8741 s4:torture/rpc: expect NT_STATUS_CONNECTION_DISCONNECTED when a dcerpc connection is not connected via 7e095eb libcli/smb: let tstream_smbXcli_np report connection errors as EPIPE instead of EIO via 793af3f s3:winbindd: use check dcerpc_binding_handle_is_connected() instead of a specific status via 24ea917 python/samba/tests: add fallbacks for assert{Less,Greater}[Equal]() via c7e9968 python/samba/tests: let the output of hexdump() match our C code in dump_data_cb() via 7a07f6a python/samba/tests: move hexdump() from DNSTest to TestCase via 2b16301 librpc/ndr: make use of dump_data_cb() in ndr_dump_data() via 4a0370b lib/util: fix output format in dump_data*() via 8c9612e s4:pyrpc: add base.bind_time_features_syntax(features) via e1498ac librpc/rpc: add dcerpc_[extract|construct]_bind_time_features() via 18dce19 librpc/rpc: add dcerpc_fault_from_nt_status() via 1eef708 librpc/rpc: add faultcode to nt_status mappings via cb8c156 midltests: add valid/midltests_DRS_EXTENSIONS.* via f3f1c38 auth/credentials: anonymous should not try to use kerberos via ebfb1e9 s4:ntvfs/ipc: fix ipc_close() via d1e81df s4-torture: pull, push and compare a witness Notify struct in ndr test. via f0156ca s4-torture: add new torture_suite_add_ndr_pullpush_fn_test_flags(). via 6d3f762 s4-torture: add torture_ndr_push_struct_blob_flags() in order to manipulate push flags. via c82aed8 libndr: reformat libndr torture_suite macros to make differences more visible. via c328ade s4-torture: using async dcerpc for witness async notifications. via e3cb9f7 lib/torture: be more verbose about ndr failures. via 6aeb0a0 s4-torture: move torture_assert_sid_equal() out of ndr headers. via 34e4dac s4-torture: finally enable witness_AsyncNotify ndr test. via 185896d s3-rpcclient: remove old extra hand marshalling from witness cmds. via 92709e9 s4-torture: add clusapi resource online/offline toggle code to witness test. via ceebd50 s4-torture: make some clusapi torture tests public. via 0a2c933 s3-rpcclient: close policy handle in cmd_clusapi_open_resource(). via 126c6f0 s3-rpcclient: use witness defines in witness rpcclient. via 5b95572 libndr: better debug message in ndr_pull_subcontext_start(). via d8dbbfc s3-rpcclient: add clusapi_get_resource_state command. via 82c4b92 witness: autogenerate the marshalling of the witness_notifyResponse_message. via e324184 witness: add default case to witness_notifyResponse_message union. via cf738cc s3-rpcclient: add cmdline tools to toggle online/offline cluster resource state. via cc3afec s4-torture: add some more tests for witness_AsyncNotify and RegisterEx with different timeouts. via 6e9c678 s4-torture: make setup of the clusapi pipe non-critical in witness test. via 9cdb69c s4-torture: minor cleanup in test_witness_Register(). via 1b70b1a s4-torture: open a clusapi connection to get list of cluster nodes, etc. from c6e044e s4:torture:vfs_fruit: check offset and length when reading AFP_AfpInfo stream https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9ebf3804eb4ca48b6ff00db12f42795481347f37 Author: Stefan Metzmacher Date: Mon Jun 29 20:37:01 2015 +0200 lib/util:charset/tests: improve strlen_m[_term[_null]]() testing They differ in their "" vs. NULL handling. Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner Autobuild-User(master): Günther Deschner Autobuild-Date(master): Fri Jul 3 05:02:45 CEST 2015 on sn-devel-104 commit bf6f03209494cc43dff717bd78c84bc59b03e76c Author: Stefan Metzmacher Date: Sat Jun 27 10:13:02 2015 +0200 lib/util: let strlen_m_term[_null]() use strlen_m_ext_term[_null]() Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit cd8bcecf18544b907c1927aa716057216f948dac Author: Stefan Metzmacher Date: Sat Jun 27 10:12:29 2015 +0200 lib/util: add strlen_m_ext_term_null() helper function Signed-off-by: Stefan Metzmacher Reviewed-by: Guenther Deschner commit 3cdac4a85521974e3c71488ad