[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via dea292c2fdb auth4: Fix CID 1034877 Resource leak via fd8d0cba3fa ntvfs: Fix CID 1034883 Resource leak via ab41b3612aa lib: Change ADD_TO_ARRAY to use a tmp variable via d03096721e2 lib: Avoid duplicate definition of ADD_TO_ARRAY via 14a53368024 lib: Factor out ADD_TO_MALLOC_ARRAY() via f3e7d450eae lib: Fix CID 1596761 Resource leak from 30b0fa892ad shadow_copy2: Ignore VFS_OPEN_HOW_WITH_BACKUP_INTENT https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dea292c2fdb4a629c7d488b0bca636856309626b Author: Volker Lendecke Date: Mon Sep 30 11:05:20 2024 +0200 auth4: Fix CID 1034877 Resource leak Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Oct 2 14:19:08 UTC 2024 on atb-devel-224 commit fd8d0cba3fafc4900177fcfee3a5b6f95c845293 Author: Volker Lendecke Date: Mon Sep 30 11:01:04 2024 +0200 ntvfs: Fix CID 1034883 Resource leak Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit ab41b3612aa10af5c46f14dff3dee8581fbe8607 Author: Volker Lendecke Date: Mon Sep 30 10:43:00 2024 +0200 lib: Change ADD_TO_ARRAY to use a tmp variable This should fix a few Coverity Resource Leak findings. Coverity does not understand that SMB_ASSERT aborts the program, so it believes if realloc fails we leak the previous allocation. Those are false positives, but doing it this way does not cost much. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit d03096721e2b86d7f736bd57b2d0f147ccb1e3fc Author: Volker Lendecke Date: Mon Sep 30 10:37:06 2024 +0200 lib: Avoid duplicate definition of ADD_TO_ARRAY Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 14a5336802450d8c0864ba64c302e591e0389a19 Author: Volker Lendecke Date: Mon Sep 30 10:34:17 2024 +0200 lib: Factor out ADD_TO_MALLOC_ARRAY() ADD_TO_ARRAY with an explicit NULL mem_ctx is only used in 3 places. I've checked the other places, and I think I made sure that the mem_ctx being passed in is non-NULL everywhere else. This makes the "legacy" use with SMB_REALLOC more obvious. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit f3e7d450eae8a89bbe84da78b69c8956e750f57d Author: Volker Lendecke Date: Sun Sep 29 09:58:13 2024 +0200 lib: Fix CID 1596761 Resource leak Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider --- Summary of changes: lib/printer_driver/printer_driver.c | 10 +- lib/util/util_paths.c | 6 -- source3/include/smb_macros.h| 30 +- source3/modules/vfs_hpuxacl.c | 3 +-- source3/modules/vfs_solarisacl.c| 6 -- source3/utils/net_rpc_shell.c | 4 ++-- source4/auth/session.c | 3 +++ source4/ntvfs/simple/vfs_simple.c | 5 - 8 files changed, 40 insertions(+), 27 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/printer_driver/printer_driver.c b/lib/printer_driver/printer_driver.c index 2d07df37adc..f04952eba64 100644 --- a/lib/printer_driver/printer_driver.c +++ b/lib/printer_driver/printer_driver.c @@ -22,15 +22,7 @@ #include "rpc_client/init_spoolss.h" #include "libgpo/gpo_ini.h" #include "printer_driver.h" - -#define ADD_TO_ARRAY(mem_ctx, type, elem, array, num) \ -do { \ - *(array) = talloc_realloc(mem_ctx, (*(array)), type, (*(num))+1); \ - SMB_ASSERT((*(array)) != NULL); \ - (*(array))[*(num)] = (elem); \ - (*(num)) += 1; \ -} while (0) - +#include "source3/include/smb_macros.h" /* GetPrinterDriverDirectory -> drivers and dependent files */ #define PRINTER_INF_DIRID_66000 diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c index ce93028d563..b35cc7f5863 100644 --- a/lib/util/util_paths.c +++ b/lib/util/util_paths.c @@ -89,15 +89,17 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx) rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf); while (rc == ERANGE) { size_t newlen = 2 * len; + char *tmp = NULL; if (newlen < len) { /* Overflow */ goto done; } len = newlen; - buf = talloc_realloc_size(mem_ctx, buf, len); - if (buf == NULL) { + tmp = talloc_realloc_size(mem_ctx, buf, len); + if (tmp == NULL) { goto done; } + buf = tmp; rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdb
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 30b0fa892ad shadow_copy2: Ignore VFS_OPEN_HOW_WITH_BACKUP_INTENT from af011b987a4 s3:notifyd: Use a watcher per db record https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 30b0fa892ad66bfad92403186f97fd46496e62de Author: Christof Schmitt Date: Tue Oct 1 13:29:56 2024 -0700 shadow_copy2: Ignore VFS_OPEN_HOW_WITH_BACKUP_INTENT d1846452e96 vfs: Add VFS_OPEN_HOW_WITH_BACKUP_INTENT introduced VFS_OPEN_HOW_WITH_BACKUP_INTENT for files opened with FILE_OPEN_FOR_BACKUP_INTENT. shadow_copy2 refuses the open on a file if any flage in how.resolve is set. Change the check in shadow_copy2 to allow opening of files with VFS_OPEN_HOW_WITH_BACKUP_INTENT. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15730 Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Oct 2 08:06:38 UTC 2024 on atb-devel-224 --- Summary of changes: source3/modules/vfs_shadow_copy2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_shadow_copy2.c b/source3/modules/vfs_shadow_copy2.c index b91d5c8242f..9b7d208bb7b 100644 --- a/source3/modules/vfs_shadow_copy2.c +++ b/source3/modules/vfs_shadow_copy2.c @@ -1562,7 +1562,7 @@ static int shadow_copy2_openat(vfs_handle_struct *handle, int ret; bool ok; - if (how.resolve != 0) { + if ((how.resolve & ~VFS_OPEN_HOW_WITH_BACKUP_INTENT) != 0) { errno = ENOSYS; return -1; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 25a6e1c8e75 libsmb: use more precise error status from aac22d9ebab s3:passdb: ENCTYPE_DES_CBC_MD5 is not longer used in secrets_domain_info_kerberos_keys() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 25a6e1c8e75cdea9c7d4d72a6b7f50ca643a9505 Author: Jule Anger Date: Fri Sep 6 10:49:08 2024 +0200 libsmb: use more precise error status NO_MEMORY is the only possible error. Pair-Programmed-With: Volker Lendecke Signed-off-by: Jule Anger Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Oct 1 08:15:35 UTC 2024 on atb-devel-224 --- Summary of changes: source3/libsmb/cli_smb2_fnum.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c index e65de62cd52..b8c2e9a8acb 100644 --- a/source3/libsmb/cli_smb2_fnum.c +++ b/source3/libsmb/cli_smb2_fnum.c @@ -3005,7 +3005,7 @@ NTSTATUS cli_smb2_query_mxac(struct cli_state *cli, TALLOC_CTX *frame = talloc_stackframe(); struct tevent_context *ev = NULL; struct tevent_req *req = NULL; - NTSTATUS status = NT_STATUS_INTERNAL_ERROR; + NTSTATUS status = NT_STATUS_NO_MEMORY; bool ok; if (smbXcli_conn_has_async_calls(cli->conn)) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7d255e5c233 lib/addns: match additional names in a non case insensitive way via 628d7b6f2e6 s3:rpc_client: pass remote_{name,sockaddr} to rpccli_setup_netlogon_creds[_locked]() via c3222192a40 s3:rpc_client: add missing TALLOC_FREE(frame) in cli_rpc_pipe_open() from 03e880931d0 doc: Update doc about talloc vs malloc speed https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7d255e5c233237041228544b19114bd1f93c2468 Author: Stefan Metzmacher Date: Thu Sep 26 14:47:26 2024 +0200 lib/addns: match additional names in a non case insensitive way Sometime proxy dns servers mess up the case of parts of the name... So we should match with strequal() instead of strcmp(), which results in much less dns packets on the wire... Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Sun Sep 29 08:09:46 UTC 2024 on atb-devel-224 commit 628d7b6f2e626c9c530473d06c038dfec9cbd17a Author: Stefan Metzmacher Date: Fri Sep 27 09:38:19 2024 +0200 s3:rpc_client: pass remote_{name,sockaddr} to rpccli_setup_netlogon_creds[_locked]() We shouldd not rely on cli_state to be a valid pointer (at least not when NCACN_IP_TCP is used...) Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit c3222192a40a2b1608c9c48f0352cb6f18f26d79 Author: Stefan Metzmacher Date: Fri Sep 27 12:00:59 2024 +0200 s3:rpc_client: add missing TALLOC_FREE(frame) in cli_rpc_pipe_open() This was missing in commit 637a8e5270fefaea5c61921d4b6ecfc4455a91aa. Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke --- Summary of changes: lib/addns/dnsquery.c | 6 +- source3/rpc_client/cli_netlogon.c | 13 - source3/rpc_client/cli_netlogon.h | 2 ++ source3/rpc_client/cli_pipe.c | 1 + source3/rpc_client/cli_pipe_schannel.c | 5 - source3/rpcclient/rpcclient.c | 2 ++ 6 files changed, 22 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/addns/dnsquery.c b/lib/addns/dnsquery.c index 7590c9ff508..c997077bb53 100644 --- a/lib/addns/dnsquery.c +++ b/lib/addns/dnsquery.c @@ -151,7 +151,11 @@ static void ads_dns_lookup_srv_done(struct tevent_req *subreq) struct dns_rr_srv *srv = &state->srvs[j]; struct sockaddr_storage *tmp; - if (strcmp(srv->hostname, ar->name) != 0) { + /* +* sometimes the name gets messed up +* with upper and lower case... +*/ + if (!strequal(srv->hostname, ar->name)) { continue; } /* uint16_t can't wrap here. */ diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index 7f0ab7c82ed..fe28e2669a2 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -156,6 +156,8 @@ NTSTATUS rpccli_create_netlogon_creds_ctx( static NTSTATUS rpccli_setup_netlogon_creds_locked( struct cli_state *cli, enum dcerpc_transport_t transport, + const char *remote_name, + const struct sockaddr_storage *remote_sockaddr, struct netlogon_creds_cli_context *creds_ctx, bool force_reauth, struct cli_credentials *cli_creds, @@ -170,8 +172,6 @@ static NTSTATUS rpccli_setup_netlogon_creds_locked( const struct samr_Password *nt_hashes[2] = { NULL, NULL }; uint8_t idx_nt_hashes = 0; NTSTATUS status; - const char *remote_name = NULL; - const struct sockaddr_storage *remote_sockaddr = NULL; status = netlogon_creds_cli_get(creds_ctx, frame, &creds); if (NT_STATUS_IS_OK(status)) { @@ -210,9 +210,6 @@ static NTSTATUS rpccli_setup_netlogon_creds_locked( num_nt_hashes = 2; } - remote_name = smbXcli_conn_remote_name(cli->conn); - remote_sockaddr = smbXcli_conn_remote_sockaddr(cli->conn); - status = cli_rpc_pipe_open_noauth_transport(cli, transport, &ndr_table_netlogon, @@ -266,6 +263,8 @@ done: NTSTATUS rpccli_setup_netlogon_creds( struct cli_state *cli, enum dcerpc_transport_t transport, + const char *remote_name, + const struct sockaddr_storage *remote_sockaddr, struct netlogon_creds_cli_context *creds_ctx, bool force_reauth, struct cli_credentials *cli_creds) @@ -286,6 +285,8 @
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 91f0d7e1c91 s3:client: Improve error message on cli_setatr() failure from 93db1c7f3bb pylibsmb: Fix a typo https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 91f0d7e1c916eb350f6490f7891784af988ae12e Author: Andreas Schneider Date: Wed Jul 17 10:38:47 2024 +0200 s3:client: Improve error message on cli_setatr() failure Signed-off-by: Andreas Schneider Reviewed-by: Martin Schwenke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Sep 27 07:54:34 UTC 2024 on atb-devel-224 --- Summary of changes: source3/client/clitar.c | 10 -- 1 file changed, 8 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/clitar.c b/source3/client/clitar.c index 7e54b7bc2e8..e034a4cb261 100644 --- a/source3/client/clitar.c +++ b/source3/client/clitar.c @@ -1220,8 +1220,14 @@ close_out: status = cli_setatr(cli, full_path, mode, mtime); if (!NT_STATUS_IS_OK(status)) { - d_printf("Error setting attributes on remote file %s: %s\n", - full_path, nt_errstr(status)); + char *timestr = timestring(talloc_tos(), mtime); + d_printf("Error setting attributes (mode: %3o, mtime: %s) on " +"remote file %s: %s\n", +mode & 0777, +timestr, +full_path, +nt_errstr(status)); + TALLOC_FREE(timestr); err = 1; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b3bc2c950fd lib:ldb: Use tdb_traverse_read() in ldb_kv_index_sub_transaction_commit() via 03c2f3d1fdb lib:ldb: Use tdb_parse_record() in ldb_kv_sub_transaction_traverse() via 3582250538e lib:ldb: Use tdb_parse_record() in ldb_kv_dn_list_store() via 090f8009b36 lib:ldb: Use tdb_parse_record() in ldb_kv_dn_list_load() from fdef894d797 ldb: Build lmdb backend also in non-AD case https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b3bc2c950fd6bb623f742e78472ffa3061f921da Author: Andreas Schneider Date: Thu May 2 16:38:47 2024 +0200 lib:ldb: Use tdb_traverse_read() in ldb_kv_index_sub_transaction_commit() Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Sep 26 09:59:34 UTC 2024 on atb-devel-224 commit 03c2f3d1fdb75ec2776ba90095fcbc934e40967b Author: Andreas Schneider Date: Thu May 2 15:15:43 2024 +0200 lib:ldb: Use tdb_parse_record() in ldb_kv_sub_transaction_traverse() Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit 3582250538e48053fa118a7ebda88b9a116f13b0 Author: Andreas Schneider Date: Thu May 2 16:45:59 2024 +0200 lib:ldb: Use tdb_parse_record() in ldb_kv_dn_list_store() Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit 090f8009b365a4102311ae3b5ebe68926ba9ebd5 Author: Andreas Schneider Date: Mon Apr 29 14:16:17 2024 +0200 lib:ldb: Use tdb_parse_record() in ldb_kv_dn_list_load() Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: lib/ldb/ldb_key_value/ldb_kv_index.c | 84 1 file changed, 57 insertions(+), 27 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/ldb_key_value/ldb_kv_index.c b/lib/ldb/ldb_key_value/ldb_kv_index.c index 9014ae7eec3..7f5361fe63f 100644 --- a/lib/ldb/ldb_key_value/ldb_kv_index.c +++ b/lib/ldb/ldb_key_value/ldb_kv_index.c @@ -361,6 +361,23 @@ enum dn_list_will_be_read_only { DN_LIST_WILL_BE_READ_ONLY = 1, }; +struct ldb_dn_list_state { + struct ldb_module *module; + struct dn_list *list; +}; + +static int ldb_kv_index_idxptr_wrapper(TDB_DATA tdb_key, + TDB_DATA tdb_data, + void *private_data) +{ + struct ldb_dn_list_state *state = private_data; + + /* The caller will check for NULL */ + state->list = ldb_kv_index_idxptr(state->module, tdb_data); + + return 0; +} + /* return the @IDX list in an index entry for a dn as a struct dn_list @@ -372,12 +389,13 @@ static int ldb_kv_dn_list_load(struct ldb_module *module, enum dn_list_will_be_read_only read_only) { struct ldb_message *msg; - int ret, version; + int ret = -1, version; struct ldb_message_element *el; - TDB_DATA rec = {0}; - struct dn_list *list2; bool from_primary_cache = false; TDB_DATA key = {0}; + struct ldb_dn_list_state state = { + .module = module, + }; *list = (struct dn_list){}; /* @@ -397,23 +415,25 @@ static int ldb_kv_dn_list_load(struct ldb_module *module, * if the record is not cached it will need to be read from disk. */ if (ldb_kv->nested_idx_ptr != NULL) { - rec = tdb_fetch(ldb_kv->nested_idx_ptr->itdb, key); + ret = tdb_parse_record(ldb_kv->nested_idx_ptr->itdb, + key, + ldb_kv_index_idxptr_wrapper, + &state); } - if (rec.dptr == NULL) { + if (ret == -1 /* not found */) { from_primary_cache = true; - rec = tdb_fetch(ldb_kv->idxptr->itdb, key); + ret = tdb_parse_record(ldb_kv->idxptr->itdb, + key, + ldb_kv_index_idxptr_wrapper, + &state); } - if (rec.dptr == NULL) { + if (ret == -1 /* not found */) { goto normal_index; } - /* we've found an in-memory index entry */ - list2 = ldb_kv_index_idxptr(module, rec); - if (list2 == NULL) { - free(rec.dptr); + if (ret != 0 || state.list == NULL) { return LDB_ERR_OPERATIONS_ERROR; } - free(rec.dptr); /* * If this is a read only transaction the indexes will not be @@ -422,7 +442,7 @@ static int ldb_kv_dn_list_load(struct ldb_module *module
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 81ecdb125bf auth: Fix CID 1615191 Uninitialized scalar variable via 53750d9deb0 ctdb: Fix a typo via 65b3081f4b1 ctdb: Use str_list_add_printf() in debug_locks_args() via 2fa0eabe64a ctdb: Make ctdb_lock_timeout_handler() easier to understand via f525800613a lib: Avoid unused includes via 9c22cee9d04 vfs: Simplify capdecode() with hex_byte() via 4803e85d7d5 vfs: Simplify capencode() with nybble_to_hex_lower() via 0e29b1cfb08 passdb: Simplify pdb_gethexhours() with hex_byte() via eaaba242a20 libsmb: Use nybble_to_hex_upper() in virusfilter_url_quote() via 2676267afd7 libsmb: Use nybble_to_hex_upper() in smbc_urlencode() via 9d4a7a448e1 libndr: Use TALLOC_FREE instead of talloc_free via e9538317d85 rpc_host: Fix max_workers calculation via 658b78a0481 rpc_server: Fix a comment from f9ee4db2ba7 s3:utils: use the correct secrets.tdb in net_use_krb_machine_account() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 81ecdb125bf10433d49f865f1ab2dfae9f965857 Author: Volker Lendecke Date: Thu Sep 12 21:33:54 2024 +0200 auth: Fix CID 1615191 Uninitialized scalar variable Protect against winbind successfully returning 0 groups Signed-off-by: Volker Lendecke Reviewed-by: Noel Power Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Sep 20 18:25:54 UTC 2024 on atb-devel-224 commit 53750d9deb0004af3ddfcf5fe72a0fac40f3df43 Author: Volker Lendecke Date: Wed Sep 18 18:29:56 2024 +0200 ctdb: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Noel Power commit 65b3081f4b1274d66393726f4634955aac943e9b Author: Volker Lendecke Date: Thu Sep 19 17:32:42 2024 +0200 ctdb: Use str_list_add_printf() in debug_locks_args() Saves lines, str_list_add_printf takes care of NULL checks Signed-off-by: Volker Lendecke Reviewed-by: Noel Power commit 2fa0eabe64aebede1127009ce9c79e587e77dbd9 Author: Volker Lendecke Date: Thu Sep 19 17:10:58 2024 +0200 ctdb: Make ctdb_lock_timeout_handler() easier to understand Don't hide the real action inside an if-branch Signed-off-by: Volker Lendecke Reviewed-by: Noel Power commit f525800613aa7186d8839a05c1e9b247e517cad9 Author: Volker Lendecke Date: Wed Sep 18 16:57:02 2024 +0200 lib: Avoid unused includes Signed-off-by: Volker Lendecke Reviewed-by: Noel Power commit 9c22cee9d043ab00efee47bfd50824e22e307dd7 Author: Volker Lendecke Date: Tue Sep 10 09:59:54 2024 +0200 vfs: Simplify capdecode() with hex_byte() Signed-off-by: Volker Lendecke Reviewed-by: Noel Power commit 4803e85d7d5ef8e259db4d7473b7034852bea2c3 Author: Volker Lendecke Date: Tue Sep 10 09:55:36 2024 +0200 vfs: Simplify capencode() with nybble_to_hex_lower() Signed-off-by: Volker Lendecke Reviewed-by: Noel Power commit 0e29b1cfb085b51107e38dba3b6bc79b9250c9a4 Author: Volker Lendecke Date: Tue Sep 10 08:55:16 2024 +0200 passdb: Simplify pdb_gethexhours() with hex_byte() Signed-off-by: Volker Lendecke Reviewed-by: Noel Power commit eaaba242a208389853d48cbe4880e8944315f9b9 Author: Volker Lendecke Date: Tue Sep 10 08:52:16 2024 +0200 libsmb: Use nybble_to_hex_upper() in virusfilter_url_quote() Signed-off-by: Volker Lendecke Reviewed-by: Noel Power commit 2676267afd72e77ddf10bb64a6dcf208295ab933 Author: Volker Lendecke Date: Tue Sep 10 08:50:16 2024 +0200 libsmb: Use nybble_to_hex_upper() in smbc_urlencode() Signed-off-by: Volker Lendecke Reviewed-by: Noel Power commit 9d4a7a448e131203d6e05796d088d8572dee88d8 Author: Volker Lendecke Date: Thu Sep 12 16:18:57 2024 +0200 libndr: Use TALLOC_FREE instead of talloc_free All the existing calls are right before returns, so they don't really matter. But you never know when the code will change, and any compiler will wipe the NULL assignment. Signed-off-by: Volker Lendecke Reviewed-by: Noel Power commit e9538317d853c5951b1ebbe393c3abb60ac73124 Author: Volker Lendecke Date: Sat Sep 14 15:21:49 2024 +0200 rpc_host: Fix max_workers calculation To limit max_workers into 16 bits, cap it at UINT16_MAX (65535, not 65536) Signed-off-by: Volker Lendecke Reviewed-by: Noel Power commit 658b78a04811eb4d14ab66c74bc42c0bbc7aba99 Author: Volker Lendecke Date: Sat Sep 14 13:37:13 2024 +0200 rpc_server: Fix a comment Signed-off-by: Volker Lendecke Reviewed-by: Noel Power --- Summary of changes: ctdb/config/debug_locks.sh | 2 +- ctdb/server/ctdb_lock.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7bd8234152c README: Add languages to code blocks for highlighting from 22edd69503f smbd: improve reinit_after_fork error handling https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7bd8234152ced1c7f2ea75f4535a8f532b3ee211 Author: Andreas Schneider Date: Fri Jun 28 13:01:24 2024 +0200 README: Add languages to code blocks for highlighting Signed-off-by: Andreas Schneider Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Sep 5 14:27:30 UTC 2024 on atb-devel-224 --- Summary of changes: README.Coding.md | 50 +- 1 file changed, 25 insertions(+), 25 deletions(-) Changeset truncated at 500 lines: diff --git a/README.Coding.md b/README.Coding.md index 53a829cb4f2..31445cdcfbe 100644 --- a/README.Coding.md +++ b/README.Coding.md @@ -48,7 +48,7 @@ are the highlights. Add the follow to your $HOME/.emacs file: -``` +```lisp (add-hook 'c-mode-hook (lambda () (c-set-style "linux") @@ -63,7 +63,7 @@ Add the follow to your $HOME/.emacs file: For the basic vi editor included with all variants of \*nix, add the following to $HOME/.exrc: -``` +```vim set tabstop=8 set shiftwidth=8 ``` @@ -71,7 +71,7 @@ following to $HOME/.exrc: For Vim, the following settings in $HOME/.vimrc will also deal with displaying trailing whitespace: -``` +```vim if has("syntax") && (&t_Co > 2 || has("gui_running")) syntax on function! ActivateInvisibleCharIndicator() @@ -113,7 +113,7 @@ of multiple following code blocks. This is good: -``` +```c ... int i; @@ -153,7 +153,7 @@ This is good: This is bad: -``` +```c ... int i; /* @@ -191,7 +191,7 @@ align the parameter list with the first parameter on the previous line. Use tabs to get as close as possible and then fill in the final 7 characters or less with whitespace. For example, -``` +```c var1 = foo(arg1, arg2, arg3); ``` @@ -214,13 +214,13 @@ Always follow an `if` keyword with a space but don't include additional spaces following or preceding the parentheses in the conditional. This is good: -``` +```c if (x == 1) ``` This is bad: -``` +```c if ( x == 1 ) ``` @@ -246,7 +246,7 @@ loop. Good examples: -``` +```c if (x == 1) { printf("good\n"); } @@ -269,7 +269,7 @@ Good examples: Bad examples: -``` +```c while (1) { print("I'm in a loop!\n"); } @@ -296,7 +296,7 @@ idea. Good Examples: -``` +```c int function foo(int y) { int *z = NULL; @@ -338,7 +338,7 @@ lib/replace/, new code should adhere to the following conventions: Most of the time a good name for a boolean variable is 'ok'. Here is an example we often use: -``` +```c bool ok; ok = foo(); @@ -367,7 +367,7 @@ instructions sequence may change over time. Good Example: -``` +```c char *pointer1 = NULL; char *pointer2 = NULL; @@ -380,7 +380,7 @@ Good Example: Bad Example: -``` +```c char *pointer1; char *pointer2; @@ -441,7 +441,7 @@ it's also easier to use the "step" command within gdb. Good Example: -``` +```c char *name = NULL; int ret; @@ -457,7 +457,7 @@ Good Example: Bad Example: -``` +```c ret = some_function_my_name(get_some_name()); ... ``` @@ -468,7 +468,7 @@ debugger. Good example: -``` +```c x = malloc(sizeof(short)*10); if (x == NULL) { fprintf(stderr, "Unable to alloc memory!\n"); @@ -477,7 +477,7 @@ Good example: Bad example: -``` +```c if ((x = malloc(sizeof(short)*10)) == NULL ) { fprintf(stderr, "Unable to alloc memory!\n"); } @@ -486,7 +486,7 @@ Bad example: There are exceptions to this rule. One example is walking a data structure in an iterator style: -``` +```c while ((opt = poptGetNextOpt(pc)) != -1) { ... do something with opt ... } @@ -499,7 +499,7 @@ rarely exists for this particular use case, and we gain some efficiency because the DBG_ macros don't evaluate their arguments if the debuglevel is not high enough. -``` +```c if (!NT_STATUS_IS_OK(status)) { struct dom_sid_buf sid_buf; struct GUID_txt_buf guid_buf; @@ -528,7 +528,7 @@ like `CHECK_STATUS`, `CHECK_VAL` and others. Don't do this: -``` +```c frame = talloc_stackframe(); if (ret == LDB_SUCCESS) { @@ -551,7 +551,7 @@
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ecb8a99a2c7 smbd: use metadata_fsp(fsp) in copy_access_posix_acl() for SMB_VFS_SYS_ACL_SET_FD via 09835608307 smbtorture: test creating stream doesn't crash when using "inherit permissions = yes" from 22182f90e8e vfs_ceph_new: handle case of readlinkat with empty name string https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ecb8a99a2c7ba36f9adc50ef13cd8465a0c49b19 Author: Ralph Boehme Date: Fri Jul 5 16:22:18 2024 +0200 smbd: use metadata_fsp(fsp) in copy_access_posix_acl() for SMB_VFS_SYS_ACL_SET_FD When inherting permissions on the created stream, we call into the VFS to fetch the streams security descriptor via inherit_access_posix_acl() -> copy_access_posix_acl() -> SMB_VFS_SYS_ACL_SET_FD() passing the stream fsp which triggers the assert SMB_ASSERT(!fsp_is_alternate_stream(fsp)) in vfswrap_sys_acl_set_fd() in vfs_default. Just passing the base fsp to the VFS fixes this. vfs_streams_depot which *does use* distinct backend filesystem files for the streams, currently does not apply permissions to the stream files at all, so the incomplete behaviour of vfs_streams_depot is not affected by this change. If in the future someone want to fix this defficiency in vfs_streams_depot, the module code can use fsp->stream_fsp to base decisions in VFS ops whether the module should carry out some action. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Sep 2 08:55:28 UTC 2024 on atb-devel-224 commit 09835608307ff2580f1aada84d44feddae17c80f Author: Ralph Boehme Date: Sat Jul 6 17:10:21 2024 +0200 smbtorture: test creating stream doesn't crash when using "inherit permissions = yes" BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke --- Summary of changes: selftest/target/Samba3.pm | 5 +++ source3/selftest/tests.py | 2 ++ source3/smbd/posix_acls.c | 4 ++- source4/torture/smb2/smb2.c| 2 ++ source4/torture/smb2/streams.c | 73 ++ 5 files changed, 85 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index aea64bf5d5d..a7dd1b20e66 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -2126,6 +2126,11 @@ sub setup_fileserver comment = Home directories browseable = No read only = No + +[inherit_perms] + path = $share_dir + vfs objects = streams_depot + inherit permissions = yes "; if (defined($more_conf)) { diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 2de6c8ecd45..88151caea11 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -1355,6 +1355,8 @@ for t in tests: plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/streams_xattr -U$USERNAME%$PASSWORD', 'streams_xattr') +elif t == "smb2.stream-inherit-perms": +plansmbtorture4testsuite(t, "fileserver", '//$SERVER/inherit_perms -U$USERNAME%$PASSWORD') elif t == "smb2.aio_delay": plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/aio_delay_inject -U$USERNAME%$PASSWORD') elif t == "smb2.delete-on-close-perms": diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 0f6a0d52e01..53a9c53f54a 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -4000,7 +4000,9 @@ static int copy_access_posix_acl(struct files_struct *from, goto done; } - ret = SMB_VFS_SYS_ACL_SET_FD(to, SMB_ACL_TYPE_ACCESS, posix_acl); + ret = SMB_VFS_SYS_ACL_SET_FD(metadata_fsp(to), +SMB_ACL_TYPE_ACCESS, +posix_acl); done: diff --git a/source4/torture/smb2/smb2.c b/source4/torture/smb2/smb2.c index 5b6477e47bc..28a62f49c47 100644 --- a/source4/torture/smb2/smb2.c +++ b/source4/torture/smb2/smb2.c @@ -178,6 +178,8 @@ NTSTATUS torture_smb2_init(TALLOC_CTX *ctx) torture_suite_add_suite(suite, torture_smb2_oplocks_init(suite)); torture_suite_add_suite(suite, torture_smb2_kernel_oplocks_init(suite)); torture_suit
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e2c8f718cad s4:torture/smb2: better error handling in create.c via 3fd40cb8a90 s4:torture/raw: better error handling in streams.c via 28fd1ea4a1b s4:torture/smb2: make use of torture_assert_*_equal_goto() in streams.c via e2a9cd1d02a s4:libcli/smb2: let smb2_deltree delete directory streams via b1b1f2ea6b9 s4:libcli: allow smb2_composite_unlink* to truncate the file before close via 41df9e1c74d s3:tests: make use of TMPDIR in test_symlink_traversal_*.sh via 87f85350cc6 lib/torture: add torture_assert_nttime_equal_goto() via d73c0e0d482 librpc/ndr: remove unused NDR_PUSH_ALLOC_SIZE() via 664eb193432 librpc/ndr: avoid alignment allocation in ndr_push_DATA_BLOB() from df103890f9f libndr: Streamline ndr_token_retrieve_cmp_fn https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e2c8f718cad576bffad66569cd6e86d87f1d9712 Author: Stefan Metzmacher Date: Thu Jul 25 11:58:37 2024 +0200 s4:torture/smb2: better error handling in create.c BUG: https://bugzilla.samba.org/show_bug.cgi?id=15656 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Aug 29 19:47:54 UTC 2024 on atb-devel-224 commit 3fd40cb8a90ec6a08f80d23a4ea3e782b7acff8a Author: Stefan Metzmacher Date: Thu Jul 25 11:06:18 2024 +0200 s4:torture/raw: better error handling in streams.c BUG: https://bugzilla.samba.org/show_bug.cgi?id=15656 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit 28fd1ea4a1b6f5aef060b4dbea14680eb16bdad4 Author: Stefan Metzmacher Date: Mon Jul 8 09:05:49 2024 +0200 s4:torture/smb2: make use of torture_assert_*_equal_goto() in streams.c We should fail immediately... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15656 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit e2a9cd1d02a4182085a59df774f85e57c4448b08 Author: Stefan Metzmacher Date: Thu Jul 18 16:22:55 2024 +0200 s4:libcli/smb2: let smb2_deltree delete directory streams BUG: https://bugzilla.samba.org/show_bug.cgi?id=15656 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit b1b1f2ea6b9d506190b28340bff01d46d2a885e8 Author: Stefan Metzmacher Date: Tue Jul 30 16:33:15 2024 +0200 s4:libcli: allow smb2_composite_unlink* to truncate the file before close This is needed to delete streams... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15656 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit 41df9e1c74d2465f86f21204a06a85b71711f313 Author: Stefan Metzmacher Date: Wed Aug 7 16:28:22 2024 +0200 s3:tests: make use of TMPDIR in test_symlink_traversal_*.sh Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit 87f85350cc688352cdda7d74fdc3f0f674b41c6d Author: Stefan Metzmacher Date: Tue Jul 30 13:57:25 2024 +0200 lib/torture: add torture_assert_nttime_equal_goto() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15656 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit d73c0e0d482355d79ff3c41cadc566f52f7b0f55 Author: Stefan Metzmacher Date: Thu Aug 29 13:27:48 2024 +0200 librpc/ndr: remove unused NDR_PUSH_ALLOC_SIZE() Pair-Programmed-With: Volker Lendecke Signed-off-by: Stefan Metzmacher Signed-off-by: Volker Lendecke Reviewed-by: Volker Lendecke commit 664eb193432e01dae3c26c083f745d16f0fd5c3d Author: Stefan Metzmacher Date: Thu Aug 29 13:26:04 2024 +0200 librpc/ndr: avoid alignment allocation in ndr_push_DATA_BLOB() Pair-Programmed-With: Volker Lendecke Signed-off-by: Stefan Metzmacher Signed-off-by: Volker Lendecke Reviewed-by: Volker Lendecke --- Summary of changes: lib/torture/torture.h | 9 +++ librpc/ndr/libndr.h| 6 -- librpc/ndr/ndr_basic.c | 9 ++- .../script/tests/test_symlink_traversal_smb1.sh| 12 ++-- .../tests/test_symlink_traversal_smb1_posix.sh | 12 ++-- .../script/tests/test_symlink_traversal_smb2.sh| 12 ++-- source4/libcli/raw/interfaces.h| 6 ++ source4/libcli/smb2/util.c | 46 +- source4/libcli/smb_composite/smb2.c| 63 +++ source4/torture/raw/streams.c | 31 ++--- source4/torture/smb2/create.c | 61 +++--- source4/torture/smb2/streams.c | 73 -- 12 files changed, 188 insertions(+), 152 deletions(-) Changeset
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via df103890f9f libndr: Streamline ndr_token_retrieve_cmp_fn via f43ae1ab1a8 libndr: Simplify ndr_token_retrieve_cmp_fn() from 56c48154028 libcli/smb: Fix failure of Smb3UnixTests.test_create_context_reparse https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit df103890f9febd5551d5bbff5498179866ab890e Author: Volker Lendecke Date: Wed Aug 28 12:32:45 2024 +0200 libndr: Streamline ndr_token_retrieve_cmp_fn Rename the public function to ndr_token_peek_cmp_fn, the only user does not remove the token. Factor out ndr_token_find to move the token-removing logic to ndr_token_retrieve, the only caller that does remove the token. Keep libndr at 6.0.0, this has not been released yet. Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Aug 29 08:40:52 UTC 2024 on atb-devel-224 commit f43ae1ab1a8803d8c5ad4e5f3dad63ccbe91aa54 Author: Volker Lendecke Date: Wed Aug 28 12:08:57 2024 +0200 libndr: Simplify ndr_token_retrieve_cmp_fn() Avoid an if-statement inside by passing a pointer-comparing function Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton --- Summary of changes: librpc/ABI/ndr-6.0.0.sigs | 2 +- librpc/ndr/libndr.h| 7 +++-- librpc/ndr/ndr.c | 68 -- librpc/ndr/ndr_dns_utils.c | 9 +++--- 4 files changed, 53 insertions(+), 33 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/ABI/ndr-6.0.0.sigs b/librpc/ABI/ndr-6.0.0.sigs index cfc27b32a9a..3244948abcc 100644 --- a/librpc/ABI/ndr-6.0.0.sigs +++ b/librpc/ABI/ndr-6.0.0.sigs @@ -266,8 +266,8 @@ ndr_syntax_id_null: uuid = {time_low = 0, time_mid = 0, time_hi_and_version = 0, ndr_syntax_id_to_string: char *(TALLOC_CTX *, const struct ndr_syntax_id *) ndr_token_max_list_size: size_t (void) ndr_token_peek: enum ndr_err_code (struct ndr_token_list *, const void *, uint32_t *) +ndr_token_peek_cmp_fn: enum ndr_err_code (struct ndr_token_list *, const void *, uint32_t *, comparison_fn_t) ndr_token_retrieve: enum ndr_err_code (struct ndr_token_list *, const void *, uint32_t *) -ndr_token_retrieve_cmp_fn: enum ndr_err_code (struct ndr_token_list *, const void *, uint32_t *, comparison_fn_t, bool) ndr_token_store: enum ndr_err_code (TALLOC_CTX *, struct ndr_token_list *, const void *, uint32_t) ndr_transfer_syntax_ndr: uuid = {time_low = 2324192516, time_mid = 7403, time_hi_and_version = 4553, clock_seq = "\237\350", node = "\b\000+\020H`"}, if_version = 2 ndr_transfer_syntax_ndr64: uuid = {time_low = 1903232307, time_mid = 48826, time_hi_and_version = 18743, clock_seq = "\203\031", node = "\265\333\357\234\3146"}, if_version = 1 diff --git a/librpc/ndr/libndr.h b/librpc/ndr/libndr.h index aafdc1536eb..223501ab781 100644 --- a/librpc/ndr/libndr.h +++ b/librpc/ndr/libndr.h @@ -721,8 +721,11 @@ enum ndr_err_code ndr_token_store(TALLOC_CTX *mem_ctx, struct ndr_token_list *list, const void *key, uint32_t value); -enum ndr_err_code ndr_token_retrieve_cmp_fn(struct ndr_token_list *list, const void *key, uint32_t *v, - int(*_cmp_fn)(const void*,const void*), bool erase); +enum ndr_err_code ndr_token_peek_cmp_fn(struct ndr_token_list *list, + const void *key, + uint32_t *v, + int (*_cmp_fn)(const void *, + const void *)); enum ndr_err_code ndr_token_retrieve(struct ndr_token_list *list, const void *key, uint32_t *v); enum ndr_err_code ndr_token_peek(struct ndr_token_list *list, const void *key, uint32_t *v); enum ndr_err_code ndr_pull_array_size(struct ndr_pull *ndr, const void *p); diff --git a/librpc/ndr/ndr.c b/librpc/ndr/ndr.c index 9e538f68267..16dc54463b8 100644 --- a/librpc/ndr/ndr.c +++ b/librpc/ndr/ndr.c @@ -1044,36 +1044,36 @@ _PUBLIC_ enum ndr_err_code ndr_token_store(TALLOC_CTX *mem_ctx, /* retrieve a token from a ndr context, using cmp_fn to match the tokens */ -_PUBLIC_ enum ndr_err_code ndr_token_retrieve_cmp_fn(struct ndr_token_list *list, -const void *key, uint32_t *v, -comparison_fn_t _cmp_fn, -bool erase) +static enum ndr_err_code ndr_token_find(struct ndr_token_list *list, + const void *key, +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 56c48154028 libcli/smb: Fix failure of Smb3UnixTests.test_create_context_reparse from 5e278a52646 smb2_ioctl: fix truncated FSCTL_QUERY_ALLOCATED_RANGES responses https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 56c48154028207a831242fe6f4ca28fb64b60faf Author: Noel Power Date: Wed Aug 28 16:19:27 2024 +0100 libcli/smb: Fix failure of Smb3UnixTests.test_create_context_reparse On tumbleweed at least the definition in py_reparse_put of 'reserved' as 'unsigned' causes the tag value to be overwritten. Note: ParseTuple is given a format of 'Kk' where K = unsigned long long (for tag) k = unsigned long (for reserved) The problem is 'reserved' is defined as 'unsigned' which on a 64 bit linux system has size 4. The size however of the 'unsigned long' type on the same 64 bit system is 8. This causes 'tag' to be overwritten by the value of 'reserved' because it's destination size is smaller than expected. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15702 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Aug 28 18:38:01 UTC 2024 on atb-devel-224 --- Summary of changes: libcli/smb/py_reparse_symlink.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/libcli/smb/py_reparse_symlink.c b/libcli/smb/py_reparse_symlink.c index d28a8fd8b93..5e2e961ef01 100644 --- a/libcli/smb/py_reparse_symlink.c +++ b/libcli/smb/py_reparse_symlink.c @@ -30,7 +30,7 @@ static PyObject *py_reparse_put(PyObject *module, PyObject *args) char *reparse = NULL; Py_ssize_t reparse_len; unsigned long long tag = 0; - unsigned reserved = 0; + unsigned long reserved = 0; uint8_t *buf = NULL; ssize_t buflen; PyObject *result = NULL; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fab7416a3d2 idl: dnsp.h references NTTIME via 50c7373f449 idl: misc.idl references DATA_BLOB via 707265817c0 pidl: Add headerhelper idl property via 7548d9ad5a2 lib: Make a few functions static via 1cdb9605b5d libsmb: Simplify pdb_sethexpwd with hex_byte() via f10160af895 pidl:Samba4/Header: only include ntstatus.h if required via 282ee7dd3f9 pidl: add scalarTypeUsed() helper to find if a type was actually used... via 1602b0120ba lib: Add libcli/util/ntstatus.h in a few headers where it's needed via 9b0fe3e66a1 idl: Remove unused KRB5_EDATA_NTSTATUS via 25370c79af8 smbd: Inline set_sticky_write_time_path into set_sticky_write_time_fsp via 6d356dcbaf4 smbd: Modernize a few DEBUGs via 367bea1ca53 smbd: Introduce "ace" helper variable via 99e4dc2ee12 idl: security.idl compiles with only secace.h via cca1bf8793b pidl: replace.h is sufficient in ndr_*.c via 56ec6fe5ed0 lib: Add a few explicit includes via 8291eb5f9b2 libndr: Use _talloc_array() to benefit from overflow protection via 4a200370764 libndr: Remove 368 bytes from R/W data into R/O text segment via 93b2651896d smbd: Modernize a few DEBUGs via 3cc3329420e ctdb: Add a NULL check to convert_node_map_to_list() from 232ab02faf9 source3/wscript: Introduce auto mode to build ceph vfs modules https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fab7416a3d2e1e7d59579449deda490c16b6df69 Author: Volker Lendecke Date: Sun Aug 25 19:50:34 2024 +0200 idl: dnsp.h references NTTIME Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Aug 27 08:36:11 UTC 2024 on atb-devel-224 commit 50c7373f449a71dcc0de20ea1c75cc47ec6c8a3b Author: Volker Lendecke Date: Sun Aug 25 19:51:00 2024 +0200 idl: misc.idl references DATA_BLOB Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton commit 707265817c02285d6a139c3e23ec5e9f6690a93d Author: Volker Lendecke Date: Fri Aug 23 16:39:58 2024 +0200 pidl: Add headerhelper idl property Add includes to for example misc.h if needed, so that misc.h can be directly included without prerequisites Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton commit 7548d9ad5a23f7282e8a6028040c48d16dcca63f Author: Volker Lendecke Date: Sun Aug 25 19:29:24 2024 +0200 lib: Make a few functions static Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton commit 1cdb9605b5d22b5f34889e090fe94e3bc019416e Author: Volker Lendecke Date: Sun Aug 25 12:08:49 2024 +0200 libsmb: Simplify pdb_sethexpwd with hex_byte() Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton commit f10160af8959a7211cea4d16d777141d8c52bfea Author: Stefan Metzmacher Date: Fri Aug 23 17:25:34 2024 +0200 pidl:Samba4/Header: only include ntstatus.h if required Pair-Programmed-With: Volker Lendecke Signed-off-by: Stefan Metzmacher Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton commit 282ee7dd3f99ec0ed1691b25aacfad96d4b11514 Author: Stefan Metzmacher Date: Fri Aug 23 17:24:19 2024 +0200 pidl: add scalarTypeUsed() helper to find if a type was actually used... Pair-Programmed-With: Volker Lendecke Signed-off-by: Stefan Metzmacher Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton commit 1602b0120bae2296fa8edca8cbd35dacb41001c8 Author: Volker Lendecke Date: Fri Aug 23 15:53:51 2024 +0200 lib: Add libcli/util/ntstatus.h in a few headers where it's needed Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton commit 9b0fe3e66a114a465b68fde766b9ba9c1b95224b Author: Volker Lendecke Date: Fri Aug 23 15:39:30 2024 +0200 idl: Remove unused KRB5_EDATA_NTSTATUS I think the last user went away with e2028837b95 in 2017 Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton commit 25370c79af8194ed69911a4d45824c488f2aae37 Author: Volker Lendecke Date: Thu Jul 25 13:23:21 2024 +0200 smbd: Inline set_sticky_write_time_path into set_sticky_write_time_fsp Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton commit 6d356dcbaf45f4a36d474881002eb6586c955233 Author: Volker Lendecke Date: Mon Aug 5 13:45:07 2024 +0200 smbd: Modernize a few DEBUGs Signed-off-by: Volker Lendecke Reviewed-by: Jennifer Sutton commit 367bea1ca5387484046f4c7105b31b2f48eb9141 Author: Volker Lendecke Date: Mon Aug 5 13:42:09 2024 +0200 smbd: Introduce "ace" helper variable Use "psd->dacl->aces[0]" once instead of 3 times Signed-off-by: Vol
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 168966a0530 s3:smbd: fix NULL dereference in case of readlink failure from b0996ed589a s3:tests: Fix spelling error https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 168966a053045476a84044aa73f66722eb702fe0 Author: Shachar Sharon Date: Thu Aug 22 14:44:28 2024 +0300 s3:smbd: fix NULL dereference in case of readlink failure When VFS readlinkat hook returns with error the following sequence yields NULL-pointer dereference (SIGSEGV): symlink_target_below_conn (source3/smbd/open.c) char *target = NULL; ... readlink_talloc (source3/smbd/files.c) SMB_VFS_READLINKAT smb_vfs_call_readlinkat (source3/smbd/vfs.c) handle->fns->readlinkat_fn --> returns error status = safe_symlink_target_path(.., target /* NULL */ ..) safe_symlink_target_path (source3/smbd/filename.c) if (target[0] == '/') { /* NULL pointer dereference */ A failure in VFS module's readlinkat hook may happen due to run-time error (e.g., network failure which cases libcephfs to disconnect from MDS). Bug: https://bugzilla.samba.org/show_bug.cgi?id=15700 Signed-off-by: Shachar Sharon Reviewed-by: John Mulligan Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Aug 23 09:27:06 UTC 2024 on atb-devel-224 --- Summary of changes: source3/smbd/open.c | 4 1 file changed, 4 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/smbd/open.c b/source3/smbd/open.c index a1c1c259e5c..0e36db0a85e 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -582,6 +582,10 @@ static NTSTATUS symlink_target_below_conn( talloc_tos(), dirfsp, symlink_name, &target); } + if (!NT_STATUS_IS_OK(status)) { + return status; + } + status = safe_symlink_target_path(talloc_tos(), connection_path, dirfsp->fsp_name->base_name, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8edb1fd13c1 ctdb-tcp: Remove a use of ctdb_addr_to_str() via afaf1511938 ctdb-tcp: Consolidate failure code via f7aac2f7553 ctdb-tcp: Use already constructed node name via 02c9e7a63f0 ctdb-tcp: Use path_rundir_append() to construct lock_path via 17959ccb4b1 ctdb-ib: Remove a use of ctdb_set_error() via b4336634145 ctdb-tcp: Factor out listening code to avoid repetition via 2c75bb86873 ctdb-tcp: Use talloc_strdup() instead of repeating logic via f36f03172af ctdb-daemon: Remove a use of ctdb_errstr() from a18c45046d2 libsmb: Remove cli_state->raw_status https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8edb1fd13c1d1c02a25f5991d985c1c81b066760 Author: Martin Schwenke Date: Mon Aug 19 08:48:43 2024 +1000 ctdb-tcp: Remove a use of ctdb_addr_to_str() This one is in a rarely used error path, so call a function that talloc()s the string instead. Again, this will also print the port, which might be useful if we ever add the ability to also specify ports in the nodes list. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Aug 20 14:24:14 UTC 2024 on atb-devel-224 commit afaf151193816e354b10f76be2798d642e2d27fa Author: Martin Schwenke Date: Mon Aug 19 08:45:43 2024 +1000 ctdb-tcp: Consolidate failure code Same thing several times, so change to common failure code. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit f7aac2f7553bcdb609719529988aa8b33555dda9 Author: Martin Schwenke Date: Sun Aug 18 20:49:30 2024 +1000 ctdb-tcp: Use already constructed node name Node has been found, so use the pre-constructed name instead of calling ctdb_addr_to_str(). This will also print the port, which might be useful if we ever add the ability to also specify ports in the nodes list. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 02c9e7a63f00998bb0dae2e8c6bd8e020e9408da Author: Martin Schwenke Date: Fri Aug 9 11:20:06 2024 +1000 ctdb-tcp: Use path_rundir_append() to construct lock_path The current constant value doesn't respect CTDB_TEST_MODE/CTDB_BASE. Instead use the path module to allow automatic listening in test mode with local daemons. A single node can be tested with local daemons, using something like: $ tests/local_daemons.sh foo setup -n 1 -C "node address" $ grep "node address" foo/node.0/ctdb.conf # node address = 127.0.0.1 $ tests/local_daemons.sh foo start all $ tests/local_daemons.sh foo print-log 0 | grep -i chose ... node.0 ctdbd[24546]: ctdb chose network address 127.0.0.1:4379 The trick is that commenting out the node address in ctdb.conf means the chosen node address is the first one from the nodes file that allows bind/listen. In this case it is the only line. The following ensures that automatic listening works for a node that isn't the first: $ cat >mynodes 192.168.1.1 127.0.0.1 $ tests/local_daemons.sh foo setup -n 2 -N mynodes -C "node address" $ grep "node address" foo/node.1/ctdb.conf # node address = 127.0.0.1 $ tests/local_daemons.sh foo start 1 $ tests/local_daemons.sh foo print-log 1 | grep -i chose [...] node.1 ctdbd[22787]: ctdb chose network address 127.0.0.1:4379 Note that the first address isn't local on this host, so will always fail. So, doing the above and starting both nodes yields... ... $ tests/local_daemons.sh foo start 1 $ sleep 3; tests/local_daemons.sh foo start 0 $ tests/local_daemons.sh foo print-log all | grep -i 'chose\|bind' [...] node.1 ctdbd[26351]: ctdb chose network address 127.0.0.1:4379 [...] node.0 ctdbd[26438]: ctdb_tcp_listen_addr: Failed to bind() to socket - Address already in use (98) [...] node.0 ctdbd[26438]: Unable to bind to any node address - giving up ... as expected. It would be nice to add tests for this, but we don't really have infrastructure for that. At least manual testing shows, for the obvious cases, the previous commits didn't break anything. :-) Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 17959ccb4b141612524f34270bc761d07fa1e54a Author: Martin Schwenke Date: Fri Jul 26 10:45:36 2024 +1000 ctdb-ib: Remove a use of ctdb_set_error() Now the transport code is free of ctdb_set_error(). Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit b43366341456e6848c401727e9d71633ad8a
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a18c45046d2 libsmb: Remove cli_state->raw_status via bdedf5d0eec libsmb: Remove unused cli_is_error() via 8171a1ccd3f libsmb: Remove a call to cli_is_error() via e071ec1ffe0 libsmb: Remove unused cli_errno() via e43a05ee3b5 libsmb: Don't set errno in cli_NetServerEnum() via 2d361cc1034 libsmb: Convert cli_NetServerEnum() to return NTSTATUS via b9c018d17ec libsmb: Remove a reference to cli_errno() via 16c31fe8049 libsmb: Remove unused cli_nt_error() via ac5713f3b27 libsmb: Make cli_api() static to clirap2.c via e02e6f28a93 torture3: Convert run_randomipc() away from cli_api() via ee174fb050c libsmb: Convert cli_NetServerEnum() away from cli_api() via c58ff4367a6 libsmb: Convert cli_RNetShareEnum() to NTSTATUS via 9812f87268c libsmb: Convert cli_RNetShareEnum() away from cli_api() via 76810077381 libsmb: Reduce indentation in cli_RNetShareEnum() via b1d5b8ef239 libsmb: Convert cli_oem_change_password() to NTSTATUS via 40e2fdfc6bb libsmb: Simplify smb1cli_trans_recv() via fd9a0dc9a9b libsmb: Remove a pointless variable via cf61617198c utils: Fix "net rap password" return code via 78a1e2817d6 libsmb: Fix cli_oem_change_password() via 86cc6f59cff libsmb: Convert cli_oem_change_password() away from cli_api() via 4f3a6dc8b0b samr: Avoid a "ret == false" for a bool via c6d9cb9b114 build: Fix LIBCLI_SAMR dependencies via b0e91608f2d libsmb: Remove a pointless variable assignment via 565f20d281d libsmb: Avoid an "else", we return in the "true" branch via 6d33f9935fd libsmb: Swap if/else branches in remote_password_change via bdabd9fff71 libsmb: Avoid an "else", we return in the "true" branch. via 18d506f521a libsmb: Modernize two DEBUGs via 73c6a7f13c2 libsmb: Make cli_qpathinfo_standard() static from 61d9c0d92e8 smbd: add options "fs:[logical|aligned|performance|effective aligned] bytes per sector" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----- commit a18c45046d2d7b69c7a5c9c20e911179f16c17ff Author: Volker Lendecke Date: Mon Aug 19 11:36:02 2024 +0200 libsmb: Remove cli_state->raw_status All callers which looked at this are gone Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Aug 20 10:57:12 UTC 2024 on atb-devel-224 commit bdedf5d0eec8d7e8d74917446c71c6e5d7dddf98 Author: Volker Lendecke Date: Mon Aug 19 11:25:52 2024 +0200 libsmb: Remove unused cli_is_error() Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 8171a1ccd3fbdd1f76669b4d39a7fb2d75040b41 Author: Volker Lendecke Date: Mon Aug 19 11:24:24 2024 +0200 libsmb: Remove a call to cli_is_error() We are already in the !NT_STATUS_IS_OK if-branch, so this call was redundant Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit e071ec1ffe03945d4b856c001551d5215236b574 Author: Volker Lendecke Date: Mon Aug 19 09:30:42 2024 +0200 libsmb: Remove unused cli_errno() Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit e43a05ee3b512f77e524e86e1d41772598ab6a67 Author: Volker Lendecke Date: Mon Aug 19 09:28:45 2024 +0200 libsmb: Don't set errno in cli_NetServerEnum() No caller looks at it, and if someone should ever want to return a more informative error, we now have NTSTATUS Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 2d361cc1034a18c36bc57d23cd3a413b1510795f Author: Volker Lendecke Date: Mon Aug 19 09:26:51 2024 +0200 libsmb: Convert cli_NetServerEnum() to return NTSTATUS Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit b9c018d17ecd10c9a860fbce5d8b2e391767c975 Author: Volker Lendecke Date: Mon Aug 19 09:10:03 2024 +0200 libsmb: Remove a reference to cli_errno() If I see it correctly, this case was already covered by checking the return code of cli_trans() a few lines above. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 16c31fe80492051445b55da8a319296d389833cf Author: Volker Lendecke Date: Sun Aug 18 21:47:01 2024 +0200 libsmb: Remove unused cli_nt_error() Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit ac5713f3b27337c281302e3fc9b5ecf641481c27 Author: Volker Lendecke Date: Sun Aug 18 21:45:58 2024 +0200 libsmb: Make cli_api() static to clirap2.c Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit e02e6f28a938a52c2221f397d27d6ede
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c0d0767a3ab script/autobuild.py: do some basic testing using --without-winbind via 5b31b723c06 s3:lib: add winbind_lookup_name_ex() fallback for --without-winbind from 2686a189c6c smbd: Assert we have an fsp in smbd_do_setfilepathinfo https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c0d0767a3ab2c0cd5c4f2fa5cd77f3b678794d63 Author: Stefan Metzmacher Date: Tue Aug 6 17:45:37 2024 +0200 script/autobuild.py: do some basic testing using --without-winbind BUG: https://bugzilla.samba.org/show_bug.cgi?id=15687 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Aug 7 07:38:35 UTC 2024 on atb-devel-224 commit 5b31b723c06a0b41f9d47e47ce79818e07d3b831 Author: Stefan Metzmacher Date: Tue Aug 6 17:20:38 2024 +0200 s3:lib: add winbind_lookup_name_ex() fallback for --without-winbind BUG: https://bugzilla.samba.org/show_bug.cgi?id=15687 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke --- Summary of changes: script/autobuild.py| 9 + source3/lib/winbind_util.c | 11 +++ 2 files changed, 20 insertions(+) Changeset truncated at 500 lines: diff --git a/script/autobuild.py b/script/autobuild.py index e610f0e8821..d059caec471 100755 --- a/script/autobuild.py +++ b/script/autobuild.py @@ -1082,6 +1082,15 @@ tasks = { ("nonshared-lcov", LCOV_CMD), ("nonshared-check-clean-tree", CLEAN_SOURCE_TREE_CMD), ("nonshared-clean", "make clean"), + +# retry without winbindd +("nonwinbind-distclean", "make distclean"), +("nonwinbind-configure", "./configure.developer " + samba_configure_params + " --bundled-libraries=ALL --with-static-modules=ALL --without-winbind"), +("nonwinbind-make", "make -j"), +("nonwinbind-test", make_test(TESTS="samba3.smb2.*.simpleserver")), +("nonwinbind-lcov", LCOV_CMD), +("nonwinbind-check-clean-tree", CLEAN_SOURCE_TREE_CMD), +("nonwinbind-clean", "make clean"), ], }, diff --git a/source3/lib/winbind_util.c b/source3/lib/winbind_util.c index 0852c3d0281..ece0cbf2114 100644 --- a/source3/lib/winbind_util.c +++ b/source3/lib/winbind_util.c @@ -363,6 +363,17 @@ bool winbind_lookup_name(const char *dom_name, const char *name, struct dom_sid return false; } +_PRIVATE_ +NTSTATUS winbind_lookup_name_ex(const char *dom_name, + const char *name, + struct dom_sid *sid, + enum lsa_SidType *name_type) +{ + *name_type = SID_NAME_UNKNOWN; + ZERO_STRUCTP(sid); + return NT_STATUS_OK; +} + /* Call winbindd to convert sid to name */ bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 48963251fb0 s4:torture: Fix memory leak via a1055956979 s4:torture: Remove trailing spaces from smbtorture.c from 10e9b858a3f docs: Document parametric form of hide and veto files https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 48963251fb04cce4d081408857c0c3a0f6861f4c Author: Andreas Schneider Date: Thu Aug 1 09:32:49 2024 +0200 s4:torture: Fix memory leak Direct leak of 102 byte(s) in 1 object(s) allocated from: #0 0x7f35322fc7d7 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69 #1 0x7f3531e43bc2 in __talloc_with_prefix ../../lib/talloc/talloc.c:783 #2 0x7f3531e45034 in __talloc ../../lib/talloc/talloc.c:825 #3 0x7f3531e45034 in __talloc_strlendup ../../lib/talloc/talloc.c:2454 #4 0x7f3531e45034 in talloc_strdup ../../lib/talloc/talloc.c:2470 #5 0x7f352f90264b in smbcli_parse_unc ../../source4/libcli/cliconnect.c:269 #6 0x55fbf83aa207 in torture_parse_target ../../source4/torture/smbtorture.c:192 #7 0x55fbf83ae031 in main ../../source4/torture/smbtorture.c:744 #8 0x7f352ca2a1ef in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Aug 1 16:55:43 UTC 2024 on atb-devel-224 commit a1055956979ac5f2101efa9c50c923ef1f270cef Author: Andreas Schneider Date: Thu Aug 1 10:22:38 2024 +0200 s4:torture: Remove trailing spaces from smbtorture.c Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: source4/torture/smbtorture.c | 25 ++--- 1 file changed, 14 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/smbtorture.c b/source4/torture/smbtorture.c index ad1280be7d8..7c5a6f78dbb 100644 --- a/source4/torture/smbtorture.c +++ b/source4/torture/smbtorture.c @@ -1,19 +1,19 @@ -/* +/* Unix SMB/CIFS implementation. SMB torture tester Copyright (C) Andrew Tridgell 1997-2003 Copyright (C) Jelmer Vernooij 2006-2008 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -73,7 +73,7 @@ static void print_test_list(const struct torture_suite *suite, const char *prefi } static bool run_matching(struct torture_context *torture, -const char *prefix, +const char *prefix, const char *expr, const char **restricted, struct torture_suite *suite, @@ -189,7 +189,7 @@ bool torture_parse_target(TALLOC_CTX *ctx, NTSTATUS status; /* see if its a RPC transport specifier */ - if (!smbcli_parse_unc(target, NULL, &host, &share)) { + if (!smbcli_parse_unc(target, ctx, &host, &share)) { const char *h; status = dcerpc_parse_binding(ctx, target, &binding_struct); @@ -211,6 +211,9 @@ bool torture_parse_target(TALLOC_CTX *ctx, lpcfg_set_cmdline(lp_ctx, "torture:host", host); lpcfg_set_cmdline(lp_ctx, "torture:share", share); lpcfg_set_cmdline(lp_ctx, "torture:binding", host); + + TALLOC_FREE(host); + TALLOC_FREE(share); } return true; @@ -450,7 +453,7 @@ int main(int argc, const char *argv[]) "run async tests", NULL}, {"num-async",0, POPT_ARG_INT, &torture_numasync, 0, "number of simultaneous async requests", NULL}, - {"maximum-runtime", 0, POPT_ARG_INT, &max_runtime, 0, + {"maximum-runtime", 0, POPT_ARG_INT, &max_runtime, 0, "set maximum time for smbtorture to live", "seconds"}, {"extra-user", 0, POPT_ARG_STRING, NULL, OPT_EXTRA_U
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7dc19dd94cb s4:torture/smb2: add 'smb2.bench.session-setup' from 3bb6d441bf0 vfs_ceph_new: common prefix to debug-log messages https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7dc19dd94cb9c977ee61529543a841d1f7bc5259 Author: Stefan Metzmacher Date: Tue Jun 18 16:44:37 2024 +0200 s4:torture/smb2: add 'smb2.bench.session-setup' This test loops over session-setup/logoff as fast as possible, for nprocs * qdepth loops. It was created to demonstrate the krb5 replay cache problem (at least with MIT kerberos before 1.18, I've tested with 1.15 only). This forces kerberos with the machine account: time smbtorture //fileserver.example.com/ipc\$ \ smb2.bench.session-setup \ --option="torture:timelimit=600" \ --option="torture:nprocs=50" \ --option="torture:qdepth=1" \ --machine-pass \ --use-kerberos=required This forces ntlmssp with the machine account: time smbtorture //fileserver.example.com/ipc\$ \ smb2.bench.session-setup \ --option="torture:timelimit=600" \ --option="torture:nprocs=50" \ --option="torture:qdepth=1" \ --machine-pass \ --use-kerberos=off This forces anonymous ntlmssp (without depending on the DC performance): time smbtorture //fileserver.example.com/ipc\$ \ smb2.bench.session-setup \ --option="torture:timelimit=600" \ --option="torture:nprocs=50" \ --option="torture:qdepth=1" \ -U% \ --use-kerberos=off Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Jul 30 15:18:42 UTC 2024 on atb-devel-224 --- Summary of changes: source4/torture/smb2/bench.c | 477 +++ 1 file changed, 477 insertions(+) Changeset truncated at 500 lines: diff --git a/source4/torture/smb2/bench.c b/source4/torture/smb2/bench.c index a91ca6c08d3..2474028a723 100644 --- a/source4/torture/smb2/bench.c +++ b/source4/torture/smb2/bench.c @@ -20,6 +20,7 @@ */ #include "includes.h" +#include "lib/param/param.h" #include "libcli/smb2/smb2.h" #include "libcli/smb2/smb2_calls.h" #include "libcli/smb/smbXcli_base.h" @@ -1361,6 +1362,481 @@ static bool test_smb2_bench_read(struct torture_context *tctx, return ret; } +/* + stress testing session setups + */ + +struct test_smb2_bench_session_setup_shared_conn; +struct test_smb2_bench_session_setup_shared_loop; + +struct test_smb2_bench_session_setup_shared_state { + struct torture_context *tctx; + struct cli_credentials *credentials; + struct gensec_settings *gensec_settings; + size_t num_conns; + struct test_smb2_bench_session_setup_shared_conn *conns; + size_t num_loops; + struct test_smb2_bench_session_setup_shared_loop *loops; + struct timeval starttime; + int timecount; + int timelimit; + struct { + uint64_t num_finished; + double total_latency; + double min_latency; + double max_latency; + } setups; + struct { + uint64_t num_finished; + double total_latency; + double min_latency; + double max_latency; + } logoffs; + bool ok; + bool stop; +}; + +struct test_smb2_bench_session_setup_shared_conn { + struct test_smb2_bench_session_setup_shared_state *state; + int idx; + struct smb2_transport *transport; +}; + +struct test_smb2_bench_session_setup_shared_loop { + struct test_smb2_bench_session_setup_shared_state *state; + struct test_smb2_bench_session_setup_shared_conn *conn; + int idx; + struct smb2_session *session; + struct tevent_immediate *im; + struct { + struct tevent_req *req; + struct timeval starttime; + uint64_t num_started; + uint64_t num_finished; + double total_latency; + double min_latency; + double max_latency; + } setups; + struct { + struct smb2_request *req; + struct timeval starttime; + uint64_t num_started; + uint64_t num_finished; + double total_latency; + double min_latency; + double max_latency; + } logoffs; + NTSTATUS error; +}; + +static void
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c9c74d819a2 s3:rpc_server: Initialize array struct security_ace ace[] via f434524b472 s4:torture: Initialize struct smb2_handle consistently in lease.c via fd4afa309ef s3:registry: Initialize struct security_ace ace[] via 275ffbf5606 s3:rpcclient: Initialize spoolss_DriverDirectoryInfo info via af3868d7036 s3:utils: Initialize DATA_BLOB blob from 8292481bc06 smbd: Don't talloc_zero where we assign the struct a line below https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c9c74d819a2749e56626144714a555948149754c Author: Pavel Filipenský Date: Wed Jul 3 17:55:31 2024 +0200 s3:rpc_server: Initialize array struct security_ace ace[] Error: UNINIT (CWE-457): samba-4.20.0rc2/source4/torture/smb2/lease.c:567: var_decl: Declaring variable "h" without initializer. samba-4.20.0rc2/source4/torture/smb2/lease.c:642: uninit_use_in_call: Using uninitialized value "h" when calling "smb2_util_close". 640| 641|done: 642|-> smb2_util_close(tree, h); 643| smb2_util_close(tree, h2); 644| Signed-off-by: Pavel Filipenský Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Jul 5 08:53:08 UTC 2024 on atb-devel-224 commit f434524b472f7c1ba34f4f4e5229722f7b73807d Author: Pavel Filipenský Date: Wed Jul 3 17:53:22 2024 +0200 s4:torture: Initialize struct smb2_handle consistently in lease.c Error: UNINIT (CWE-457): samba-4.20.0rc2/source4/torture/smb2/lease.c:567: var_decl: Declaring variable "h" without initializer. samba-4.20.0rc2/source4/torture/smb2/lease.c:642: uninit_use_in_call: Using uninitialized value "h" when calling "smb2_util_close". 640| 641|done: 642|-> smb2_util_close(tree, h); 643| smb2_util_close(tree, h2); 644| Signed-off-by: Pavel Filipenský Reviewed-by: Volker Lendecke commit fd4afa309efc97b75d032ca8f59b16b08c51f1c8 Author: Pavel Filipenský Date: Wed Jul 3 17:34:47 2024 +0200 s3:registry: Initialize struct security_ace ace[] Error: UNINIT (CWE-457): samba-4.20.0rc2/source3/registry/reg_dispatcher.c:43: var_decl: Declaring variable "ace" without initializer. samba-4.20.0rc2/source3/registry/reg_dispatcher.c:66: uninit_use_in_call: Using uninitialized value "*ace". Field "ace->object" is uninitialized when calling "make_sec_acl". 64| /* create the security descriptor */ 65| 66|-> theacl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace); 67| if (theacl == NULL) { 68| return WERR_NOT_ENOUGH_MEMORY; Signed-off-by: Pavel Filipenský Reviewed-by: Volker Lendecke commit 275ffbf5606735942b96afdaaa28fd824fe220ef Author: Pavel Filipenský Date: Wed Jul 3 17:33:20 2024 +0200 s3:rpcclient: Initialize spoolss_DriverDirectoryInfo info Error: UNINIT (CWE-457): samba-4.20.0rc2/source3/rpcclient/cmd_spoolss.c:1530: var_decl: Declaring variable "info" without initializer. samba-4.20.0rc2/source3/rpcclient/cmd_spoolss.c:1578: uninit_use_in_call: Using uninitialized value "info" when calling "display_printdriverdir_1". 1576| 1577| if (W_ERROR_IS_OK(result)) { 1578|-> display_printdriverdir_1(&info.info1); 1579| } 1580| Signed-off-by: Pavel Filipenský Reviewed-by: Volker Lendecke commit af3868d70367523db6d4ae4411e951baa5849803 Author: Pavel Filipenský Date: Wed Jul 3 17:30:51 2024 +0200 s3:utils: Initialize DATA_BLOB blob Error: UNINIT (CWE-457): samba-4.20.0rc2/source3/utils/regedit_dialog.c:1965: var_decl: Declaring variable "blob" without initializer. samba-4.20.0rc2/source3/utils/regedit_dialog.c:2044: uninit_use_in_call: Using uninitialized value "blob" when calling "reg_val_set". 2042| 2043| if (W_ERROR_IS_OK(rv)) { 2044|-> rv = reg_val_set(edit->key, name, edit->type, blob); 2045| } 2046| Signed-off-by: Pavel Filipenský Reviewed-by: Volker Lendecke --- Summary of changes: source3/registry/reg_dispatcher.c | 2 +- source3/rpc_server/lsa/srv_lsa_nt.c | 2 +- source3/rpcclient/cmd_spoolss.c | 2 +- source3/utils/regedit_dialog.c | 2 +- source4/torture/smb2/lease.c| 144 +--- 5 files changed, 70 insertions(+), 82 deletions(-) Changeset truncated at 500 lines: diff --git a/sour
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8292481bc06 smbd: Don't talloc_zero where we assign the struct a line below via e989d7383ef lib: Remove a few duplicate prototypes via a8405ed15b4 lib: Remove unused strnrchr_w via f31478e782f lib: Remove unused strnrchr_m via f1fae5403ea docs: "share:fake_fscaps" is per share, not global via 94f37866b5b smbd: Use new symlink_target_path routine via b91e257f565 libcli: New routine symlink_target_path for [MS-SMB2] 2.2.2.2.1.1 via 659cb9f7280 smbd: Rename symlink_target_path to _symlink_target_path from 93a3dd48d66 gitlab-ci: Also add the git directory for pipeline in the main mirror https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8292481bc06f0a6a905e1cd98f24269cf40161b2 Author: Volker Lendecke Date: Thu Jun 27 16:46:16 2024 +0200 smbd: Don't talloc_zero where we assign the struct a line below Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jul 4 16:31:39 UTC 2024 on atb-devel-224 commit e989d7383ef872e5b8cad41507ae0630d18efe61 Author: Volker Lendecke Date: Thu Jun 27 18:20:05 2024 +0200 lib: Remove a few duplicate prototypes Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit a8405ed15b4d0f073153620c251582eedf771c65 Author: Volker Lendecke Date: Thu Jun 27 17:54:56 2024 +0200 lib: Remove unused strnrchr_w Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit f31478e782ff28619f16be7dd95bf9d0f64f7d10 Author: Volker Lendecke Date: Thu Jun 27 17:54:01 2024 +0200 lib: Remove unused strnrchr_m Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit f1fae5403ea672eca0bc4c1bc641003a9e641695 Author: Volker Lendecke Date: Wed Jul 3 09:58:02 2024 +0200 docs: "share:fake_fscaps" is per share, not global Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 94f37866b5ba74f08509cac376c5d1ed84c9d3e3 Author: Volker Lendecke Date: Thu Jul 4 11:07:54 2024 +0200 smbd: Use new symlink_target_path routine Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit b91e257f565797849d384cce8f8a200755f71700 Author: Volker Lendecke Date: Wed Jul 3 15:55:46 2024 +0200 libcli: New routine symlink_target_path for [MS-SMB2] 2.2.2.2.1.1 Right now the only user is the user-space symlink following in smbd. We will use it in libsmb as well to correctly handle STOPPED_ON_SYMLINK. When trying to upstream that code I found the previous_slash function incredibly hard to understand. This new routine makes copy of "const char *_name_in", so that we can replace previous_slash with a simple strrchr_m. If that's too slow (which I doubt, this is "only" chasing symlinks) we can always do something smarter again. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 659cb9f728036e18834fac5bad99f8ef7ba5230e Author: Volker Lendecke Date: Wed Jul 3 15:38:18 2024 +0200 smbd: Rename symlink_target_path to _symlink_target_path Only temporary, next step is a new more general symlink_target_path routine, we'll need that in libcli/smb as well. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider --- Summary of changes: docs-xml/smbdotconf/protocol/sharefakefscaps.xml | 2 +- lib/util/charset/charset.h | 1 - lib/util/charset/util_unistr_w.c | 26 --- libcli/smb/reparse.c | 94 libcli/smb/reparse.h | 8 ++ source3/include/proto.h | 7 -- source3/lib/util_str.c | 35 - source3/smbd/filename.c | 81 +++- source3/smbd/files.c | 2 +- 9 files changed, 114 insertions(+), 142 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/protocol/sharefakefscaps.xml b/docs-xml/smbdotconf/protocol/sharefakefscaps.xml index 11f495526f5..31e7ebc0e75 100644 --- a/docs-xml/smbdotconf/protocol/sharefakefscaps.xml +++ b/docs-xml/smbdotconf/protocol/sharefakefscaps.xml @@ -1,5 +1,5 @@ http://www.samba.org/samba/DTD/samba-doc";> diff --git a/lib/util/charset/charset.h b/lib/util/charset/charset.h index 8452b5766d1..4316c1b2c6c 100644 --- a/lib/util/charset/charset.h +++ b/lib/util/charset/charset.h @@ -292,7 +292,6 @@ size_t strnlen_w(const smb_ucs2_t *src, size_t max); smb_ucs2_t *strchr_w(const smb_ucs2_t *s, smb_ucs2_t c); smb_uc
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6ba69da8d37 ctdb/wscript: Remove long pending unsupported option via 121687e7bd7 source3/wscript: Remove long pending unsupported option from 03e9575e38d s3:smbd: Avoid compiler warning for unused label https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6ba69da8d37cdc1c851835048b2eea5d13e1810f Author: Anoop C S Date: Tue Jul 2 10:57:28 2024 +0530 ctdb/wscript: Remove long pending unsupported option It has been a while since --with-libcephfs option was dropped. Therefore stop advertising it through waf scripts. Signed-off-by: Anoop C S Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Jul 2 09:13:20 UTC 2024 on atb-devel-224 commit 121687e7bd7d0f268347c3e4a37ffd5f06914a4d Author: Anoop C S Date: Tue Jul 2 10:56:45 2024 +0530 source3/wscript: Remove long pending unsupported option It has been a while since --with-libcephfs option was dropped. Therefore stop advertising it through waf scripts. Signed-off-by: Anoop C S Reviewed-by: Volker Lendecke --- Summary of changes: ctdb/wscript| 8 source3/wscript | 8 2 files changed, 16 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/wscript b/ctdb/wscript index a557d0a872e..6a16991f413 100644 --- a/ctdb/wscript +++ b/ctdb/wscript @@ -102,9 +102,6 @@ def options(opt): help=("Use pcap for packet capture (default=no)"), action="store_true", dest='ctdb_pcap', default=False) -opt.add_option('--with-libcephfs', - help=("Directory under which libcephfs is installed"), - action="store", dest='libcephfs_dir', default=None) opt.add_option('--enable-ceph-reclock', help=("Enable Ceph CTDB recovery lock helper (default=no)"), action="store_true", dest='ctdb_ceph_reclock', default=False) @@ -282,11 +279,6 @@ def configure(conf): Logs.info('Building with etcd support') conf.env.etcd_reclock = have_etcd_reclock -if Options.options.libcephfs_dir: -Logs.error('''--with-libcephfs no longer supported, please use compiler - flags instead, e.g. GCC LIBRARY_PATH and C_INCLUDE_PATH''') -sys.exit(1) - if Options.options.ctdb_ceph_reclock: if (conf.CHECK_HEADERS('rados/librados.h', False, False, 'rados') and conf.CHECK_LIB('rados', shlib=True)): diff --git a/source3/wscript b/source3/wscript index d8f04646b03..4415b373913 100644 --- a/source3/wscript +++ b/source3/wscript @@ -86,10 +86,6 @@ def options(opt): opt.samba_add_onoff_option('fake-kaserver', help=("Include AFS fake-kaserver support"), default=False) -opt.add_option('--with-libcephfs', - help=("Directory under which libcephfs is installed"), - action="store", dest='libcephfs_dir', default=None) - opt.samba_add_onoff_option('glusterfs', with_name="enable", without_name="disable", default=True) opt.samba_add_onoff_option('cephfs', with_name="enable", without_name="disable", default=True) @@ -1622,10 +1618,6 @@ int main(void) { conf.DEFINE('HAVE_LINUX_IOCTL', '1') conf.env['CFLAGS_CEPHFS'] = "-D_FILE_OFFSET_BITS=64" -if Options.options.libcephfs_dir: -Logs.error('''--with-libcephfs no longer supported, please use compiler - flags instead, e.g. GCC LIBRARY_PATH and C_INCLUDE_PATH''') -sys.exit(1) if (Options.options.with_cephfs and conf.CHECK_HEADERS('cephfs/libcephfs.h', False, False, 'cephfs') and -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 60550fbe184 Fix starvation of pending writes in CTDB queues from 6d3cfb4b1c6 s4:torture: Initialize param arrays https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 60550fbe184a5cefa55a8f0bab508f70def7a684 Author: Xavi Hernandez Date: Thu Jun 27 15:41:19 2024 +0200 Fix starvation of pending writes in CTDB queues CTDB uses a queue to receive requests and send answers. It works asynchronously using the tevent framework. However there was an issue that gave priority to the receiving side so, when a request was processed and the answer posted to the queue, if another incoming request arrived, it was served before sending the previous answer. This scenario could repeat for long periods of time if the frequency of incoming requests was high enough. Eventually, a small time gap between incoming request gave a chance to process the pending output queue, sending many answers in a burst. This patch makes sure that both queues (input and output) are processed if the event contains the appropriate flag. Signed-off-by: Xavi Hernandez Reviewed-by: Volker Lendecke Reviewed-by: Martin Schwenke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Jul 1 09:17:43 UTC 2024 on atb-devel-224 --- Summary of changes: ctdb/common/ctdb_io.c | 17 +++-- 1 file changed, 11 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/common/ctdb_io.c b/ctdb/common/ctdb_io.c index bf8bc73b77d..9ac9b84a7fb 100644 --- a/ctdb/common/ctdb_io.c +++ b/ctdb/common/ctdb_io.c @@ -272,7 +272,7 @@ static void queue_dead(struct tevent_context *ev, struct tevent_immediate *im, /* called when an incoming connection is writeable */ -static void queue_io_write(struct ctdb_queue *queue) +static bool queue_io_write(struct ctdb_queue *queue) { while (queue->out_queue) { struct ctdb_queue_pkt *pkt = queue->out_queue; @@ -294,14 +294,14 @@ static void queue_io_write(struct ctdb_queue *queue) queue->fd = -1; tevent_schedule_immediate(queue->im, queue->ctdb->ev, queue_dead, queue); - return; + return false; } - if (n <= 0) return; + if (n <= 0) return true; if (n != pkt->length) { pkt->length -= n; pkt->data += n; - return; + return true; } DLIST_REMOVE(queue->out_queue, pkt); @@ -310,6 +310,8 @@ static void queue_io_write(struct ctdb_queue *queue) } TEVENT_FD_NOT_WRITEABLE(queue->fde); + + return true; } /* @@ -320,10 +322,13 @@ static void queue_io_handler(struct tevent_context *ev, struct tevent_fd *fde, { struct ctdb_queue *queue = talloc_get_type(private_data, struct ctdb_queue); + if (flags & TEVENT_FD_WRITE) { + if (!queue_io_write(queue)) { + return; + } + } if (flags & TEVENT_FD_READ) { queue_io_read(queue); - } else { - queue_io_write(queue); } } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6b3135078e0 lib: Align an integer type via 5ae1605fc22 lib: Fix an error path memleak via 0321f31a8e1 lib: Use talloc_asprintf_addbufin _ber_read_OID_String_impl via 4313add2bf5 lib: Use unsigned long in ber_write_OID_String via 8f90ec12a56 lib: gensec.h references NTTIME, add time.h via b317408591d wbclient: Fix a typo via 021dfe8f33b winbind: Modernize a few DEBUGs via bc2b2350b94 smbd: Fix whitespace via b29e408e140 libsmb: Use SMB2_0_INFO_SECURITY instead of raw "3" via 5c736ffe354 gensec: Simplify gensec_security_by_fn() via 82c477b9807 gensec: Filter out disabled mechs in gensec_security_mechs() via 426c0847670 gensec: Refactor gensec_security_mechs() via b28de27f6b8 gensec: Simplify gensec_security_by_* via 9445d8e06e8 torture: Remove some pointless local variables via df30ec83c96 lib: Use cli_credentials_add_gensec_features in a few places via b436f5fec11 creds: Add cli_credentials_add_gensec_features via dc31a49830d libsmb: Slightly simplify cli_session_creds_init from 4cade04d1f1 vfs_ceph: Implement SMB_VFS_FSET_DOS_ATTRIBUTES for precise btime https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6b3135078e0f6c67566f4312998bc4032e387e19 Author: Volker Lendecke Date: Thu May 23 16:13:58 2024 +0200 lib: Align an integer type Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Jun 4 08:16:58 UTC 2024 on atb-devel-224 commit 5ae1605fc22acf672f46ba08f6b2ef4f675e92b8 Author: Volker Lendecke Date: Thu May 23 16:12:53 2024 +0200 lib: Fix an error path memleak Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 0321f31a8e1364b32fad61e99856024eaed0b81e Author: Volker Lendecke Date: Thu May 23 16:06:37 2024 +0200 lib: Use talloc_asprintf_addbufin _ber_read_OID_String_impl Just one NULL check required Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 4313add2bf5ee41a5cbcac79135da96d5424ec2d Author: Volker Lendecke Date: Thu May 23 16:04:52 2024 +0200 lib: Use unsigned long in ber_write_OID_String This is what smb_strtoul returns, so use it. Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 8f90ec12a560bfe08b0bf9ae447b789bbcc22dda Author: Volker Lendecke Date: Thu May 23 15:48:55 2024 +0200 lib: gensec.h references NTTIME, add time.h Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit b317408591da4cbb8facd1e9215fd204078722b7 Author: Volker Lendecke Date: Fri May 24 18:34:05 2024 +0200 wbclient: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 021dfe8f33b3d21ec16ac6e4a28f5a1d09b838a3 Author: Volker Lendecke Date: Fri May 24 18:48:29 2024 +0200 winbind: Modernize a few DEBUGs Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit bc2b2350b94cbfc53628852026f68f71f09607e6 Author: Volker Lendecke Date: Sat May 25 12:17:46 2024 +0200 smbd: Fix whitespace Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit b29e408e140b74b82ba04391fd1ded43444c83b6 Author: Volker Lendecke Date: Sat May 25 12:41:58 2024 +0200 libsmb: Use SMB2_0_INFO_SECURITY instead of raw "3" Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 5c736ffe35408a6344e5c4c4ae57b89e09e51918 Author: Volker Lendecke Date: Wed May 29 17:11:51 2024 +0200 gensec: Simplify gensec_security_by_fn() We don't need that intermediate talloc ctx, we only allocate backends and don't pass it anywhere else. Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 82c477b98071346a0e4e9162d9a200d1755533a7 Author: Volker Lendecke Date: Wed May 29 17:08:26 2024 +0200 gensec: Filter out disabled mechs in gensec_security_mechs() Every single caller of gensec_security_mechs() had to manually filter out disabled mechanisms. Don't offer them from the start. Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 426c08476704f8ac574a18562719517c6084ed3f Author: Volker Lendecke Date: Tue May 28 18:49:41 2024 +0200 gensec: Refactor gensec_security_mechs() The decision whether to offer a mechanism was split between gensec_security_mechs() and gensec_use_kerberos_mechs() with two booleans passed down. Consolidate that decision into one gensec_offer_mech() function that queries all information on its own. Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit b28de27f6b880962e918
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 98b443d9033 fuzzing: fix fuzz_stable_sort_r_unstable comparison via 267f307689b s3/torture: local_rbtree: avoid birthday collisions from 3a7dbf8b77b examples:winexe: embed Samba version as exe timestamp https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 98b443d9033943c4fd2bde939985af125ccd9e73 Author: Douglas Bagnall Date: Thu May 23 16:08:49 2024 +1200 fuzzing: fix fuzz_stable_sort_r_unstable comparison Credit to OSS-Fuzz. REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69176 Signed-off-by: Douglas Bagnall Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri May 31 05:29:08 UTC 2024 on atb-devel-224 commit 267f307689b92bc7e1e407fb7f1a9f556d7d8b90 Author: Douglas Bagnall Date: Wed May 22 12:15:37 2024 +1200 s3/torture: local_rbtree: avoid birthday collisions We insert 999 keys, but if two of them happen to be the same, we don't find 1000 nodes, and that is upsetting for CI: [130(1421)/303 at 4m46s] samba3.smbtorture_s3.LOCAL-RBTREE UNEXPECTED(failure): samba3.smbtorture_s3.LOCAL-RBTREE.smbtorture(none) REASON: Exception: Exception: using seed 1716333987 host=foo share=bar user= myname=runner-jlguopmm-project-6378020-concurrent-0 Running LOCAL-RBTREE run_local_rbtree: read1: 999 999, NT_STATUS_OK run_local_rbtree: delete: 999 999, NT_STATUS_OK run_local_rbtree: read2: 0 0, NT_STATUS_OK TEST LOCAL-RBTREE FAILED! LOCAL-RBTREE took 0.002706 secs This has been flapping very occasionally for a long time: https://lists.samba.org/archive/samba-technical/2016-March/112861.html Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett Reviewed-by: Volker Lendecke --- Summary of changes: lib/fuzzing/fuzz_stable_sort_r_unstable.c | 3 ++- source3/torture/torture.c | 10 +- 2 files changed, 7 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/fuzzing/fuzz_stable_sort_r_unstable.c b/lib/fuzzing/fuzz_stable_sort_r_unstable.c index 68174ee460e..9338c75f7dc 100644 --- a/lib/fuzzing/fuzz_stable_sort_r_unstable.c +++ b/lib/fuzzing/fuzz_stable_sort_r_unstable.c @@ -71,8 +71,9 @@ static int cmp_int8(int8_t *_a, int8_t *_b, int8_t *ctx) #define MAX_SIZE (1024 * 1024) -int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) +int LLVMFuzzerTestOneInput(const uint8_t *input, size_t len) { + const int8_t *buf = (const int8_t *)input; int8_t buf2[MAX_SIZE]; int8_t aux[MAX_SIZE]; int8_t context; diff --git a/source3/torture/torture.c b/source3/torture/torture.c index e0cc39f732d..1f8621654ec 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -13634,17 +13634,17 @@ static bool run_local_rbtree(int dummy) } for (i = 0; i < 999; i++) { - char key[sizeof("key-9223372036854775807")]; - char value[sizeof("value-9223372036854775807")]; + char key[sizeof("key-9223372036854775807-1234")]; + char value[sizeof("value-9223372036854775807-1234")]; - snprintf(key, sizeof(key), "key%ld", random()); - snprintf(value, sizeof(value) ,"value%ld", random()); + snprintf(key, sizeof(key), "key%ld-%d", random(), i); + snprintf(value, sizeof(value) ,"value%ld-%d", random(), i); if (!rbt_testval(db, key, value)) { goto done; } - snprintf(value, sizeof(value) ,"value%ld", random()); + snprintf(value, sizeof(value) ,"value%ld-%d", random(), i + 1); if (!rbt_testval(db, key, value)) { goto done; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e9eb5810438 ctdb-scripts: Protect against races when starting grace period via 97c79a1 ctdb-scripts: Check NFS-Ganesha is running before attempting grace via 27c53880c2a ctdb-scripts: Improve service PID check via bc10704aec6 ctdb-scripts: Improve NFS-Ganesha export path extraction via 944d9d308d5 ctdb-scripts: Add script option CTDB_NFS_EXPORTS_FILE via 1be5b1df1bd ctdb-scripts: Fix usage message via 2a3d7c09719 ctdb-scripts: Change NFS-Ganesha PID file location via a534f713478 ctdb-scripts: Quote variable expansions via 6ffb73bb55e ctdb-scripts: Reformat with "shfmt -w -p -i 0 -fn" via 991d21d075c ctdb-scripts: No longer run statd-callout under sudo via ecb9545b3fb ctdb-scripts: Use find_statd_sm_dir() in one more place via 50b3cebeb39 ctdb-scripts: Set ownership of statd-callout state directory via 608557c6ce3 ctdb-scripts: Avoid connecting to ctdbd in add-client/del-client via 5a4209b7132 ctdb-tests: Default PNN is 0 via ed3f041c309 ctdb-scripts: Add caching function for public IPs via 558cf280b22 ctdb-scripts: Move state directory creation to "startup" action via d02fb20d793 ctdb-scripts: Avoid globally changing to queue directory via b90d72c7b8f ctdb-scripts: Move ctdb.tdb attach to statd-callout via c912e406c1c ctdb-scripts: Reformat with shfmt -w -p -i 0 -fn via 7b24cc032ea ctdb-scripts: Improve documentation via 5176b43da78 ctdb-scripts: Avoid ShellCheck warning SC2162 via 54015223804 ctdb-scripts: Reformat with "shfmt -w -p -i 0 -fn" from 5a54c9b28ab s3:utils: let smbstatus report anonymous signing/encryption explicitly https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e9eb5810438c7de713a45f43af227798a6b5ec2f Author: Martin Schwenke Date: Fri May 10 18:00:18 2024 +1000 ctdb-scripts: Protect against races when starting grace period While the PID check is worth it in relevant cases, NFS-Ganesha still might go away after the check. Unfortunately, neither grace command fails an indicative exit code, so invent one by checking error messages. This can then be converted to success by the caller. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu May 30 12:50:01 UTC 2024 on atb-devel-224 commit 97c79a1c9a61a74aced8d87346dd25c8cce3 Author: Martin Schwenke Date: Fri May 10 17:51:18 2024 +1000 ctdb-scripts: Check NFS-Ganesha is running before attempting grace If monitoring has failed because it isn't running, then don't fail "startipreallocate" or "relaseip" by trying to go into grace. Don't check this for "takeip". In that case NFS-Ganesha had better be running. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 27c53880c2a35a320bc31655ada3367d1be02b19 Author: Martin Schwenke Date: Fri May 10 17:46:58 2024 +1000 ctdb-scripts: Improve service PID check No need to grovel around in /proc. ps will happily tell us the command. Factor out the actual check into a separate function that can be used elsewhere. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit bc10704aec66e143b8c9e715a74ddb82f44a3204 Author: Martin Schwenke Date: Tue Apr 30 15:00:34 2024 +1000 ctdb-scripts: Improve NFS-Ganesha export path extraction Path values do not need to have quotes. The current code fails if there aren't any. Instead, implement a 2 stage parser using 2 sed commands. See comments in the code for details. Regexps are POSIX basic regular expressions, apart from \ (used to ensure WORD is on word boundaries, and the 'i' flag for case insensitivity. The latter is supported in FreeBSD sed. This code successfully parses Path values out of the following monstrosity: path = "/foo/bar1;a"; Path = /foo/bar2; Something = false; Pseudo = "/foo/bar3x" ; Path = "/foo/bar3; y" ; Access_type = RO; Pseudo = "/foo/bar4x" ; path=/foo/bar4; Access_type = RO; Pseudo = "/foo/barNONONO" ; not_Path=/foo/barNONONO; Access_type = RO; Path = /foo/bar5 Pseudo = "/foo/bar6x Path=foo" ; Path=/foo/bar6; Access_type = RO This is probably the best that can be done within a shell script. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 944d9d308d53598ba0aa2dc599fc1f5c78e78313 Author: Martin Schwenke Date: Wed Mar 27 14:24:09 2024 +1100 ctdb-scripts: Add script option
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d650f884ec1 lib:ldb: Use correct integer types for sizes via 17dd13bb4bc lib:ldb: Add missing overflow check in ldb_msg_normalize() via 82b07bd048e lib:tdb: Add missing overflow check for num_values in pytdb.c via e9c4538e272 lib:tdb: Remove trailing spaces from pytdb.c from 80159018e41 s3:utils: Fix Inherit-Only flag being automatically propagated to children https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d650f884ec1be0745af93020366b9e115670b771 Author: Andreas Schneider Date: Tue Apr 30 14:33:51 2024 +0200 lib:ldb: Use correct integer types for sizes Error: INTEGER_OVERFLOW (CWE-190): ldb-2.9.0/common/ldb_ldif.c:84: tainted_data_return: Called function "read(f, buf, size)", and a possible return value may be less than zero. ldb-2.9.0/common/ldb_ldif.c:84: cast_overflow: An assign that casts to a different type, which might trigger an overflow. ldb-2.9.0/common/ldb_ldif.c:92: overflow: The expression "size" is considered to have possibly overflowed. ldb-2.9.0/common/ldb_ldif.c:84: overflow_sink: "size", which might be negative, is passed to "read(f, buf, size)". [Note: The source code implementation of the function has been overridden by a builtin model.] 82| buf = (char *)value->data; 83| while (count < statbuf.st_size) { 84|-> bytes = read(f, buf, size); 85| if (bytes == -1) { 86| talloc_free(value->data); Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Apr 30 15:33:32 UTC 2024 on atb-devel-224 commit 17dd13bb4bc9bd38f663c376ee73de6598715da7 Author: Andreas Schneider Date: Tue Apr 30 14:27:54 2024 +0200 lib:ldb: Add missing overflow check in ldb_msg_normalize() Error: INTEGER_OVERFLOW (CWE-190): ldb-2.9.0/common/ldb_msg.c:1235: tainted_data_argument: The check "i < msg2->num_elements" contains the tainted expression "i" which causes "msg2->num_elements" to be considered tainted. ldb-2.9.0/common/ldb_msg.c:1253: overflow: The expression "msg2->num_elements - (i + 1U)" is deemed underflowed because at least one of its arguments has underflowed. ldb-2.9.0/common/ldb_msg.c:1253: overflow: The expression "32UL * (msg2->num_elements - (i + 1U))" is deemed underflowed because at least one of its arguments has underflowed. ldb-2.9.0/common/ldb_msg.c:1253: overflow_sink: "32UL * (msg2->num_elements - (i + 1U))", which might have underflowed, is passed to "memmove(el2, el2 + 1, 32UL * (msg2->num_elements - (i + 1U)))". [Note: The source code implementation of the function has been overridden by a builtin model.] 1251| talloc_free(discard_const_p(char, el2->name)); 1252| if ((i+1) < msg2->num_elements) { 1253|-> memmove(el2, el2+1, sizeof(struct ldb_message_element) * 1254| (msg2->num_elements - (i+1))); 1255| } Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit 82b07bd048e8039896be7edec6b83cbd6ff218d9 Author: Andreas Schneider Date: Tue Apr 30 14:16:33 2024 +0200 lib:tdb: Add missing overflow check for num_values in pytdb.c Error: INTEGER_OVERFLOW (CWE-190): tdb-1.4.10/pytdb.c:401: cast_overflow: Truncation due to cast operation on "num_values" from 64 to 32 bits. tdb-1.4.10/pytdb.c:401: overflow_sink: "num_values", which might have overflowed, is passed to "tdb_storev(self->ctx, key, values, num_values, flag)". 399| } 400| 401|-> ret = tdb_storev(self->ctx, key, values, num_values, flag); 402| free(values); 403| PyErr_TDB_ERROR_IS_ERR_RAISE(ret, self->ctx); Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit e9c4538e272a32f9fe4dcdabc6f44b95ddfda6e7 Author: Andreas Schneider Date: Tue Apr 30 14:16:15 2024 +0200 lib:tdb: Remove trailing spaces from pytdb.c Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: lib/ldb/common/ldb_ldif.c | 3 ++- lib/ldb/common/ldb_msg.c | 2 +- lib/tdb/pytdb.c | 22 +- 3 files changed, 16 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/common/ldb_ldif.c b/lib/ldb/common/ldb_
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 96b5cfe4e6c s3:libsmb: Pass a memory context to get_ipc_connect() via 56426eda9bd s3:libsmb: Make get_ipc_connect() static via bf688e0d2af s3:libnet: Fix memory leak in libnet_join_connect_dc_ipc() via d2297b41a20 s3:libsmb: Pass memory context to cli_full_connection_creds() via 5c63d5bdab1 s3:libsmb: Pass memory context to cli_full_connection_creds_recv() via f95947b s3:libsmb: Pass a memory context to cli_start_connection() via f3fda1e440c s3:libsmb: Pass a memory context to cli_start_connection_recv() via bbb21797bf6 s3:libsmb: Pass memory context to cli_connect_nb() via 4f62937dfab s3:torture: Remove trailing spaces in torture.c via c8eabee18bd s3:nmbd: Remove trailing spaces in nmbd_synclists.c via 2154bd37e41 s3:libsmb: Pass a memory context to cli_connect_nb_recv() from 73e3ffb8418 python:tests: Store keys as bytes rather than as lists of ints https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 96b5cfe4e6c4b727c286b0856446c1d5a31b920b Author: Andreas Schneider Date: Thu Nov 23 15:53:29 2023 +0100 s3:libsmb: Pass a memory context to get_ipc_connect() Indirect leak of 792 byte(s) in 1 object(s) allocated from: #0 0x7f261b8dc03f in malloc (/lib64/libasan.so.8+0xdc03f) (BuildId: 3e1694ad218c99a8b1b69231666a27df63cf19d0) #1 0x7f261b2c2bc2 in __talloc_with_prefix ../../lib/talloc/talloc.c:783 #2 0x7f261b2c473d in __talloc ../../lib/talloc/talloc.c:825 #3 0x7f261b2c473d in _talloc_named_const ../../lib/talloc/talloc.c:982 #4 0x7f261b2c473d in _talloc_zero ../../lib/talloc/talloc.c:2421 #5 0x7f2618cb42bc in smbXcli_conn_create ../../libcli/smb/smbXcli_base.c:350 #6 0x7f261a74acd3 in cli_state_create ../../source3/libsmb/clientgen.c:196 #7 0x7f261a751f0d in cli_connect_nb_done ../../source3/libsmb/cliconnect.c:2715 #8 0x7f261a69bacf in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177 #9 0x7f261a69bd06 in tevent_req_finish ../../lib/tevent/tevent_req.c:234 #10 0x7f261a69bd6e in _tevent_req_done ../../lib/tevent/tevent_req.c:240 #11 0x7f261a752dde in cli_connect_sock_done ../../source3/libsmb/cliconnect.c:2624 #12 0x7f261a69bacf in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177 #13 0x7f261a69bd06 in tevent_req_finish ../../lib/tevent/tevent_req.c:234 #14 0x7f261a69bd6e in _tevent_req_done ../../lib/tevent/tevent_req.c:240 #15 0x7f261a7ba2c4 in smbsock_any_connect_connected ../../source3/libsmb/smbsock_connect.c:788 #16 0x7f261a69bacf in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177 #17 0x7f261a69bd06 in tevent_req_finish ../../lib/tevent/tevent_req.c:234 #18 0x7f261a69bd6e in _tevent_req_done ../../lib/tevent/tevent_req.c:240 #19 0x7f261a7b75ad in smbsock_connect_connected ../../source3/libsmb/smbsock_connect.c:524 #20 0x7f261a69bacf in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177 #21 0x7f261a69bd06 in tevent_req_finish ../../lib/tevent/tevent_req.c:234 #22 0x7f261a69bd6e in _tevent_req_done ../../lib/tevent/tevent_req.c:240 #23 0x7f261b4b400a in open_socket_out_connected ../../source3/lib/util_sock.c:484 #24 0x7f261a69bacf in _tevent_req_notify_callback ../../lib/tevent/tevent_req.c:177 #25 0x7f261a69bd06 in tevent_req_finish ../../lib/tevent/tevent_req.c:234 #26 0x7f261a69be3e in tevent_req_trigger ../../lib/tevent/tevent_req.c:291 #27 0x7f261a699df4 in tevent_common_invoke_immediate_handler ../../lib/tevent/tevent_immediate.c:190 #28 0x7f261a699e31 in tevent_common_loop_immediate ../../lib/tevent/tevent_immediate.c:236 #29 0x7f261a6ad3ec in epoll_event_loop_once ../../lib/tevent/tevent_epoll.c:905 #30 0x7f261a6a679e in std_event_loop_once ../../lib/tevent/tevent_standard.c:110 #31 0x7f261a696538 in _tevent_loop_once ../../lib/tevent/tevent.c:820 Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Apr 29 09:48
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 78208d4fe47 ctdb: Remove an unnecessary cast via 8eaba9dbc5b smbd: Fix a DBG message from 072cb98e432 smbd: Avoid a ZERO_STRUCT() with direct struct initialization https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 78208d4fe47a0c634a6bd7c04f3d01f0020ee88b Author: Volker Lendecke Date: Thu Feb 29 15:33:56 2024 +0100 ctdb: Remove an unnecessary cast nl->srvid is uint64_t, as is the srvid parameter of ctdb_daemon_send_message() Signed-off-by: Volker Lendecke Reviewed-by: Martin Schwenke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Mar 13 08:43:16 UTC 2024 on atb-devel-224 commit 8eaba9dbc5bd4befd6d1a651cf0666da0ff36265 Author: Volker Lendecke Date: Tue Feb 20 12:50:36 2024 +0100 smbd: Fix a DBG message Signed-off-by: Volker Lendecke Reviewed-by: Martin Schwenke --- Summary of changes: ctdb/server/ctdb_daemon.c | 5 - source3/smbd/notifyd/notifyd.c | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/server/ctdb_daemon.c b/ctdb/server/ctdb_daemon.c index eb9d63454de..0a53770a6bf 100644 --- a/ctdb/server/ctdb_daemon.c +++ b/ctdb/server/ctdb_daemon.c @@ -2016,7 +2016,10 @@ static int ctdb_client_notify_destructor(struct ctdb_client_notify_list *nl) DEBUG(DEBUG_ERR,("Sending client notify message for srvid:%llu\n", (unsigned long long)nl->srvid)); - ret = ctdb_daemon_send_message(nl->ctdb, CTDB_BROADCAST_CONNECTED, (unsigned long long)nl->srvid, nl->data); + ret = ctdb_daemon_send_message(nl->ctdb, + CTDB_BROADCAST_CONNECTED, + nl->srvid, + nl->data); if (ret != 0) { DEBUG(DEBUG_ERR,("Failed to send client notify message\n")); } diff --git a/source3/smbd/notifyd/notifyd.c b/source3/smbd/notifyd/notifyd.c index ca303bd4d51..4af62a9a1f9 100644 --- a/source3/smbd/notifyd/notifyd.c +++ b/source3/smbd/notifyd/notifyd.c @@ -228,7 +228,7 @@ struct tevent_req *notifyd_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, ret = server_id_db_set_exclusive(names_db, "notify-daemon"); if (ret != 0) { - DBG_DEBUG("server_id_db_add failed: %s\n", + DBG_DEBUG("server_id_db_set_exclusive() failed: %s\n", strerror(ret)); tevent_req_error(req, ret); goto deregister_get_db; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 072cb98e432 smbd: Avoid a ZERO_STRUCT() with direct struct initialization via 02d9631cf33 tools: Fix whitespace via f948b6267e4 smbd: Fix a typo via 17caec0ead0 smbd: Fix and modernize a few DBG statements via 965fec35472 smbd: Give smbXsrv_session.c its own header file via c37eb90d731 vfs: Fix a typo via d393fd46936 auth: Simplify smb_krb5_send_to_kdc_state_destructor() via 7f5d5ddde1d smbd: Fix a comment via ac8d38cf13f smbXsrv_version: Use a struct assignment via 5885a69a985 smbXsrv_version: Remove unused smbXsrv_version_global0->db_rec via f1af8843def smbXsrv_version: Use a struct assignment instead of ZERO_STRUCT via 90bd197dd57 smbXsrv_version: Modernize DEBUG statements via 97896fa7e54 lib: Simplify _hexcharval via 01cbfab9538 smbd: Add parentheses for easier readability via 56233406de4 torture: Fix an error message via 32ecf1fe607 lib: Simplify copy_unix_token() via 9f565512755 libsmb: Simplify an if-condition via 7c68d88cefb lib: Make GUID_to_ndr_buf() return void via ea09be77523 smbd: Remove get_Protocol() via 67f6fcfe17b smbd: Remove the last use of get_Protocol() via 72492de5783 smbd: Add conn_protocol() via 51bb236a698 smbd: Modernize a DEBUG statement via 5246267d173 smbd: Simplify fsp_fullbasepath() via be15ab4c785 smbd: Remove unused declarations in smbXsrv.idl from 0e40506d21b selftest: add tests for "samba-tool user list --locked-only" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 072cb98e4326c4124c649e911970acbf004f16bb Author: Volker Lendecke Date: Mon Feb 19 09:57:16 2024 +0100 smbd: Avoid a ZERO_STRUCT() with direct struct initialization Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Mar 12 14:33:14 UTC 2024 on atb-devel-224 commit 02d9631cf3319ead42487ea301aa268f659d9f0b Author: Volker Lendecke Date: Thu Feb 8 11:02:15 2024 +0100 tools: Fix whitespace Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit f948b6267e413b33672d4de7d78fe4eb5b838c5a Author: Volker Lendecke Date: Thu Feb 8 10:28:02 2024 +0100 smbd: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 17caec0ead0913836ca136663fc5c591dc983f84 Author: Volker Lendecke Date: Thu Feb 8 10:24:56 2024 +0100 smbd: Fix and modernize a few DBG statements There were still a few function names in DBGs Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 965fec354729fd63a25616fc52989d524826f4b4 Author: Volker Lendecke Date: Thu Feb 8 10:04:32 2024 +0100 smbd: Give smbXsrv_session.c its own header file Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit c37eb90d73131d005b563d7f0944daf39cd92de6 Author: Volker Lendecke Date: Sun Feb 4 10:09:07 2024 +0100 vfs: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit d393fd469365d64c4acde3c399a167123916c348 Author: Volker Lendecke Date: Mon Feb 12 13:35:19 2024 +0100 auth: Simplify smb_krb5_send_to_kdc_state_destructor() Replace a call to dbwrap_fetch_locked() with the higherlevel dbwrap_delete(). Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 7f5d5ddde1d8fa7674c352f049f49298d5169975 Author: Volker Lendecke Date: Sun Feb 11 12:44:10 2024 +0100 smbd: Fix a comment Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit ac8d38cf13f6feee9ae70c851a3a045ed63dbb6d Author: Volker Lendecke Date: Sat Feb 10 10:40:46 2024 +0100 smbXsrv_version: Use a struct assignment Make sure everything is initialized Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 5885a69a9855e450a27980462f58654c80a9782b Author: Volker Lendecke Date: Sat Feb 10 10:37:42 2024 +0100 smbXsrv_version: Remove unused smbXsrv_version_global0->db_rec Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit f1af8843defeaaf03b1e7d77655419b6c9e67f39 Author: Volker Lendecke Date: Sat Feb 10 10:36:51 2024 +0100 smbXsrv_version: Use a struct assignment instead of ZERO_STRUCT Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 90bd197dd57d7872b730b488e9d16144bde60438 Author: Volker Lendecke Date: Sat Feb 10 10:29:35 2024 +0100 smbXsrv_version: Modernize DEBUG statements Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 97896fa7e54039b0a56510f9ccd22e71fb42b42c Author: Volker Lendecke Date: Mon Feb 19 13:15:55 202
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6005de8cb39 ctdb-scripts: Remove usage of releaseip-pre, takeip-pre pseudo-events via 2de2d5dd201 ctdb-scripts: Remove unnecessary 06.nfs.script via e3294e55269 ctdb-doc: Put NFS in grace on startipreallocate via 34c76ffec50 ctdb-doc: Factor out grace period function via 9631e3569d7 ctdb-client: Remove unused function via a4e492f728d ctdb-scripts: Add handling for startipreallocate via 7dacbcd0ec7 ctdb: send a CTDB_SRVID_START_IPREALLOCATE message after CTDB_EVENT_START_IPREALLOCATE via 2483a2ae209 ctdb-takeover: Use CTDB_CONTROL_START_IPREALLOCATE via b7cc56d22db ctdb-server: Implement CTDB_CONTROL_START_IPREALLOCATE via 9a20dfe97a0 ctdb-protocol: Add new control CTDB_CONTROL_START_IPREALLOCATE via d97e642ba8b ctdb-daemon: Implement startipreallocate event via 786adccaa93 ctdb-protocol: Add new event startipreallocate via ed67e650579 ctdb-common: Remove old runstate/string translation functions via 318d526a0d1 ctdb-common: Remove unused variable ctdb_eventscript_call_names. via 9f68656b473 ctdb-daemon: Use ctdb_event_to_string() from da7f056fb5d lib/ldb-samba: Remove unused ldb.set_opaque_integer() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6005de8cb39320a06ff33c4b3c725ba14f72951a Author: Vinit Agnihotri Date: Thu Oct 26 23:38:22 2023 -0700 ctdb-scripts: Remove usage of releaseip-pre, takeip-pre pseudo-events These were generated by 06.nfs.script. Signed-off-by: Vinit Agnihotri Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Mar 6 07:09:06 UTC 2024 on atb-devel-224 commit 2de2d5dd2018708eeca7e8a7c66015f81bcaf693 Author: Vinit Agnihotri Date: Thu Oct 26 23:35:25 2023 -0700 ctdb-scripts: Remove unnecessary 06.nfs.script Signed-off-by: Vinit Agnihotri Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit e3294e552690afe2e7b5fae03e684542d45cc5ce Author: Vinit Agnihotri Date: Thu Oct 26 23:07:47 2023 -0700 ctdb-doc: Put NFS in grace on startipreallocate Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 34c76ffec50d9d4e85a33859b5694bc8c01e304d Author: Vinit Agnihotri Date: Thu Oct 26 23:03:01 2023 -0700 ctdb-doc: Factor out grace period function Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 9631e3569d77857f92deed41faa888f62f2c541e Author: Vinit Agnihotri Date: Thu Oct 26 03:09:07 2023 -0700 ctdb-client: Remove unused function Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit a4e492f728d895d59730de7d8f2e4f3a9ac8b7f4 Author: Vinit Agnihotri Date: Thu Oct 26 03:32:00 2023 -0700 ctdb-scripts: Add handling for startipreallocate Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 7dacbcd0ec79a3a2198aebc43040d2693375adcf Author: Vinit Agnihotri Date: Tue Feb 27 00:13:57 2024 -0800 ctdb: send a CTDB_SRVID_START_IPREALLOCATE message after CTDB_EVENT_START_IPREALLOCATE Event scripts run the "start_ipreallocate" hook in order to notice that some ip addresses in the cluster potentially changed. CTDB_SRVID_START_IPREALLOCATE gives C code a chance to get notified as well once the event scripts are finished. Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 2483a2ae209c86b441fb4763cd595cb9254e5382 Author: Vinit Agnihotri Date: Wed Oct 25 03:30:27 2023 -0700 ctdb-takeover: Use CTDB_CONTROL_START_IPREALLOCATE Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit b7cc56d22dbd117f4c32a794f3116a61b3c8a7ee Author: Vinit Agnihotri Date: Wed Oct 25 23:55:17 2023 -0700 ctdb-server: Implement CTDB_CONTROL_START_IPREALLOCATE Trigger a "startipreallocate" event, but only if in RUNNING runstate. "startipreallocate" is intended to allow an NFS server to be put into grace on all nodes before any locks are released as part of releaseip during failover. If node A is leader and initiates a takeover run then node B may be connected/active but may not have completed startup. In this case, the attempt to put NFS-Ganesha into grace on node B will fail, startipreallocate will fail, and the node will be banned. Signed-off-by: Vinit Agnihotri Reviewed-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 9a20dfe97a03d772a5bb73e4becd7865acb3644f Author
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 667265b6851 ctdb-tests: Limit red-black tree test to 5s of random inserts from 0c1ac197768 samba-tool user getpassword: Clarify success wording https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 667265b6851e3c99f761ed65e8d2b9a8eb9cb4e1 Author: Martin Schwenke Date: Thu Feb 29 13:30:04 2024 +1100 ctdb-tests: Limit red-black tree test to 5s of random inserts rb_test_001.sh runs for 60s even though rb_tree.c is almost never modified. This generally extends test time by an unreasonable amount of time. Add an optional timeout (in seconds) argument to rb_test, defaulting to 60, and pass 5 from rb_test_001.sh. If anyone ever significantly updates rb_tree.c then they can run rb_test directly with its default 60s timeout... or for as long as they like. Reported-by: Volker Lendecke Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Feb 29 13:20:40 UTC 2024 on atb-devel-224 --- Summary of changes: ctdb/tests/UNIT/cunit/rb_test_001.sh | 6 -- ctdb/tests/src/rb_test.c | 14 +++--- 2 files changed, 15 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/tests/UNIT/cunit/rb_test_001.sh b/ctdb/tests/UNIT/cunit/rb_test_001.sh index 25d3ceb8ed0..a2cf2571f98 100755 --- a/ctdb/tests/UNIT/cunit/rb_test_001.sh +++ b/ctdb/tests/UNIT/cunit/rb_test_001.sh @@ -1,5 +1,7 @@ #!/bin/sh +timeout=5 + . "${TEST_SCRIPTS_DIR}/unit.sh" output="\ @@ -22,10 +24,10 @@ traverse data:3 deleting key1 -run random insert and delete for 60 seconds +run random insert and delete for ${timeout} seconds deleting all entries" ok "$output" -unit_test rb_test +unit_test rb_test "$timeout" diff --git a/ctdb/tests/src/rb_test.c b/ctdb/tests/src/rb_test.c index d712c9a80ad..aaab459477f 100644 --- a/ctdb/tests/src/rb_test.c +++ b/ctdb/tests/src/rb_test.c @@ -105,6 +105,7 @@ static int count_traverse_abort(void *p, void *d) */ int main(int argc, const char *argv[]) { + unsigned int timeout = 0; int traverse_count; int i,j,k; trbt_tree_t *tree; @@ -118,6 +119,13 @@ int main(int argc, const char *argv[]) uint32_t **u32array; uint32_t checksum; + if (argc >= 2) { + timeout = atoi(argv[1]); + } + if (timeout == 0) { + timeout = 60; + } + /* testing trbt_insert32_callback for num_records */ memctx = talloc_new(NULL); assert(memctx != NULL); @@ -252,7 +260,7 @@ int main(int argc, const char *argv[]) talloc_free(memctx); - printf("\nrun random insert and delete for 60 seconds\n"); + printf("\nrun random insert and delete for %u seconds\n", timeout); memctx = talloc_new(NULL); assert(memctx != NULL); @@ -262,12 +270,12 @@ int main(int argc, const char *argv[]) i=0; start_timer(); checksum = 0; - /* Add and delete nodes from a 3 level tree for 60 seconds. + /* Add and delete nodes from a 3 level tree for seconds. Each time a node is added or deleted, traverse the tree and compute a checksum over the data stored in the tree and compare this with a checksum we keep which contains what the checksum should be */ - while(end_timer() < 60.0){ + while(end_timer() < (double)timeout){ char *str; i++; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5a0fce58650 source4/torture: Add SEC_STD_DELETE to enable proper cleanup from e4c3c61302b python:gp: Implement client site lookup in site_dn_for_machine() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5a0fce58650770bc7701d1be72492637c2ced63c Author: Anoop C S Date: Thu Feb 22 19:26:08 2024 +0530 source4/torture: Add SEC_STD_DELETE to enable proper cleanup basic.maximum_allowed and smb2.maximum_allowed attempt to unlink the files created by those tests. But the restrictive SD with which they were created prohibits the deletion inside shares where vfs_acl_xattr is configured including "ignore system acls". The very same file will otherwise cause problems while progressing with remaining sub tests. SEC_STD_DELETE could be the minimum required additional access mask to successfully delete the file under the said configuration using vfs_acl_xattr and "ignore system acls" option without loosing the integrity of the overall test. Signed-off-by: Anoop C S Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Feb 26 18:35:43 UTC 2024 on atb-devel-224 --- Summary of changes: source4/torture/basic/denytest.c | 30 ++- source4/torture/smb2/max_allowed.c | 42 +- 2 files changed, 66 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/basic/denytest.c b/source4/torture/basic/denytest.c index c9f4a97743e..ba636fe2a95 100644 --- a/source4/torture/basic/denytest.c +++ b/source4/torture/basic/denytest.c @@ -2680,10 +2680,11 @@ bool torture_maximum_allowed(struct torture_context *tctx, struct security_descriptor *sd, *sd_orig; union smb_open io; static TALLOC_CTX *mem_ctx; - int fnum, i; + int fnum, fnum1 = -1, i; bool ret = true; NTSTATUS status; union smb_fileinfo q; + union smb_setfileinfo set; const char *owner_sid; bool has_restore_privilege, has_backup_privilege, has_system_security_privilege; @@ -2813,7 +2814,34 @@ bool torture_maximum_allowed(struct torture_context *tctx, smbcli_close(cli->tree, fnum); } + io.generic.level = RAW_OPEN_NTTRANS_CREATE; + io.ntcreatex.in.access_mask = SEC_STD_WRITE_DAC; + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; + io.ntcreatex.in.fname = MAXIMUM_ALLOWED_FILE; + + status = smb_raw_open(cli->tree, mem_ctx, &io); + CHECK_STATUS(status, NT_STATUS_OK); + fnum1 = io.ntcreatex.out.file.fnum; + + sd = security_descriptor_dacl_create(tctx, + 0, NULL, NULL, + SID_NT_AUTHENTICATED_USERS, + SEC_ACE_TYPE_ACCESS_ALLOWED, + SEC_STD_DELETE, + 0, + NULL); + set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC; + set.set_secdesc.in.file.fnum = fnum1; + set.set_secdesc.in.secinfo_flags = SECINFO_DACL; + set.set_secdesc.in.sd = sd; + + status = smb_raw_setfileinfo(cli->tree, &set); + CHECK_STATUS(status, NT_STATUS_OK); + done: + smbcli_close(cli->tree, fnum1); smbcli_unlink(cli->tree, MAXIMUM_ALLOWED_FILE); return ret; } diff --git a/source4/torture/smb2/max_allowed.c b/source4/torture/smb2/max_allowed.c index af8b08ac9a9..6d69b84fbe6 100644 --- a/source4/torture/smb2/max_allowed.c +++ b/source4/torture/smb2/max_allowed.c @@ -33,11 +33,12 @@ static bool torture_smb2_maximum_allowed(struct torture_context *tctx, struct security_descriptor *sd = NULL, *sd_orig = NULL; struct smb2_create io = {0}; TALLOC_CTX *mem_ctx = NULL; - struct smb2_handle fnum = {{0}}; + struct smb2_handle fnum = {{0}}, fnum1 = {{0}}; int i; bool ret = true; NTSTATUS status; union smb_fileinfo q; + union smb_setfileinfo set; const char *owner_sid = NULL; bool has_restore_privilege, has_backup_privilege, has_system_security_privilege; @@ -82,7 +83,7 @@ static bool torture_smb2_maximum_allowed(struct torture_context *tctx, q.query_secdesc.in.file.handle = fnum; q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER; status = smb2_getinfo_file(tree, tctx, &q); - torture_assert_ntstatus_ok_goto(tctx, status, ret, done, + torture_as
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via dd9b11acbc4 ctdb-protocol: Add missing push support for new controls from 885850b6aaa s3/rpc_client: Fix array offset check https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dd9b11acbc4fbde1941719968aeb463b853b0ffb Author: Martin Schwenke Date: Fri Feb 9 17:29:46 2024 +1100 ctdb-protocol: Add missing push support for new controls CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and CTDB_CONTROL_TCP_CLIENT_PASSED were added in commits c6602b686b4e50d93272667ef86d3904181fb1ab and 037e8e449deb136ad5ed5e4de05439411b545b6d. They were missing test support for the packet push/pull. While adding the testing (for completeness, before adding another new control) I noticed that the push functionality was absent. This adds that, along with the test support. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15580 Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Feb 19 10:21:48 UTC 2024 on atb-devel-224 --- Summary of changes: ctdb/protocol/protocol_control.c | 8 ctdb/tests/src/protocol_common_ctdb.c | 33 + ctdb/tests/src/protocol_ctdb_test.c | 2 +- 3 files changed, 42 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/ctdb/protocol/protocol_control.c b/ctdb/protocol/protocol_control.c index 83ed6cb4ee1..e4491159937 100644 --- a/ctdb/protocol/protocol_control.c +++ b/ctdb/protocol/protocol_control.c @@ -693,6 +693,14 @@ static void ctdb_req_control_data_push(struct ctdb_req_control_data *cd, case CTDB_CONTROL_ECHO_DATA: ctdb_echo_data_push(cd->data.echo_data, buf, &np); break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + ctdb_connection_push(cd->data.conn, buf, &np); + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + ctdb_connection_push(cd->data.conn, buf, &np); + break; } *npush = np; diff --git a/ctdb/tests/src/protocol_common_ctdb.c b/ctdb/tests/src/protocol_common_ctdb.c index 384076824a4..8a8e114f67a 100644 --- a/ctdb/tests/src/protocol_common_ctdb.c +++ b/ctdb/tests/src/protocol_common_ctdb.c @@ -593,6 +593,19 @@ void fill_ctdb_req_control_data(TALLOC_CTX *mem_ctx, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + cd->data.conn = talloc(mem_ctx, struct ctdb_connection); + assert(cd->data.conn != NULL); + fill_ctdb_connection(mem_ctx, cd->data.conn); + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + cd->data.conn = talloc(mem_ctx, struct ctdb_connection); + assert(cd->data.conn != NULL); + fill_ctdb_connection(mem_ctx, cd->data.conn); + break; + } } @@ -982,6 +995,14 @@ void verify_ctdb_req_control_data(struct ctdb_req_control_data *cd, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + verify_ctdb_connection(cd->data.conn, cd2->data.conn); + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + verify_ctdb_connection(cd->data.conn, cd2->data.conn); + break; } } @@ -1378,6 +1399,12 @@ void fill_ctdb_reply_control_data(TALLOC_CTX *mem_ctx, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + break; } } @@ -1715,6 +1742,12 @@ void verify_ctdb_reply_control_data(struct ctdb_reply_control_data *cd, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + break; } } diff --git a/ctdb/tests/src/protocol_ctdb_test.c b/ctdb/tests/src/protocol_ctdb_test.c index f6fb5134a00..840d465ae30 100644 --- a/ctdb/tests/src/protocol_ctdb_test.c +++ b/ctdb/tests/src/protocol_ctdb_test.c @@ -277,7 +277,7 @@ PROTOCOL_CTDB4_TEST(struct ctdb_req_dmaster, ctdb_req_dmaster, PROTOCOL_CTDB4_TEST(struct ctdb_reply_dmaster, ctdb_reply_dmaster, CTDB_REPLY_DMASTER); -#define NUM_CONTROLS 159 +#define NUM_CONTROLS 161 PROTOCOL_CTDB2_TEST(struct ctdb_req_control_data, ctdb_req_control_data); PROTOCOL_CTDB2_TEST(struct ctdb_reply_control_data, ctdb_reply_control_data); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 885850b6aaa s3/rpc_client: Fix array offset check via f487211706a s3/rpc_client: Ensure max possible row buffer size is not exceeded via 01e901ef869 idl: Add constant for max rows buffer size from 4698cf0f335 s4:dsdb: Fix grammar https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 885850b6aaabf089f422b1b015481a0ccff4f90e Author: Noel Power Date: Thu Feb 8 14:05:43 2024 + s3/rpc_client: Fix array offset check Previous to this commit we were modifying the offset before the array offset check. This was causing a spurious debug message indicating the offset was out of bounds. An second problem is that upon detecting the error we don't exit the loop. A third problem was that when reading the offset the check didn't cater for the size of the integer address about to be read. This commit moves the offset check to before the first read, additionally when an error is detected now we actually exit the loop and the offset have been corrected to include the size of the integer to be read BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Sat Feb 17 17:58:43 UTC 2024 on atb-devel-224 commit f487211706a74d516bf447ed393222b4c0dce7b0 Author: Noel Power Date: Wed Feb 14 11:19:39 2024 + s3/rpc_client: Ensure max possible row buffer size is not exceeded The max buf size of rows buffer should not exceed 0x4000. Ensuring this value is within limits means we can safely use uint32_t offsets. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke commit 01e901ef869a1a87fba0e67bce311dbeb199b717 Author: Noel Power Date: Wed Feb 14 12:01:28 2024 + idl: Add constant for max rows buffer size BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke --- Summary of changes: librpc/idl/wsp_data.idl | 5 +++ source3/rpc_client/wsp_cli.c | 74 ++-- 2 files changed, 70 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/wsp_data.idl b/librpc/idl/wsp_data.idl index 2a94355b0b0..fde754aef81 100644 --- a/librpc/idl/wsp_data.idl +++ b/librpc/idl/wsp_data.idl @@ -11,6 +11,11 @@ interface constants * for details of this and other language id(s) */ const uint32_t WSP_DEFAULT_LCID = 0x0409; + /* +* Max size of rows buffer in getrowsout response +* see MS-WSP 2.2.3.11 +*/ + const uint32_t MAX_ROW_BUFF_SIZE = 0x0004000; /* values for guidPropertySet */ const char* DBPROPSET_FSCIFRMWRK_EXT = "A9BD1526-6A80-11D0-8C9D-0020AF1D740E"; diff --git a/source3/rpc_client/wsp_cli.c b/source3/rpc_client/wsp_cli.c index d8a9aca46ff..15b6e36007e 100644 --- a/source3/rpc_client/wsp_cli.c +++ b/source3/rpc_client/wsp_cli.c @@ -938,6 +938,15 @@ static enum ndr_err_code extract_variant_addresses(TALLOC_CTX *ctx, count = 1; } + /* ensure count is at least within buffer range */ + if (count >= MAX_ROW_BUFF_SIZE || count >= rows_buf->length) { + DBG_ERR("count %"PRIu64" either exceeds max buffer size " + "or buffer size (%zu)", + count, rows_buf->length); + err = NDR_ERR_VALIDATE; + goto out; + } + /* read address */ if (is_64bit) { err = ndr_pull_udlong(ndr_pull, @@ -974,30 +983,64 @@ static enum ndr_err_code extract_variant_addresses(TALLOC_CTX *ctx, goto out; } + /* +* non vector case addr points to value +* otherwise addr points to list of addresses +* for the values in vector +*/ if (is_vector == false) { vec_address[0] = addr; } else { uint64_t array_offset = addr - baseaddress; uint64_t i; + uint32_t intsize; + + if (is_64bit) { + intsize = 8; + } else { + intsize = 4; + } + + if (array_offset >= MAX_ROW_BUFF_SIZE + || array_offset >= rows_buf->length) { + DBG_ERR("offset %"PRIu64" either exceeds max buf size " + "or buffer size (%zu)", + array_offset,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2713023250f smbd: use dirfsp and atname in open_directory() via 1965fc77b38 smbd: use safe_symlink_target_path() in symlink_target_below_conn() via fc80c72d658 smbd: add a directory argument to safe_symlink_target_path() via 0515dded4dd smbd: pass symlink target path to safe_symlink_target_path() via 62cbe145c7e CI: disable /proc/fds and RESOLVE_NO_SYMLINK in samba-no-opath-build runner via 5c2f96442a2 vfs_default: allow disabling /proc/fds and RESOLVE_NO_SYMLINK at compile time from fdf3656d30c autobuild: Run ad_member_idmap_nss tests as part of samba-admem https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2713023250f15cf9971d88620cab9dd4afd0dc73 Author: Ralph Boehme Date: Mon Dec 18 12:35:58 2023 +0100 smbd: use dirfsp and atname in open_directory() On systems without /proc/fd support this avoid the expensive chdir() logic in non_widelink_open(). open_file_ntcreate() already passes dirfsp and atname to reopen_from_fsp(), it was just missed in the conversion. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Reviewed-by: Volker Lendecke Signed-off-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Jan 22 12:00:56 UTC 2024 on atb-devel-224 commit 1965fc77b3852a0593e13897af08f5304a1ce3a2 Author: Ralph Boehme Date: Tue Jan 2 14:34:26 2024 +0100 smbd: use safe_symlink_target_path() in symlink_target_below_conn() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit fc80c72d658a41fe4d93b24b793b52c91b350175 Author: Ralph Boehme Date: Tue Jan 2 13:25:25 2024 +0100 smbd: add a directory argument to safe_symlink_target_path() Existing caller passes NULL, no change in behaviour. Prepares for replacing symlink_target_below_conn() in open.c. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 0515dded4ddb49e5570ae7df51126af1a2d643de Author: Ralph Boehme Date: Tue Jan 2 12:49:14 2024 +0100 smbd: pass symlink target path to safe_symlink_target_path() Moves creating the symlink target path via symlink_target_path() to the caller. This prepares for using this in non_widelink_open(), where it will replace symlink_target_below_conn() with the same functionality. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 62cbe145c7e500c4759ed2005c78bd5056c87f43 Author: Ralph Boehme Date: Tue Dec 19 11:12:49 2023 +0100 CI: disable /proc/fds and RESOLVE_NO_SYMLINK in samba-no-opath-build runner This is a more sensible combination of missing Linux specific features: - O_PATH - openat2() with RESOLVE_NO_SYMLINKS - somehow safely reopen an O_PATH file handle Currently only O_PATH is disabled for these jobs, but that doesn't really match and know OS. The following list shows which features are available and used by Samba on a few OSes: | O_PATH | RESOLVE_NO_SYMLINKS | Safe reopen| CI covered ||-| | Supported Used | Supported Used | Supported Used | Linux | + +| + + | + +| + FreeBSD | + +| + [1] - | + [2] -| - AIX | - -| - - | - -| + So by also disabling RESOLVE_NO_SYMLINKS and Safe Reopen, we cover classic UNIX systems like AIX. [1] via open() flag O_RESOLVE_BENEATH [2] via open() flag O_EMPTY_PATH BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 5c2f96442a25a1725809a28b3719afbc0bd01830 Author: Ralph Boehme Date: Tue Dec 19 11:11:55 2023 +0100 vfs_default: allow disabling /proc/fds and RESOLVE_NO_SYMLINK at compile time This will be used in CI to have a gitlab runner without all modern Linux features we make use of as part of path processing: - O_PATH - openat2() with RESOLVE_NO_SYMLINKS - somehow safely reopen an O_PATH file handle That gives what a classix UNIX like AIX or Solaris offers feature wise. Other OSes support other combinations of those features, but we leave the exersize of possibly adding more runners supporting those combinations to the reader. The following list shows which features are available and used by Samba on a few
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c82a267b2a1 s3:passdb: smbpasswd reset permissions only if not 0600 from 0caaa2d1723 vfs: Remove shadow_copy2_get_real_filename_at() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c82a267b2a1b7617e818548aa486b7cfbda74657 Author: Jones Syue Date: Fri Jan 12 11:52:34 2024 +0800 s3:passdb: smbpasswd reset permissions only if not 0600 Browsing files or download files from samba server, smbd would check user's id to decide whether this user could access these files, by lookup user's information from the password file (e.g. /usr/local/samba/private/smbpasswd). smbd might goes through startsmbfilepwent(), this api calls [f]chmod() to make sure the password file has valid permissions 0600. Consider a scenario: we are doing a read performance benchmark about downloading a bunch of files (e.g. a thousand files) from a samba server, monitoring file system i/o activities counters, and expecting that should be only read operations on file system because this is just downloading, no uploading is involved. But actually found that still write operations on file system, because smbd lookup user and always reset 0600 permissions on password file while access each file, it makes dirty pages (inode modification) in ram, later triggered a kernel journal daemon to sync dirty pages into back storage (e.g. ext3 kjournald, or ext4 jbd2). This looks like not friendly for read performance benchmark if it happened on an entry-level systems with much less memory and limited computation power, because dirty pages syncing in the meantime slows down read performance. This patch adds fstat() before [f]chmod(), it would check whether password file has valid permissions 0600 or not. If 0600 smbd would bypass [f]chmod() to avoid making dirty pages on file systems. If not 0600 smbd would warn and go through [f]chmod() to set valid permissions 0600 to password file as earlier days. BUG: https://bugzilla.samba.org/show_bug.cgi?id=1 Signed-off-by: Jones Syue Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jan 18 10:28:19 UTC 2024 on atb-devel-224 --- Summary of changes: source3/passdb/pdb_smbpasswd.c | 36 1 file changed, 28 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c index 04cf419d890..adeb0e308c0 100644 --- a/source3/passdb/pdb_smbpasswd.c +++ b/source3/passdb/pdb_smbpasswd.c @@ -192,6 +192,7 @@ static FILE *startsmbfilepwent(const char *pfile, enum pwf_access_type type, int const char *open_mode = NULL; int race_loop = 0; int lock_type = F_RDLCK; + struct stat st; if (!*pfile) { DEBUG(0, ("startsmbfilepwent: No SMB password file set\n")); @@ -324,19 +325,38 @@ Error was %s\n", pfile, strerror(errno))); /* Set a buffer to do more efficient reads */ setvbuf(fp, (char *)NULL, _IOFBF, 1024); - /* Make sure it is only rw by the owner */ -#ifdef HAVE_FCHMOD - if(fchmod(fileno(fp), S_IRUSR|S_IWUSR) == -1) { -#else - if(chmod(pfile, S_IRUSR|S_IWUSR) == -1) { -#endif - DEBUG(0, ("startsmbfilepwent_internal: failed to set 0600 permissions on password file %s. \ -Error was %s\n.", pfile, strerror(errno) )); + /* Ensure we have a valid stat. */ + if (fstat(fileno(fp), &st) != 0) { + DBG_ERR("Unable to fstat file %s. Error was %s\n", + pfile, + strerror(errno)); pw_file_unlock(fileno(fp), lock_depth); fclose(fp); return NULL; } + /* If file has invalid permissions != 0600, then [f]chmod(). */ + if ((st.st_mode & 0777) != (S_IRUSR|S_IWUSR)) { + DBG_WARNING("file %s has invalid permissions 0%o should " + "be 0600.\n", + pfile, + (unsigned int)st.st_mode & 0777); + /* Make sure it is only rw by the owner */ +#ifdef HAVE_FCHMOD + if (fchmod(fileno(fp), S_IRUSR|S_IWUSR) == -1) { +#else + if (chmod(pfile, S_IRUSR|S_IWUSR) == -1) { +#endif + DBG_ERR("Failed to set 0600 permissions on password file %s. " + "Error was %s\n.", + pfile, + strerror(errno)); + pw_file_unlock
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c09d1a3ac1c tests: add a test for "fake directory create times" via 56c3dbc2ff8 system.c: fix fake directory create times via 85f7d9d5b94 tests: add test for vfs_worm via abe1e959bf5 vfs_worm: add FILE_WRITE_EA to write access mask via 24227f7ecc1 vfs_worm: add my copyright via 30fea0e9592 vfs_worm: add some more vfs functions that worm needs to take care of via 0022acac9a5 vfs_worm: move write_access_flags to global via 58847271e10 vfs_worm: factor out readonly check via d27180bd0d9 vfs_recycle: add connect function to cache parameters via f02b0b984b7 tests: add a test for vfs_recycle via 2df2e34c3c1 time.c: fix ctime which was feeded with the mtime seconds via 1a89b5237b6 test_smbget.sh: reduce sleep time from f30a79d7f23 python: Generate HRESULT definitions automatically https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c09d1a3ac1c8790a4162b22698616baa2ba484d5 Author: Björn Jacke Date: Tue Jan 9 01:14:39 2024 +0100 tests: add a test for "fake directory create times" Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Jan 16 15:44:10 UTC 2024 on atb-devel-224 commit 56c3dbc2ff8531772bf79eb9da3497767a20ce6f Author: Bjoern Jacke Date: Mon Jan 8 15:04:12 2024 + system.c: fix fake directory create times This was broken by c9c3d4312d7281904fc back in 2009 already. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12421 Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 85f7d9d5b943c237966e6b466beca0cbe8076b04 Author: Björn Jacke Date: Sat Dec 30 19:46:53 2023 +0100 tests: add test for vfs_worm Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit abe1e959bf5a05a91a66b2bfaac97d000e4768ff Author: Björn Jacke Date: Sun Jan 7 14:42:20 2024 +0100 vfs_worm: add FILE_WRITE_EA to write access mask Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 24227f7ecc16d3fc17430ac9039d7ad1ae1ee553 Author: Björn Jacke Date: Mon Jan 8 14:25:45 2024 +0100 vfs_worm: add my copyright Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 30fea0e959229ee583bc76490aff5e54bc7f5be8 Author: Björn Jacke Date: Thu Jan 4 12:48:59 2024 +0100 vfs_worm: add some more vfs functions that worm needs to take care of BUG: https://bugzilla.samba.org/show_bug.cgi?id=10430 Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 0022acac9a56efaca3235a10a4b1fc2b669b11a6 Author: Björn Jacke Date: Sat Dec 30 21:01:04 2023 +0100 vfs_worm: move write_access_flags to global Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 58847271e109e9ebe8d053611bd8b25620d5ecbe Author: Björn Jacke Date: Sat Dec 30 20:45:31 2023 +0100 vfs_worm: factor out readonly check Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit d27180bd0d93a3d15f7e877f1f82210b29334dc1 Author: Björn Jacke Date: Sat Jan 6 17:35:55 2024 +0100 vfs_recycle: add connect function to cache parameters Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit f02b0b984b7128319613315819599ef7acb54776 Author: Björn Jacke Date: Sat Jan 6 17:32:57 2024 +0100 tests: add a test for vfs_recycle Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 2df2e34c3c1ccf76bbcc78586cbbb6433b6d30d5 Author: Björn Jacke Date: Sun Jan 7 05:09:58 2024 +0100 time.c: fix ctime which was feeded with the mtime seconds This bug was introduced with 53a1d034f3e47ed3c in 2020. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15550 Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke commit 1a89b5237b61ae9ed5b23ec42d7c56533d0cce90 Author: Björn Jacke Date: Mon Jan 8 00:27:48 2024 +0100 test_smbget.sh: reduce sleep time Signed-off-by: Bjoern Jacke Reviewed-by: Volker Lendecke --- Summary of changes: lib/util/time.c | 2 +- selftest/target/Samba3.pm | 29 +++ source3/lib/system.c| 1 + source3/modules/vfs_recycle.c | 294 +++- source3/modules/vfs_worm.c | 252 ++-- source3/script/tests/test_fakedircreatetimes.sh | 65 ++ source3/script/tests/test_recycle.sh| 102 source3/script/tests/test_smbget.sh | 2 +- source3/script/tests/test_worm.sh | 121 ++ source3/selftest/tests.py
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f2dbcea6f04 lib: Confine the copy_no_nl memcpy to debug_gpfs_log() via c3399cd46f7 lib: Avoid memcpy in debug_lttng_log() via f8a75f83077 lib: Avoid memcpy in debug_systemd_log() from 16d802f9c1f script/autobuild.py: add some --private-libraries=ALL testing https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f2dbcea6f0499e81cf5b3215459925bb1dffd4a8 Author: Volker Lendecke Date: Tue Dec 19 15:34:50 2023 +0100 lib: Confine the copy_no_nl memcpy to debug_gpfs_log() gpfswrap_add_trace() seems not to have a format string that could understand the %.*s notation. While there this removes >4k of r/w memory from every smbd. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jan 4 17:06:19 UTC 2024 on atb-devel-224 commit c3399cd46f7a33db516b5716a2ce0ebf50fd117a Author: Volker Lendecke Date: Tue Dec 19 14:47:24 2023 +0100 lib: Avoid memcpy in debug_lttng_log() tracef() understands the %.*s format. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit f8a75f830774a6f32ed834cd3d17ba8804fddb82 Author: Volker Lendecke Date: Tue Dec 19 14:44:12 2023 +0100 lib: Avoid memcpy in debug_systemd_log() sd_journal_send() understands the %.*s format. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher --- Summary of changes: lib/util/debug.c | 145 --- 1 file changed, 62 insertions(+), 83 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/debug.c b/lib/util/debug.c index f1f91ebe7a7..86f13f181cf 100644 --- a/lib/util/debug.c +++ b/lib/util/debug.c @@ -100,9 +100,7 @@ static struct { debug_callback_fn callback; void *callback_private; char header_str[300]; - char header_str_no_nl[300]; size_t hs_len; - char msg_no_nl[FORMAT_BUFR_SIZE]; } state = { .settings = { .timestamp_logs = true @@ -244,48 +242,6 @@ static int debug_level_to_priority(int level) } #endif -/* -- ** - * Produce a version of the given buffer without any trailing newlines. - */ -#if defined(HAVE_LIBSYSTEMD_JOURNAL) || defined(HAVE_LIBSYSTEMD) || \ - defined(HAVE_LTTNG_TRACEF) || defined(HAVE_GPFS) -static void copy_no_nl(char *out, - size_t out_size, - const char *in, - size_t in_len) -{ - size_t len; - /* -* Some backends already add an extra newline, so also provide -* a buffer without the newline character. -*/ - len = MIN(in_len, out_size - 1); - if ((len > 0) && (in[len - 1] == '\n')) { - len--; - } - - memcpy(out, in, len); - out[len] = '\0'; -} - -static void ensure_copy_no_nl(char *out, - size_t out_size, - const char *in, - size_t in_len) -{ - /* -* Assume out is a static buffer that is reused as a cache. -* If it isn't empty then this has already been done with the -* same input. -*/ - if (out[0] != '\0') { - return; - } - - copy_no_nl(out, out_size, in, in_len); -} -#endif - /* -- ** * Debug backends. When logging to DEBUG_FILE, send the log entries to * all active backends. @@ -366,24 +322,33 @@ static void debug_syslog_log(int msg_level, const char *msg, size_t msg_len) static void debug_systemd_log(int msg_level, const char *msg, size_t msg_len) { if (state.hs_len > 0) { - ensure_copy_no_nl(state.header_str_no_nl, - sizeof(state.header_str_no_nl), - state.header_str, - state.hs_len); - sd_journal_send("MESSAGE=%s", - state.header_str_no_nl, + size_t len = state.hs_len; + + if (state.header_str[len - 1] == '\n') { + len -= 1; + } + + sd_journal_send("MESSAGE=%.*s", + (int)len, + state.header_str, "PRIORITY=%d", debug_level_to_priority(msg_level), "LEVEL=%d",
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1134c4f3a63 s3:utils: Fix the auth function to print correct values to the user via 25021b836f7 s3:utils: Handle the domain before username and password from 2cfbf43f706 smbd: Fix traversing snapshot dirs that vanished in current fileset https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1134c4f3a63c9618c3fb79abefb40a798c7c1701 Author: Andreas Schneider Date: Fri Dec 15 08:23:25 2023 +0100 s3:utils: Fix the auth function to print correct values to the user In order to show correct values in the password prompt displayed by cli_credentials_get_password*(). We need to set the domain and username in the credentials system. The credentials supplied via the SMB URL have a higher priority than the command line options. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15538 Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jan 4 11:26:52 UTC 2024 on atb-devel-224 commit 25021b836f74d3d247bce44c6c02a2d8b2cc39ea Author: Andreas Schneider Date: Fri Dec 15 09:41:06 2023 +0100 s3:utils: Handle the domain before username and password The cli_credentials_get_password*() function will interactively ask the user for a password if none has been supplied via another ways. To show the correct domain and username in the prompt, we need handle domain and user first. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15538 Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: source3/utils/smbget.c | 37 - 1 file changed, 20 insertions(+), 17 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/smbget.c b/source3/utils/smbget.c index 70b3685c89f..67ea259afb8 100644 --- a/source3/utils/smbget.c +++ b/source3/utils/smbget.c @@ -116,22 +116,23 @@ static void get_auth_data_with_context_fn(SMBCCTX *ctx, const char *domain = NULL; enum credentials_obtained obtained = CRED_UNINITIALISED; - username = cli_credentials_get_username_and_obtained(creds, &obtained); - if (username != NULL) { + domain = cli_credentials_get_domain_and_obtained(creds, &obtained); + if (domain != NULL) { bool overwrite = false; - if (usr[0] == '\0') { + if (dom[0] == '\0') { overwrite = true; } if (obtained >= CRED_CALLBACK_RESULT) { overwrite = true; } if (overwrite) { - strncpy(usr, username, usr_len - 1); + strncpy(dom, domain, dom_len - 1); } } + cli_credentials_set_domain(creds, dom, obtained); - password = cli_credentials_get_password_and_obtained(creds, &obtained); - if (password != NULL) { + username = cli_credentials_get_username_and_obtained(creds, &obtained); + if (username != NULL) { bool overwrite = false; if (usr[0] == '\0') { overwrite = true; @@ -140,33 +141,35 @@ static void get_auth_data_with_context_fn(SMBCCTX *ctx, overwrite = true; } if (overwrite) { - strncpy(pwd, password, pwd_len - 1); + strncpy(usr, username, usr_len - 1); } } + cli_credentials_set_username(creds, usr, obtained); - domain = cli_credentials_get_domain_and_obtained(creds, &obtained); - if (domain != NULL) { + password = cli_credentials_get_password_and_obtained(creds, &obtained); + if (password != NULL) { bool overwrite = false; - if (usr[0] == '\0') { + if (pwd[0] == '\0') { overwrite = true; } if (obtained >= CRED_CALLBACK_RESULT) { overwrite = true; } if (overwrite) { - strncpy(dom, domain, dom_len - 1); + strncpy(pwd, password, pwd_len - 1); } } + cli_credentials_set_password(creds, pwd, obtained); - smbc_set_credentials_with_fallback(ctx, domain, username, password); + smbc_set_credentials_with_fallback(ctx, dom, usr, pwd); - if (!opt.quiet && username != NULL) { - if (username[0] == '\0') { + if (!opt.quiet) { + if (usr[0] == '\0') { printf(&q
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 88174f48d2e vfs_fruit: ignore ENAMETOOLONG in fruit_unlink_rsrc_adouble() from 82f021d43de pidl: include scompat headers and servers in s3 server template https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 88174f48d2ecb1c9ebb74a0eb45c4fa8e20eb923 Author: MikeLiu Date: Thu Oct 26 16:15:39 2023 +0800 vfs_fruit: ignore ENAMETOOLONG in fruit_unlink_rsrc_adouble() adouble_path() inside fruit_unlink_rsrc_adouble() prepend "._" to a basename, lenth of apple double filename will exceed NAME_MAX if length of basename is equal to NAME_MAX (or NAME_MAX-1). BUG: https://bugzilla.samba.org/show_bug.cgi?id=15504 Signed-off-by: MikeLiu Reviewed-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Nov 17 11:07:01 UTC 2023 on atb-devel-224 --- Summary of changes: source3/modules/vfs_fruit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c index b510b04aea6..b3dd6016ae3 100644 --- a/source3/modules/vfs_fruit.c +++ b/source3/modules/vfs_fruit.c @@ -2110,7 +2110,7 @@ static int fruit_unlink_rsrc_adouble(vfs_handle_struct *handle, adp_smb_fname, 0); TALLOC_FREE(adp_smb_fname); - if ((rc != 0) && (errno == ENOENT) && force_unlink) { + if ((rc != 0) && (errno == ENOENT || errno == ENAMETOOLONG) && force_unlink) { rc = 0; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4e585186f2b smbd: Get the symlink mode for posix through fdos_mode() via aaa73cce1da smbd: Centralize fdos_mode() in smbd_dirptr_get_entry() via 80c98acbf05 smbd: Centralize wiping the ".." stat info via c96010a2a9f smbd: Simplify smbd_dirptr_get_entry() via 6b0cfcdbc37 smbd: Remove a pointless NULL check via 5991f4e66b5 smbd: Slightly simplify smbd_dirptr_get_entry() via 901c7cc6aaf smbd: Move mask_match_search() to smb1_reply.c via b1e5ed4490f smbd: Simplify smbd_dirptr_get_entry() via 47f36e0b1df smbd: Simplify smbd_dirptr_8_3_mode_fn() via f905384f5df smbd: Rename "fsp" to "dirfsp" in smbd_smb2_query_directory_state via f195df4e652 smbd: Directly print errno in openat_pathref_fsp_lcomp() via 46372997a09 smbd: Remove a NULL check that became obsolete via 15648b5da5d smbd: Modernize a DEBUG statement from b6661e77de2 netcmd: docs: update docs for silo member grant + revoke https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4e585186f2b4905ab4504a464766b3fda1875cb3 Author: Volker Lendecke Date: Tue Nov 14 12:12:22 2023 +0100 smbd: Get the symlink mode for posix through fdos_mode() fdos_mode() has special code to deal with symlinks, so we don't have to replicate that logic here. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Nov 15 06:10:38 UTC 2023 on atb-devel-224 commit aaa73cce1da0c9058615a9b3d91e926d445277de Author: Volker Lendecke Date: Tue Nov 14 12:11:17 2023 +0100 smbd: Centralize fdos_mode() in smbd_dirptr_get_entry() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 80c98acbf0550c760dbc9de2cc7a3328c3c53bd6 Author: Volker Lendecke Date: Tue Nov 14 12:09:54 2023 +0100 smbd: Centralize wiping the ".." stat info Make sure this also happens for symlinks etc. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c96010a2a9ff59b3cc086fc3df15ce9408fe5986 Author: Volker Lendecke Date: Mon Nov 13 13:46:51 2023 +0100 smbd: Simplify smbd_dirptr_get_entry() This uses the much simpler openat_pathef_fsp_lcomp, avoiding non_widelink_open where we don't need it. The only case where we still have to call openat_pathref_fsp() in its full capacity is to find out whether a symlink we found is dangling or not. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 6b0cfcdbc3755709f928ac4bc010d130deb042fe Author: Volker Lendecke Date: Mon Nov 13 13:48:42 2023 +0100 smbd: Remove a pointless NULL check We've dereferenced smb_fname before, and talloc_move() never fails. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 5991f4e66b59cda65142a68f9db4e0fa1b7b147d Author: Volker Lendecke Date: Mon Nov 13 10:25:58 2023 +0100 smbd: Slightly simplify smbd_dirptr_get_entry() Check for dirptr being toplevel just once. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 901c7cc6aafc98a91888e6ca7c9f7cb2ccdf8627 Author: Volker Lendecke Date: Sun Nov 12 11:48:30 2023 +0100 smbd: Move mask_match_search() to smb1_reply.c Only called there. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b1e5ed4490ff92f001d9f0d282059c4cc17e19a7 Author: Volker Lendecke Date: Sun Nov 12 11:30:11 2023 +0100 smbd: Simplify smbd_dirptr_get_entry() Both mode_fn's are now the same. Fold them into smbd_dirptr_get_entry() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 47f36e0b1df028cf9abf1a88efaf0296c527e18b Author: Volker Lendecke Date: Sat Nov 11 19:12:16 2023 +0100 smbd: Simplify smbd_dirptr_8_3_mode_fn() Do the smb1-specific code directly in smb1-code. Don't tunnel it through generic smb1/smb2 code. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f905384f5dfe8e297a54e3e3ad1d2ecd13e96713 Author: Volker Lendecke Date: Thu Nov 9 12:50:07 2023 +0100 smbd: Rename "fsp" to "dirfsp" in smbd_smb2_query_directory_state Makes it clearer to me what we have there. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f195df4e65257b8fe1175135fd1217dd9541cbff Author: Volker Lendecke Date: Tue Nov 14 10:53:30 2023 +0100 smbd: Directly print errno in openat_pathref_fsp_lcomp() This is where the error came from. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 46372997a09c6c4cc213941d3d510cfebf500855 Author: Volker Lendecke Date: Thu Nov 9 12:25:
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d314fc5874e smbd: Make get_real_filename_cache_key() static in files.c via 8d00b0e664d smbd: Simplify openat_pathref_fsp_case_insensitive() via ab56379c227 smbd: Make get_real_filename_cache_key() public via 552f9e9d558 smbd: We want to delete symlinks as such in reply_unlink() via 6ea681f36e0 smbd: Make create_open_symlink_err() public via 8308d25ff9d smbd: Make in_create_options available in smbd_smb2_create_after_exec() via 6c3c37cf209 smbd: Make a fake file's stat a valid regular file via 193df617816 smbd: Simplify fsp_fullbasepath() via 8392a832b59 smbd: Correct PATH_ vs NAME_NOT_FOUND for not following lcomp via cee9586c6ee smbd: Return OBJECT_NAME_NOT_FOUND if lcomp points outside the share via c81d1d3fe4e smbd: Return open_symlink_err from filename_convert_dirfsp_nosymlink() via 62800d6213e libcli: Fix whitespace via ac60b7a1455 smbd: We don't reopen anything but dirs and files via ae236f8f4db smbd: Remove a few pointless return; statements via 5b0500f0c90 smbd: Protect ea-reading on symlinks via f72f9915680 smbd: Remove an assert that never triggers via 74e121f93b3 librpc: Fix error path cleanups in start_rpc_host_send() from 273d48504e1 CI: smb3unix.py: check more attributes of test files (and dirs) in test_posix_perm_files() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d314fc5874e243f9fd659aa9fdf3c5ed6c0c6a22 Author: Volker Lendecke Date: Sat Nov 4 16:17:36 2023 +0100 smbd: Make get_real_filename_cache_key() static in files.c Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Nov 7 13:58:07 UTC 2023 on atb-devel-224 commit 8d00b0e664d76931dd29b417e90ec1e4ff488939 Author: Volker Lendecke Date: Wed Oct 18 11:50:20 2023 +0200 smbd: Simplify openat_pathref_fsp_case_insensitive() This is more lines of code, but it's still a simplification. With this patch we don't call the full openat_pathref_fsp() anymore when looking up the last component in filename_convert_dirfsp(), instead we do the direct SMB_VFS_OPENAT(). We don't need the whole complexity of non_widelink_open() for this case, we do know that we have a real non-cwd dirfsp. The other big change that is not obvious just from looking at the patch: This removes the special case for looking up posix symlinks. Before this patch, filename_convert_dirfsp() returned a proper smb_filename but without an attached fsp when a smb1 posix client hits a symlink. This caused all sorts of special case code everywhere. For example smbd_do_qfilepathinfo() needs to cover both cases just for the smb1 posix symlink case. This special-case handling can go now. We can do the path lookup in the smb1-only qpathinfo code and call into the common code with a proper fsp. When hitting a symlink and with O_PATH available, we'll get the symlink opened with an O_PATH fd. Without O_PATH we obviously can't do that, there we get fd=-1 and an indication that we don't have the procfd fallback around. Why all this? I want to present FIFOs (and eventually symlinks) as reparse points as the very next step. Without this patch, there is no real unified way to get the file attributes from disk. Now we can use the proper logic of fdos_mode() everywhere and not rely on special cases for fsp==NULL. This patch also changes some error codes for smb1 posix extensions. I chose to just change the test instead of going after each and every change. As long as we do get an error, I'm willing to accept that we slightly change error path behaviour for this deprecated code. And, I tried to split this up into smaller patches but I failed. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit ab56379c22702d364b0b55fe993e407739b6af91 Author: Volker Lendecke Date: Sat Nov 4 15:41:40 2023 +0100 smbd: Make get_real_filename_cache_key() public Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 552f9e9d5584dac4177aef70eb438530976557d6 Author: Volker Lendecke Date: Wed Oct 25 18:58:34 2023 +0200 smbd: We want to delete symlinks as such in reply_unlink() Even with "follow symlinks = yes" we don't want to delete the target when being given a symlink name. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 6ea681f36e09c05ede087ec88809ed6805657354 Author: Volker Lendecke Date: Mon Oct 23 15:45:08 2023 +0200 smbd: Make create_open_symlink_err() public Signed-off
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via de20ee1adad WHATSNEW: Mention logged on users list removal from 7a5228ffce0 CI: smb3unix.py: check basic CreateContexts response https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit de20ee1adad4a6b26e07a6cf1ac89819ceaf8ecc Author: Samuel Cabrero Date: Mon Oct 30 13:24:29 2023 +0100 WHATSNEW: Mention logged on users list removal Signed-off-by: Samuel Cabrero Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Nov 1 12:52:13 UTC 2023 on atb-devel-224 --- Summary of changes: WHATSNEW.txt | 9 + 1 file changed, 9 insertions(+) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 0f20c4779df..2bd3f02e1dc 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -42,6 +42,15 @@ in a package may locate other dependencies we no longer require. REMOVED FEATURES +Get locally logged on users from utmp +- + +The Workstation Service Remote Protocol [MS-WKST] calls NetWkstaGetInfo +level 102 and NetWkstaEnumUsers level 0 and 1 return the list of locally +logged on users. Samba was getting the list from utmp, which is not +Y2038 safe. This feature has been completely removed and Samba will +always return an empty list. + smb.conf changes -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 853ae7a913e smbd: add inode marshalling in smb3_file_posix_information_init() via 3aedefccbac smbd: add nlinks marshalling in smb3_file_posix_information_init() via 788dafccd15 s3/libsmb: reuse smbXcli_conn_have_posix() via 45643c703b6 smbd: fix group marshalling in smb3_file_posix_information_init from d57f3bdcd33 s4:kdc: Simplify principal_comp_strcmp_int() to handle only equality https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 853ae7a913e1051bebbabf07a2280904835b8bef Author: Ralph Boehme Date: Thu Oct 26 15:24:07 2023 +0200 smbd: add inode marshalling in smb3_file_posix_information_init() Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Oct 26 16:32:30 UTC 2023 on atb-devel-224 commit 3aedefccbac8b3b31831c9c27b1d1cde04c9d41f Author: Ralph Boehme Date: Thu Oct 26 15:24:27 2023 +0200 smbd: add nlinks marshalling in smb3_file_posix_information_init() Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 788dafccd15b72a076413423764a2a1703ef6249 Author: Ralph Boehme Date: Fri Oct 13 10:26:46 2023 +0200 s3/libsmb: reuse smbXcli_conn_have_posix() We already store the negotiated POSIX state in smbXcli_connection and there we only store it if the server actually supports the version we requested. Signed-off-by: Ralph Boehme Reviewed-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit 45643c703b636db22514548e59ac13be9e80f524 Author: Ralph Boehme Date: Tue Oct 24 19:06:23 2023 +0200 smbd: fix group marshalling in smb3_file_posix_information_init Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke --- Summary of changes: source3/client/client.c | 2 +- source3/include/client.h | 1 - source3/libsmb/clidfs.c | 6 -- source3/smbd/smb2_posix.c | 4 +++- 4 files changed, 4 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/client/client.c b/source3/client/client.c index ad9d157db18..267e3ebeb99 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -3164,7 +3164,7 @@ static int cmd_posix(void) char *caps; NTSTATUS status; - if (!(SERVER_HAS_UNIX_CIFS(cli) || cli->smb2.server_smb311_posix)) { + if (!smbXcli_conn_have_posix(cli->conn)) { d_printf("Server doesn't support UNIX CIFS extensions.\n"); return 1; } diff --git a/source3/include/client.h b/source3/include/client.h index 3644e40ca50..9634166428c 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -91,7 +91,6 @@ struct cli_state { struct smbXcli_session *session; struct smbXcli_tcon *tcon; struct idr_context *open_handles; - bool server_smb311_posix; bool client_smb311_posix; } smb2; }; diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c index 7bc733492ce..939b3b0da09 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c @@ -245,12 +245,6 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx, smb2cli_conn_set_max_credits(c->conn, DEFAULT_SMB2_MAX_CREDITS); } - if ((protocol >= PROTOCOL_SMB3_11) && (out_contexts != NULL)) { - c->smb2.server_smb311_posix = smb2_negotiate_context_find( - out_contexts, - SMB2_POSIX_EXTENSIONS_AVAILABLE); - } - status = cli_session_setup_creds(c, creds); if (!NT_STATUS_IS_OK(status)) { /* If a password was not supplied then diff --git a/source3/smbd/smb2_posix.c b/source3/smbd/smb2_posix.c index 1cd76e2..9623e59e43a 100644 --- a/source3/smbd/smb2_posix.c +++ b/source3/smbd/smb2_posix.c @@ -34,11 +34,13 @@ void smb3_file_posix_information_init( *dst = (struct smb3_file_posix_information) { .end_of_file = get_file_size_stat(st), .allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,NULL,st), + .inode = SMB_VFS_FS_FILE_ID(conn, st), .device = st->st_ex_dev, .creation_time = unix_timespec_to_nt_time(st->st_ex_btime), .last_access_time = unix_timespec_to_nt_time(st->st_ex_atime), .last_write_time = unix_timespec_to_nt_time(st->st_ex_mtime), .change_time = unix_timespec_to_nt_time(st->st_ex_ctime), + .cc.nlinks = st->st_ex_nlink, .cc.reparse_tag = reparse_tag, .cc.posix_perms = unix_perms_to_wire(st->st_ex_mode & ~S_IFMT), .cc.owner = global_si
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 52fd0d79ab0 smbd: put back code to fill in user and group SID from 14600a3128c s3:libads: Improve logging for failover scenarios https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 52fd0d79ab0ca65e94d9dc6908faa42a75103e6e Author: Ralph Boehme Date: Wed Oct 18 15:32:03 2023 +0200 smbd: put back code to fill in user and group SID This is accidentally removed by 6874ed6a9defdf6f842e1e25f1ffd95708534ca6. Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Oct 18 16:46:00 UTC 2023 on atb-devel-224 --- Summary of changes: source3/smbd/smb2_create.c | 3 +++ 1 file changed, 3 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index d71dfc3083f..94e73b0a27c 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -1673,6 +1673,9 @@ static void smbd_smb2_create_after_exec(struct tevent_req *req) }; enum ndr_err_code ndr_err; + uid_to_sid(&cc.owner, psbuf->st_ex_uid); + gid_to_sid(&cc.group, psbuf->st_ex_gid); + ndr_err = ndr_push_smb3_posix_cc_info(&ndr, NDR_SCALARS | NDR_BUFFERS, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a6b1c75 ctdb: Add "home_nodes" file to deterministic IP allocation via ea9cbbd8309 ctdb: setup $CTDB_BASE for deterministic ip alloc tests via 23ccb1c0ca5 ctdb: Align variable signedness via ce3243d7b20 ctdb: Reduce indentation in get_tunable_values() via 58ec800928b ctdb: Fix whitespace from 633a3ee6894 s3: smbd: Ignore fstat() error on deleted stream in fd_close(). https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a6b1c754f8ecf7c6c8a43ff015257adf5d0a Author: Volker Lendecke Date: Fri Aug 4 14:47:51 2023 +0200 ctdb: Add "home_nodes" file to deterministic IP allocation With a file "home_nodes" next to "public_addresses" you can assign public IPs to specific nodes when using the deterministic allocation algorithm. Whenever the "home node" is up, the IP address will be assigned to that node, independent of any other deterministic calculation. The line 192.168.21.254 2 in the file "home_nodes" assigns the IP address to node 2. Only when node 2 is not able to host IP addresses, 192.168.21.254 undergoes the normal deterministic IP allocation algorithm. Signed-off-by: Volker Lendecke add home_nodes Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Oct 10 14:17:19 UTC 2023 on atb-devel-224 commit ea9cbbd8309fd8514e4a9a4aa80749e8adfff0bc Author: Volker Lendecke Date: Thu Oct 5 17:11:51 2023 +0200 ctdb: setup $CTDB_BASE for deterministic ip alloc tests ipalloc_deterministic() will require it in the next patch Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 23ccb1c0ca53f2e46238eece186ac7726af9b96d Author: Volker Lendecke Date: Fri Aug 4 15:35:46 2023 +0200 ctdb: Align variable signedness ipalloc_state->num_nodes is uint32_t Reviewed-by: Ralph Boehme commit ce3243d7b2095970d00e5c59c880ebf81f2bf9ed Author: Volker Lendecke Date: Thu Sep 28 15:55:36 2023 +0200 ctdb: Reduce indentation in get_tunable_values() Use an early return tvals; review with "git sh -b". Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 58ec800928bdda2f1260ee24eeca8a0018931a68 Author: Volker Lendecke Date: Thu Sep 28 15:50:28 2023 +0200 ctdb: Fix whitespace Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme --- Summary of changes: ctdb/doc/ctdb-tunables.7.xml | 11 ++ ctdb/server/ipalloc_deterministic.c| 130 - ctdb/tests/UNIT/takeover/det.001.sh| 2 + ctdb/tests/UNIT/takeover/det.002.sh| 2 + ctdb/tests/UNIT/takeover/det.003.sh| 2 + .../tests/UNIT/takeover/{det.003.sh => det.004.sh} | 17 ++- .../tests/UNIT/takeover/{det.002.sh => det.005.sh} | 18 ++- .../tests/UNIT/takeover/{det.001.sh => det.006.sh} | 16 ++- ctdb/tests/src/ctdb_takeover_tests.c | 45 +++ 9 files changed, 212 insertions(+), 31 deletions(-) copy ctdb/tests/UNIT/takeover/{det.003.sh => det.004.sh} (63%) copy ctdb/tests/UNIT/takeover/{det.002.sh => det.005.sh} (66%) copy ctdb/tests/UNIT/takeover/{det.001.sh => det.006.sh} (71%) Changeset truncated at 500 lines: diff --git a/ctdb/doc/ctdb-tunables.7.xml b/ctdb/doc/ctdb-tunables.7.xml index 725c781e47e..e4f7ce0b96a 100644 --- a/ctdb/doc/ctdb-tunables.7.xml +++ b/ctdb/doc/ctdb-tunables.7.xml @@ -283,6 +283,17 @@ MonitorInterval=20 with care when addresses are defined across multiple networks. + + You can override automatic the "home" node allocation by + creating a file "home_nodes" next to the + "public_addresses" file. As an example the following + "home_nodes" file assigns the address 192.168.1.1 to + node 0 and 192.168.1.2 to node 2: + + + 192.168.1.1 0 + 192.168.1.2 2 + diff --git a/ctdb/server/ipalloc_deterministic.c b/ctdb/server/ipalloc_deterministic.c index 097d8169da8..43680ba5c2f 100644 --- a/ctdb/server/ipalloc_deterministic.c +++ b/ctdb/server/ipalloc_deterministic.c @@ -24,13 +24,120 @@ #include "lib/util/debug.h" #include "common/logging.h" +#include "common/path.h" + +#include "protocol/protocol_util.h" +#include "lib/util/smb_strtox.h" +#include "lib/util/memory.h" #include "server/ipalloc_private.h" +struct home_node { + ctdb_sock_ad
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 633a3ee6894 s3: smbd: Ignore fstat() error on deleted stream in fd_close(). via 23deb79a280 tests: Add reproducer for bug 15487 via 340f0420bd3 pylibsmb: Add SMB2_CLOSE_FLAGS_FULL_INFORMATION constant via c4047443a51 libsmb: Pass "flags" through cli_close_send() and pylibsmb via f72ef19cf51 libsmb: Add "flags" to cli_smb2_close_fnum_send() from d1846452e96 vfs: Add VFS_OPEN_HOW_WITH_BACKUP_INTENT https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 633a3ee6894cc1d05b44dbe47a278202803d9b21 Author: Ralph Boehme Date: Wed Sep 20 14:21:44 2023 -0700 s3: smbd: Ignore fstat() error on deleted stream in fd_close(). In the fd_close() fsp->fsp_flags.fstat_before_close code path. If this is a stream and delete-on-close was set, the backing object (an xattr from streams_xattr) might already be deleted so fstat() fails with NT_STATUS_NOT_FOUND. So if fsp refers to a stream we ignore the error and only bail for normal files where an fstat() should still work. NB. We cannot use fsp_is_alternate_stream(fsp) for this as the base_fsp has already been closed at this point and so the value fsp_is_alternate_stream() checks for is already NULL. Remove knownfail. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15487 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Oct 10 09:39:27 UTC 2023 on atb-devel-224 commit 23deb79a28009f5c4ea2f2c2ceb84cfdbc9fb5b1 Author: Volker Lendecke Date: Sat Oct 7 12:28:05 2023 +0200 tests: Add reproducer for bug 15487 Show that smbd crashes if asked to return full information on close of a stream handle with delete on close disposition set. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15487 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 340f0420bd34149ebe8fc76eb5fe4547970a5c5b Author: Volker Lendecke Date: Sat Oct 7 12:20:35 2023 +0200 pylibsmb: Add SMB2_CLOSE_FLAGS_FULL_INFORMATION constant Bug: https://bugzilla.samba.org/show_bug.cgi?id=15487 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c4047443a511f003eb855504315eeb8499fafcb7 Author: Volker Lendecke Date: Sat Oct 7 12:13:09 2023 +0200 libsmb: Pass "flags" through cli_close_send() and pylibsmb Bug: https://bugzilla.samba.org/show_bug.cgi?id=15487 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f72ef19cf51d8ededa449344cc16b72cf3685302 Author: Volker Lendecke Date: Sat Oct 7 12:06:26 2023 +0200 libsmb: Add "flags" to cli_smb2_close_fnum_send() Bug: https://bugzilla.samba.org/show_bug.cgi?id=15487 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: examples/fuse/clifuse.c | 2 +- examples/winexe/winexe.c | 37 +++- python/samba/tests/libsmb-basic.py | 21 ++ source3/libsmb/cli_smb2_fnum.c | 56 +--- source3/libsmb/cli_smb2_fnum.h | 3 +- source3/libsmb/clifile.c | 23 --- source3/libsmb/clisymlink.c | 11 --- source3/libsmb/proto.h | 4 ++- source3/libsmb/pylibsmb.c| 11 --- source3/smbd/open.c | 15 +- source3/torture/nbench.c | 7 +++-- source3/torture/test_chain3.c| 2 +- source3/torture/test_notify.c| 11 --- source3/torture/test_notify_online.c | 6 ++-- source3/torture/torture.c| 6 ++-- 15 files changed, 141 insertions(+), 74 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/fuse/clifuse.c b/examples/fuse/clifuse.c index 28c5177b250..ba4aca751fe 100644 --- a/examples/fuse/clifuse.c +++ b/examples/fuse/clifuse.c @@ -952,7 +952,7 @@ static void cli_ll_release(fuse_req_t freq, fuse_ino_t ino, fnum = fi->fh; - req = cli_smb2_close_fnum_send(state, mstate->ev, mstate->cli, fnum); + req = cli_smb2_close_fnum_send(state, mstate->ev, mstate->cli, fnum, 0); if (req == NULL) { TALLOC_FREE(state); fuse_reply_err(freq, ENOMEM); diff --git a/examples/winexe/winexe.c b/examples/winexe/winexe.c index 29e1fe2055b..5c2529cb2de 100644 --- a/examples/winexe/winexe.c +++ b/examples/winexe/winexe.c @@ -993,11 +993,11 @@ static void winexe_out_pipe_got_data(struct tevent_req *subreq) nt_errstr(status)); if (NT_STATUS_EQUAL(status, NT_STATUS_PIPE_DISCONNECTED)) { - subreq = cli_close_send( -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d7394a90f51 testparm: Allow idmap ranges overlap for idmap_nss from fab08854af3 libsmb: Pass neg contexts through sync smbXcli_negprot_recv() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d7394a90f51e9a2caac58d280e2ec3331f45a315 Author: Samuel Cabrero Date: Tue Sep 26 13:01:03 2023 +0200 testparm: Allow idmap ranges overlap for idmap_nss Signed-off-by: Samuel Cabrero Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Sep 26 19:28:08 UTC 2023 on atb-devel-224 --- Summary of changes: source3/utils/testparm.c | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index 4a19f888632..fd90e8d734a 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -229,16 +229,21 @@ static bool do_idmap_check(void) if ((c->low >= x->low && c->low <= x->high) || (c->high >= x->low && c->high <= x->high)) { - /* Allow overlapping ranges for idmap_ad */ + /* +* Allow overlapping ranges for idmap_ad +* and idmap_nss +*/ ok = strequal(c->backend, x->backend); if (ok) { - ok = strequal(c->backend, "ad"); + ok = strequal(c->backend, "ad") || +strequal(c->backend, "nss"); if (ok) { fprintf(stderr, - "NOTE: The idmap_ad " + "NOTE: The idmap_%s " "range for the domain " "%s overlaps with the " "range of %s.\n\n", + c->backend, c->domain_name, x->domain_name); continue; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5379b8d557a s3: smbd: Ensure all callers to srvstr_pull_req_talloc() pass a zeroed-out dest pointer. via 5bc50d2ea44 s3: smbd: Uncorrupt the pointer we were using to prove a crash. via 9220c45cc19 s3: smbd: Ensure srvstr_pull_req_talloc() always NULLs out *dest. via 963fd8aa9b7 s3: torture: Add SMB1-TRUNCATED-SESSSETUP test. via e7bf94b4e3a s3: smbd: Deliberately currupt an uninitialized pointer. from c01c206d765 s4:kdc: Add get_claims_set_for_principal() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5379b8d557a9a16b81eafb87b60b81debc4bfccb Author: Jeremy Allison Date: Fri Aug 11 10:52:31 2023 -0700 s3: smbd: Ensure all callers to srvstr_pull_req_talloc() pass a zeroed-out dest pointer. Now we've fixed srvstr_pull_req_talloc() this isn't strictly needed, but ensuring pointers are initialized is best practice to avoid future bugs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Aug 14 15:55:43 UTC 2023 on atb-devel-224 commit 5bc50d2ea244721e72b4264311c7005d2f3c Author: Jeremy Allison Date: Fri Aug 11 10:47:28 2023 -0700 s3: smbd: Uncorrupt the pointer we were using to prove a crash. Rather than restore to uninitialized, set to NULL as per modern coding practices. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420 Reviewed-by: Volker Lendecke Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 9220c45cc191b34e293190f6a923ba463edd5db9 Author: Jeremy Allison Date: Fri Aug 11 10:42:41 2023 -0700 s3: smbd: Ensure srvstr_pull_req_talloc() always NULLs out *dest. Robert Morris noticed that in the case where srvstr_pull_req_talloc() is being called with buffer remaining == 0, we don't NULL out the destination pointed which is *always* done in the codepaths inside pull_string_talloc(). This prevents a crash in the caller. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 963fd8aa9b76361ab9aeb63307773f2498b17879 Author: Jeremy Allison Date: Fri Aug 11 10:39:36 2023 -0700 s3: torture: Add SMB1-TRUNCATED-SESSSETUP test. Shows that we indirect through an uninitialized pointer and the client crashes it's own smbd. Add knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit e7bf94b4e3a7f994aa6f0b859089c5add2ad380f Author: Jeremy Allison Date: Fri Aug 11 10:38:23 2023 -0700 s3: smbd: Deliberately currupt an uninitialized pointer. We will need this to show smbd crashing in the test code. This will be removed once we're passing the test. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke --- Summary of changes: source3/selftest/tests.py | 11 +++ source3/smbd/smb1_ipc.c | 2 +- source3/smbd/smb1_message.c | 2 +- source3/smbd/smb1_sesssetup.c | 4 +- source3/smbd/smb2_reply.c | 1 + source3/torture/torture.c | 181 ++ 6 files changed, 197 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 461e09be87b..579ed87656d 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -219,6 +219,17 @@ plantestsuite("samba3.smbtorture_s3.hidenewfiles_showdirs", "", "-l $LOCAL_PATH"]) +plantestsuite("samba3.smbtorture_s3.smb1.SMB1-TRUNCATED-SESSSETUP", +"fileserver_smb1", +[os.path.join(samba3srcdir, + "script/tests/test_smbtorture_s3.sh"), +'SMB1-TRUNCATED-SESSSETUP', +'//$SERVER_IP/tmp', +'$USERNAME', +'$PASSWORD', +smbtorture3, +"-mNT1"]) + # # MSDFS attribute tests. # diff --git a/source3/smbd/smb1_ipc.c b/source3/smbd/smb1_ipc.c index 3f9958fece0..716b67b40ea 100644 --- a/source3/smbd/smb1_ipc.c +++ b/source3/smbd/smb1_ipc.c @@ -695,7 +695,7 @@ void reply_trans(struct smb_request *req) return; } - if ((state = talloc(conn, struct trans_state)) == NULL) { + if ((state = talloc_zero(conn
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9ec22e68024 dcerpc.idl: fix definitions for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED payload via 5c724a3e156 librpc/rpc: let dcerpc_read_ncacn_packet_next_vector() handle fragments without any payload via c37adb76264 s4:torture/ndr: add tests for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED from 269738d6ce4 lib/replace: fix strlcat/strlcpy compile for Honggfuzz https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9ec22e680249cfde06fb1a0a34fcc94d1f47002d Author: Stefan Metzmacher Date: Fri Aug 4 14:03:43 2023 +0200 dcerpc.idl: fix definitions for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED payload It seems commit 259129e8f4bc8cacd1850eba3f6551134835d079 was partly just fantasy... Windows clients just use 16 bytes for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED pdus. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Aug 8 08:57:46 UTC 2023 on atb-devel-224 commit 5c724a3e156ae734e4d187bf9639d895bb011834 Author: Stefan Metzmacher Date: Mon Aug 7 16:16:27 2023 +0200 librpc/rpc: let dcerpc_read_ncacn_packet_next_vector() handle fragments without any payload DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED don't have any payload by default. In order to receive them via dcerpc_read_ncacn_packet_send/recv we need to allow fragments with frag_len == DCERPC_NCACN_PAYLOAD_OFFSET. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit c37adb762640b7df9731d6a60edce808aa8787f8 Author: Stefan Metzmacher Date: Fri Aug 4 13:57:12 2023 +0200 s4:torture/ndr: add tests for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED The PDUs were generated by Windows clients. And we fail to parse them currently. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke --- Summary of changes: librpc/idl/dcerpc.idl | 2 - librpc/rpc/dcerpc_util.c | 9 ++- source4/torture/ndr/dcerpc.c | 148 ++ source4/torture/ndr/ndr.c | 1 + source4/torture/wscript_build | 1 + 5 files changed, 157 insertions(+), 4 deletions(-) create mode 100644 source4/torture/ndr/dcerpc.c Changeset truncated at 500 lines: diff --git a/librpc/idl/dcerpc.idl b/librpc/idl/dcerpc.idl index bbb17f0b8c4..1850526042c 100644 --- a/librpc/idl/dcerpc.idl +++ b/librpc/idl/dcerpc.idl @@ -276,12 +276,10 @@ interface dcerpc } dcerpc_auth3; typedef [public] struct { - [value(0)]uint32_pad; [flag(NDR_REMAINING)] DATA_BLOB auth_info; } dcerpc_orphaned; typedef [public] struct { - [value(0)]uint32_pad; [flag(NDR_REMAINING)] DATA_BLOB auth_info; } dcerpc_co_cancel; diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c index 0ecb2bff1fa..a3a734b0c09 100644 --- a/librpc/rpc/dcerpc_util.c +++ b/librpc/rpc/dcerpc_util.c @@ -565,9 +565,14 @@ static int dcerpc_read_ncacn_packet_next_vector(struct tstream_context *stream, ofs = state->buffer.length; - if (frag_len < ofs) { + if (frag_len <= ofs) { /* -* something is wrong, let the caller deal with it +* With frag_len == ofs, we are done, this is likely +* a DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED +* without any payload. +* +* Otherwise it's a broken packet and we +* let the caller deal with it. */ *_vector = NULL; *_count = 0; diff --git a/source4/torture/ndr/dcerpc.c b/source4/torture/ndr/dcerpc.c new file mode 100644 index 000..459817d4951 --- /dev/null +++ b/source4/torture/ndr/dcerpc.c @@ -0,0 +1,148 @@ +/* + Unix SMB/CIFS implementation. + test suite for dcerpc ndr operations + + Copyright (C) Stefan Metzmacher 2023 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILI
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6965e77268e s3:libads: re-initialize num_requests to 0 for cldap_ping_list retries from bf7fbf7e2b6 s3-net: no secrets access required when processing a ODJ provisioning https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6965e77268e1abfc21f1793c7cd006444938ac03 Author: Stefan Metzmacher Date: Tue Jul 4 18:07:12 2023 +0200 s3:libads: re-initialize num_requests to 0 for cldap_ping_list retries Commit 8132edf119757ee91070facffef016c93de9c2a6 introduced a retry loop arround cldap_multi_netlogon(), but it forgot to reset num_requests to 0 for the retries. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15416 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jul 5 11:17:43 UTC 2023 on atb-devel-224 --- Summary of changes: source3/libads/ldap.c | 1 + 1 file changed, 1 insertion(+) Changeset truncated at 500 lines: diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index a01b1193013..3ba32d0cf44 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -446,6 +446,7 @@ again: * The retry loop is bound by the timeout */ retry = false; + num_requests = 0; for (i = 0; i < count; i++) { char server[INET6_ADDRSTRLEN]; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 358631ce331 smbd: Merge openat_pathref_fsp_nosymlink() into _internal() via f19f3c1a16c smbd: Factor out create_open_symlink_err() via e4422b2ff33 smbd: Remove "atname" from smbd_dirptr_get_entry()'s mode_fn via 88f32b783c4 smbd: Rewrite smbd_dirptr_get_entry() via e9040fa42a5 smbd: Factor out full_path_from_dirfsp_at_basename() via b4698f3b13e smbd: Introduce dir_fname helper var in smbd_dirptr_get_entry() via 16ae3c2e26d smbd: Modernize two DEBUG statements via f56ceab909a smbd: Pass name and stat_ex to dos_mode_msdfs() via 614debf4d96 smbd: Pass "char*" to dos_mode_from_name() via 0958afd297d smbd: Pass stat_ex and files_struct to dos_mode_from_sbuf() via e9363926dc8 smbd: Extend openat_pathref_dirfsp_nosymlink() via eb2978f55cb test: skip the open-eintr test via 7a71e275e44 smbd: Fully fill in fsp in openat_pathref_fsp_nosymlink_internal() via 03660778f07 smbd: Lift up conn->cwd from openat_pathref_dirfsp_nosymlink() via 8b651a68471 smbd: Factor out full_path_extend() via 58f7ec12bd4 smbd: Add read_symlink_reparse() via 633d71eeffc smbd: Apply some README.Coding to dos_mode_from_sbuf() via 08e881aeb58 smbd: Simplify dos_mode_msdfs() via c921cdf87e6 smbd: Move dos_mode_from_name() up in dosmode.c via 290ca547a89 smbd: Slightly simplify smbd_dirptr_get_entry() from 7b6cedf5385 .gitlab-ci:bootstrap: remove ubuntu1804*, add debian12, upgrade opensuse 15.5 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 358631ce3314f952e9b205fc69f0a5b6e067e242 Author: Volker Lendecke Date: Fri Jun 30 11:18:42 2023 +0200 smbd: Merge openat_pathref_fsp_nosymlink() into _internal() Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Jun 30 11:43:46 UTC 2023 on atb-devel-224 commit f19f3c1a16c8df9caaee14f176f8e332d3d6a2bc Author: Volker Lendecke Date: Fri Jun 30 10:57:58 2023 +0200 smbd: Factor out create_open_symlink_err() 3 times talloc_zero() and read_symlink_reparse() makes a nice separate function. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit e4422b2ff33c5d49df23da1686a7be636779d5ab Author: Volker Lendecke Date: Sat Jun 24 10:02:05 2023 +0200 smbd: Remove "atname" from smbd_dirptr_get_entry()'s mode_fn Unused. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 88f32b783c43573ec3e2a82a640ad082e996aae2 Author: Volker Lendecke Date: Thu Jun 22 15:12:25 2023 +0200 smbd: Rewrite smbd_dirptr_get_entry() Move filtering of entries, in particular symlinks, fully into smbd_dirptr_get_entry(). Before, this was hidden in magic code inside openat_pathref_fsp() and the mode_fn()s. Changing anything file open code led to changes in very distant code paths because of unforeseen consequences to directory listing. This change centralizes the decision what directory entries to show into smbd_dirptr_get_entry(). It uses openat_pathref_fsp_nosymlink() without any symlink magic. It might need some tweaking when we also want to show other special files, but this will hopefully be easier. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit e9040fa42a5539c8bdbf41bd99db74759e966e88 Author: Volker Lendecke Date: Thu Jun 22 14:46:01 2023 +0200 smbd: Factor out full_path_from_dirfsp_at_basename() Will use this logic in the next patch Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit b4698f3b13e9e7560e6fa42fca81333d527c25cc Author: Volker Lendecke Date: Thu Jun 22 11:33:05 2023 +0200 smbd: Introduce dir_fname helper var in smbd_dirptr_get_entry() Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 16ae3c2e26dbb1af45df99db373d671f83babd45 Author: Volker Lendecke Date: Thu Jun 22 11:19:29 2023 +0200 smbd: Modernize two DEBUG statements Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit f56ceab909a23e1bd114c4a914d5c1a10626022a Author: Volker Lendecke Date: Tue Jun 20 16:28:19 2023 +0200 smbd: Pass name and stat_ex to dos_mode_msdfs() We'll use it in a place without a smb_fname soon. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 614debf4d9670b5919ac614d03b834c2859dc454 Author: Volker Lendecke Date: Tue Jun 20 16:22:30 2023 +0200 smbd: Pass "char*" to dos_mode_from_name() Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 0958afd297df458ee6d10f9531708b77fc65fb60 Author: Volker Lendecke Date: Tue Jun 20 16:19
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via afbed653526 s3:utils: smbget fix a memory leak from b0524830aaf s4:kdc: don't log an error if msDS-AllowedToActOnBehalfOfOtherIdentity is missing https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit afbed653526b572f7309e67ed742a76ef7b2b8ec Author: Jones Syue Date: Tue Jun 27 17:19:59 2023 +0800 s3:utils: smbget fix a memory leak Using smbget to download files recursively (-R). If smbget found that a file is already existed in the destination, smbget would said 'File exists', return early, and 'newname' allocated memory is never freed, this is found by valgrind. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15403 Signed-off-by: Jones Syue Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jun 28 07:02:34 UTC 2023 on atb-devel-224 --- Summary of changes: source3/utils/smbget.c | 1 + 1 file changed, 1 insertion(+) Changeset truncated at 500 lines: diff --git a/source3/utils/smbget.c b/source3/utils/smbget.c index 00bf20e8192..5c99dcf918a 100644 --- a/source3/utils/smbget.c +++ b/source3/utils/smbget.c @@ -246,6 +246,7 @@ static bool smb_download_dir(const char *base, const char *name, int resume) if (!ok) { fprintf(stderr, "Failed to download %s: %s\n", newname, strerror(errno)); + free(newname); free(tmpname); return false; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via de2738fb9a7 smbd: Don't mask open error if fstatat() fails via 13d199bea0f tests: Show smbd returns wrong error code when creating on r/o fs via 37b3667f65d error_inject: Enable returning EROFS for O_CREAT via 840480789fc error_inject: map EROFS from 7828c6535cd s4:kdc: Don’t overwrite error code https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit de2738fb9a7dad84eb50a0cf007d89b6ef53ec9a Author: Volker Lendecke Date: Mon Jun 26 13:17:44 2023 +0200 smbd: Don't mask open error if fstatat() fails Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402 Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Jun 26 16:53:21 UTC 2023 on atb-devel-224 commit 13d199bea0f39fafd2bf39516d83e20893003aa2 Author: Volker Lendecke Date: Mon Jun 26 14:54:00 2023 +0200 tests: Show smbd returns wrong error code when creating on r/o fs Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402 Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 37b3667f65d10a39b95dd84c002677d16f8c0776 Author: Volker Lendecke Date: Mon Jun 26 13:17:19 2023 +0200 error_inject: Enable returning EROFS for O_CREAT Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402 Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme commit 840480789fcbb2e4ffe8b08818869f8490dc29d5 Author: Volker Lendecke Date: Mon Jun 26 12:47:17 2023 +0200 error_inject: map EROFS Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402 Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme --- Summary of changes: source3/modules/vfs_error_inject.c | 20 source3/script/tests/test_rofs.sh | 34 ++ source3/selftest/tests.py | 7 +++ source3/smbd/open.c| 9 + 4 files changed, 70 insertions(+) create mode 100755 source3/script/tests/test_rofs.sh Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_error_inject.c b/source3/modules/vfs_error_inject.c index 1a327097b30..edb7c64a92a 100644 --- a/source3/modules/vfs_error_inject.c +++ b/source3/modules/vfs_error_inject.c @@ -31,6 +31,7 @@ struct unix_error_map { { "EBADF",EBADF }, { "EINTR",EINTR }, { "EACCES", EACCES }, + { "EROFS",EROFS }, }; static int find_unix_error_from_string(const char *err_str) @@ -115,6 +116,7 @@ static int vfs_error_inject_openat(struct vfs_handle_struct *handle, const struct vfs_open_how *how) { int error = inject_unix_error("openat", handle); + int create_error = inject_unix_error("openat_create", handle); int dirfsp_flags = (O_NOFOLLOW|O_DIRECTORY); bool return_error; @@ -126,6 +128,24 @@ static int vfs_error_inject_openat(struct vfs_handle_struct *handle, #endif #endif + if ((create_error != 0) && (how->flags & O_CREAT)) { + struct stat_ex st = { + .st_ex_nlink = 0, + }; + int ret; + + ret = SMB_VFS_FSTATAT(handle->conn, + dirfsp, + smb_fname, + &st, + AT_SYMLINK_NOFOLLOW); + + if ((ret == -1) && (errno == ENOENT)) { + errno = create_error; + return -1; + } + } + return_error = (error != 0); return_error &= !fsp->fsp_flags.is_pathref; return_error &= ((how->flags & dirfsp_flags) != dirfsp_flags); diff --git a/source3/script/tests/test_rofs.sh b/source3/script/tests/test_rofs.sh new file mode 100755 index 000..72901e5845a --- /dev/null +++ b/source3/script/tests/test_rofs.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash +# Test smbd handling EROFS when creating a file +# Copyright (C) 2023 Volker Lendecke + +if [ $# -ne 4 ]; then + echo Usage: $0 SERVERCONFFILE SMBCLIENT SERVER SHARE + exit 1 +fi + +CONF=$1 +shift 1 +SMBCLIENT=$1 +shift 1 +SERVER=$1 +shift 1 +SHARE=$1 +shift 1 + +incdir=$(dirname $0)/../../../testprogs/blackbox +. $incdir/subunit.sh + +error_inject_conf=$(dirname ${SERVERCONFFILE})/error_inject.conf +echo "error_inject:openat_create = EROFS" >${error_inject_conf} + +failed=0 + +out=$(${SMBCLIENT} //${SERVER}/${SHARE} ${CONF} -U${USER}%${PASSWORD} \ + -c "put VERSION") +testit_grep "Ex
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c4e27ae4f69 smbd: Don't set security_descriptor_hash_v4->time from d34ff44d91b s3:winbind: Fix talloc parent in find_dc() leading to a segfault https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c4e27ae4f69c3a3e067db3627455175b0b427cb1 Author: Volker Lendecke Date: Tue Jun 20 09:56:22 2023 +0200 smbd: Don't set security_descriptor_hash_v4->time This prevents de-duplication of xattrs in the backend file system where otherwise ACLs are often very similar. Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jun 21 07:11:56 UTC 2023 on atb-devel-224 --- Summary of changes: librpc/idl/xattr.idl | 5 + source3/modules/vfs_acl_common.c | 4 2 files changed, 5 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/xattr.idl b/librpc/idl/xattr.idl index 82d4ec5a473..d1cf913e9d8 100644 --- a/librpc/idl/xattr.idl +++ b/librpc/idl/xattr.idl @@ -204,6 +204,11 @@ interface xattr * this hash (to allow * forensics later, if we have * a bug in one codepath */ + /* +* "time" is always set to 0. Left here to avoid +* bumping the union versions. Remove in case a v5 is +* necessary. +*/ NTTIME time; uint8 sys_acl_hash[64]; /* 64 bytes hash. */ } security_descriptor_hash_v4; diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c index fd54d7b2dd6..7a35a946f51 100644 --- a/source3/modules/vfs_acl_common.c +++ b/source3/modules/vfs_acl_common.c @@ -259,9 +259,6 @@ static NTSTATUS create_sys_acl_blob(const struct security_descriptor *psd, struct security_descriptor_hash_v4 sd_hs4; enum ndr_err_code ndr_err; TALLOC_CTX *ctx = talloc_tos(); - NTTIME nttime_now; - struct timeval now = timeval_current(); - nttime_now = timeval_to_nttime(&now); ZERO_STRUCT(xacl); ZERO_STRUCT(sd_hs4); @@ -272,7 +269,6 @@ static NTSTATUS create_sys_acl_blob(const struct security_descriptor *psd, xacl.info.sd_hs4->hash_type = hash_type; memcpy(&xacl.info.sd_hs4->hash[0], hash, XATTR_SD_HASH_SIZE); xacl.info.sd_hs4->description = description; - xacl.info.sd_hs4->time = nttime_now; memcpy(&xacl.info.sd_hs4->sys_acl_hash[0], sys_acl_hash, XATTR_SD_HASH_SIZE); ndr_err = ndr_push_struct_blob( -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 585e4cdd6c9 docs-xml: remove completely outdated Samba-Developers-Guide from cac38aa3870 vfs: Remove vfs telldir/seekdir functions https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 585e4cdd6c98c91ea629f767e95e6c02ab5ed1af Author: Björn Jacke Date: Wed Jun 7 02:49:49 2023 +0200 docs-xml: remove completely outdated Samba-Developers-Guide Signed-off-by: Bjoern Jacke Reviewed-by: Andrew Bartlett Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jun 14 12:21:50 UTC 2023 on atb-devel-224 --- Summary of changes: .../Samba-Developers-Guide/CodingSuggestions.xml | 239 -- docs-xml/Samba-Developers-Guide/Tracing.xml| 131 - docs-xml/Samba-Developers-Guide/architecture.xml | 186 -- docs-xml/Samba-Developers-Guide/cifsntdomain.xml | 2934 docs-xml/Samba-Developers-Guide/contributing.xml | 112 - docs-xml/Samba-Developers-Guide/debug.xml | 323 --- docs-xml/Samba-Developers-Guide/encryption.xml | 199 -- docs-xml/Samba-Developers-Guide/gencache.xml | 119 - docs-xml/Samba-Developers-Guide/index.xml | 99 - docs-xml/Samba-Developers-Guide/internals.xml | 442 --- docs-xml/Samba-Developers-Guide/modules.xml| 176 -- docs-xml/Samba-Developers-Guide/packagers.xml | 54 - docs-xml/Samba-Developers-Guide/parsing.xml| 241 -- docs-xml/Samba-Developers-Guide/printing.xml | 395 --- docs-xml/Samba-Developers-Guide/rpc_plugin.xml | 90 - docs-xml/Samba-Developers-Guide/unix-smb.xml | 316 --- docs-xml/Samba-Developers-Guide/vfs.xml| 921 -- docs-xml/Samba-Developers-Guide/wins.xml | 81 - 18 files changed, 7058 deletions(-) delete mode 100644 docs-xml/Samba-Developers-Guide/CodingSuggestions.xml delete mode 100644 docs-xml/Samba-Developers-Guide/Tracing.xml delete mode 100644 docs-xml/Samba-Developers-Guide/architecture.xml delete mode 100644 docs-xml/Samba-Developers-Guide/cifsntdomain.xml delete mode 100644 docs-xml/Samba-Developers-Guide/contributing.xml delete mode 100644 docs-xml/Samba-Developers-Guide/debug.xml delete mode 100644 docs-xml/Samba-Developers-Guide/encryption.xml delete mode 100644 docs-xml/Samba-Developers-Guide/gencache.xml delete mode 100644 docs-xml/Samba-Developers-Guide/index.xml delete mode 100644 docs-xml/Samba-Developers-Guide/internals.xml delete mode 100644 docs-xml/Samba-Developers-Guide/modules.xml delete mode 100644 docs-xml/Samba-Developers-Guide/packagers.xml delete mode 100644 docs-xml/Samba-Developers-Guide/parsing.xml delete mode 100644 docs-xml/Samba-Developers-Guide/printing.xml delete mode 100644 docs-xml/Samba-Developers-Guide/rpc_plugin.xml delete mode 100644 docs-xml/Samba-Developers-Guide/unix-smb.xml delete mode 100644 docs-xml/Samba-Developers-Guide/vfs.xml delete mode 100644 docs-xml/Samba-Developers-Guide/wins.xml Changeset truncated at 500 lines: diff --git a/docs-xml/Samba-Developers-Guide/CodingSuggestions.xml b/docs-xml/Samba-Developers-Guide/CodingSuggestions.xml deleted file mode 100644 index 4adb8cb09b7..000 --- a/docs-xml/Samba-Developers-Guide/CodingSuggestions.xml +++ /dev/null @@ -1,239 +0,0 @@ - -http://www.samba.org/samba/DTD/samba-doc";> - - - - SteveFrench - - - SimoSorce - - - AndrewBartlett - - - TimPotter - - - MartinPool - - - -Coding Suggestions - - -So you want to add code to Samba ... - - - -One of the daunting tasks facing a programmer attempting to write code for -Samba is understanding the various coding conventions used by those most -active in the project. These conventions were mostly unwritten and helped -improve either the portability, stability or consistency of the code. This -document will attempt to document a few of the more important coding -practices used at this time on the Samba project. The coding practices are -expected to change slightly over time, and even to grow as more is learned -about obscure portability considerations. Two existing documents -samba/source/internals.doc and -samba/source/architecture.doc provide -additional information. - - - -The loosely related question of coding style is very personal and this -document does not attempt to address that subject, except to say that I -have observed that eight character tabs seem to be preferred in Samba -source. If you are interested in the topic of coding style, two oft-quoted -documents are: - - - -http://lxr.linux.no/source/Documentation/CodingStyle";>http://lxr.linux.no/source/Documentation/CodingStyle - - - -http://www.fsf.org/prep/standards
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9c24f853a84 smbd: remove comments about deprecated 'write cache size' from f30f5793ad5 libsmb: Fix directory listing against old servers https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9c24f853a84e1435235ba58ffcaaeff7dd80f6aa Author: Jones Syue Date: Fri Jun 2 14:40:09 2023 +0800 smbd: remove comments about deprecated 'write cache size' The option 'write cache size' was removed since samba-4.12 version: https://wiki.samba.org/index.php/Samba_4.12_Features_added/changed https://git.samba.org/?p=samba.git;a=commit;h=3fea05e0 https://git.samba.org/?p=samba.git;a=commit;h=728fabea It is supposed to remove comments about deprecated 'write cache size', in order to avoid confusion when reading source code and documents. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15383 Signed-off-by: Jones Syue Reviewed-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Jun 2 09:48:17 UTC 2023 on atb-devel-224 --- Summary of changes: docs-xml/smbdotconf/locking/smb2leases.xml | 2 -- docs-xml/smbdotconf/tuning/aioreadsize.xml | 2 +- docs-xml/smbdotconf/tuning/aiowritesize.xml | 2 +- libgpo/admx/en-US/samba.adml| 15 +++ source3/smbd/smb2_read.c| 1 - 5 files changed, 9 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/locking/smb2leases.xml b/docs-xml/smbdotconf/locking/smb2leases.xml index 5a490875af7..89ff307d8f9 100644 --- a/docs-xml/smbdotconf/locking/smb2leases.xml +++ b/docs-xml/smbdotconf/locking/smb2leases.xml @@ -15,8 +15,6 @@ and no. - Note that the write cache won't be used for file handles with a smb2 write lease. - oplocks diff --git a/docs-xml/smbdotconf/tuning/aioreadsize.xml b/docs-xml/smbdotconf/tuning/aioreadsize.xml index 71120a80388..5218f34a6d6 100644 --- a/docs-xml/smbdotconf/tuning/aioreadsize.xml +++ b/docs-xml/smbdotconf/tuning/aioreadsize.xml @@ -6,7 +6,7 @@ If this integer parameter is set to a non-zero value, Samba will read from files asynchronously when the request size is bigger than this value. Note that it happens only for non-chained and non-chaining -reads and when not using write cache. +reads. The only reasonable values for this parameter are 0 (no async I/O) and 1 (always do async I/O). aio write size diff --git a/docs-xml/smbdotconf/tuning/aiowritesize.xml b/docs-xml/smbdotconf/tuning/aiowritesize.xml index cdc079d13dc..029e1d135c0 100644 --- a/docs-xml/smbdotconf/tuning/aiowritesize.xml +++ b/docs-xml/smbdotconf/tuning/aiowritesize.xml @@ -6,7 +6,7 @@ If this integer parameter is set to a non-zero value, Samba will write to files asynchronously when the request size is bigger than this value. Note that it happens only for non-chained and non-chaining -reads and when not using write cache. +writes. The only reasonable values for this parameter are 0 (no async I/O) and 1 (always do async I/O). Compared to this parameter has diff --git a/libgpo/admx/en-US/samba.adml b/libgpo/admx/en-US/samba.adml index 2b1b520ca62..c073758b004 100755 --- a/libgpo/admx/en-US/samba.adml +++ b/libgpo/admx/en-US/samba.adml @@ -323,14 +323,13 @@ Example: 4194304 The time in milliseconds that smbd should keep waiting to see if a failed lock request can be granted. This parameter has changed in default value from Samba 3.0.23 from 10 to 200. The associated parameter is no longer used in Samba 3.0.24. You should not need to change the value of this parameter. oplock break wait time This is a tuning parameter added due to bugs in both Windows 9x and WinNT. If Samba responds to a client too quickly when that client issues an SMB that can cause an oplock break request, then the network client can fail and not respond to the break request. This tuning parameter (which is set in milliseconds) is the amount of time Samba will wait before sending an oplock break request to such (broken) clients. - DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND UNDERSTOOD THE SAMBA OPLOCK CODE. - smb2 leases - This boolean option tells smbd whether to globally negotiate SMB2 leases on file open requests. Leasing is an SMB2-only feature which allows clients to aggressively cache files locally above and beyond the caching allowed by SMB1 oplocks. - This is only available with yes and no. - Note that the write cache won't be used for file handles with a smb2 write lease. - debug class - With this boolean parameter enabled, the debug class (DBGC_CLASS) - will be d
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e03e738dfc9 librpc/rpc: allow smb3_sid_parse() to accept modern encryption algorithms from 8296b6884df s4:torture: Replace calls to deprecated function https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e03e738dfc96b3c8ce54e2d280143965713f4778 Author: Stefan Metzmacher Date: Tue May 16 13:09:23 2023 +0200 librpc/rpc: allow smb3_sid_parse() to accept modern encryption algorithms We should not limit the possible encryption algorithms to the currently known ones. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15374 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed May 17 07:34:28 UTC 2023 on atb-devel-224 --- Summary of changes: librpc/rpc/dcerpc_helper.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/librpc/rpc/dcerpc_helper.c b/librpc/rpc/dcerpc_helper.c index eec78e034ee..e1589f90794 100644 --- a/librpc/rpc/dcerpc_helper.c +++ b/librpc/rpc/dcerpc_helper.c @@ -49,7 +49,12 @@ static bool smb3_sid_parse(const struct dom_sid *sid, } cipher = sid->sub_auths[3]; - if (cipher > SMB2_ENCRYPTION_AES128_GCM) { + if (cipher > 256) { + /* +* It is unlikely that we +* ever have more then 256 +* encryption algorithms +*/ return false; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 59694ad0a4c rpc_server3: Pass winbind_env_set() state through to rpcd_* via bb3ea36e100 lib: Add security_token_del_npa_flags() helper function via bdba027a33e rpc: Remove named_pipe_auth_req_info6->need_idle_server via 31180e0e6d9 rpc_server3: Use global_sid_Samba_NPA_Flags to pass "need_idle" via ebbb93cc7a5 rpc: Add global_sid_Samba_NPA_Flags SID via 1d11e0489b2 librpc: Simplify dcerpc_is_transport_encrypted() via 244ee8ad75c smbd: Use security_token_count_flag_sids() in open_np_file() via 5e8c7192ba5 libcli: Add security_token_count_flag_sids() from 6206e15b4de winbind: Fix "wbinfo -u" on a Samba AD DC with >1000 users https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 59694ad0a4cc489f1baa4c2c94c6322c0f22c1df Author: Volker Lendecke Date: Tue Apr 18 12:47:04 2023 +0200 rpc_server3: Pass winbind_env_set() state through to rpcd_* Winbind can ask rpcd_lsad for LookupNames etc. This can recurse back into winbind for getpwnam. We have the "_NO_WINBINDD" environment variable set in winbind itself for this case, but this is lost on the way into rpcd_lsad. Use a flag in global_sid_Samba_NPA_Flags to pass this information to dcerpc_core, where it sets the variable on every call if requested. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue May 16 11:54:32 UTC 2023 on atb-devel-224 commit bb3ea36e10079ad9c73c68d7ed8fce51ecb40ebe Author: Volker Lendecke Date: Tue Apr 18 14:32:20 2023 +0200 lib: Add security_token_del_npa_flags() helper function Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit bdba027a33e35aab7bb322bc3167cdd7babfc059 Author: Volker Lendecke Date: Tue Apr 18 12:29:34 2023 +0200 rpc: Remove named_pipe_auth_req_info6->need_idle_server Involves bumping up the version number Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 31180e0e6d9e43d54e7656a56ed3af129f578105 Author: Volker Lendecke Date: Tue Apr 18 12:28:28 2023 +0200 rpc_server3: Use global_sid_Samba_NPA_Flags to pass "need_idle" More code, but will be more flexible in the future. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit ebbb93cc7a57a118b82b8f383d25f1eb022397d6 Author: Volker Lendecke Date: Tue Apr 18 12:09:45 2023 +0200 rpc: Add global_sid_Samba_NPA_Flags SID This will be used as a flexible way to pass per-RPC-connection flags over ncalrpc to the RPC server without having to modify named_pipe_auth_req_info6 every time something new needs to be passed. It's modeled after global_sid_Samba_SMB3. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 1d11e0489b2c91fc05c6befc0463695d7102abcc Author: Volker Lendecke Date: Tue Apr 18 12:04:17 2023 +0200 librpc: Simplify dcerpc_is_transport_encrypted() Simplify logic by using security_token_count_flag_sids() Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 244ee8ad75c2c968997dfdd5eeb9e9cb97a191fb Author: Volker Lendecke Date: Tue Apr 18 12:01:02 2023 +0200 smbd: Use security_token_count_flag_sids() in open_np_file() Simpler logic in the caller Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 5e8c7192ba5469547ba3101885dfbaba2f8181f4 Author: Volker Lendecke Date: Tue Apr 18 11:31:16 2023 +0200 libcli: Add security_token_count_flag_sids() To be used in a few places when checking special-case Samba SIDs. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher --- Summary of changes: libcli/named_pipe_auth/npa_tstream.c | 144 +++ libcli/named_pipe_auth/npa_tstream.h | 4 +- libcli/security/dom_sid.h| 4 + libcli/security/security_token.c | 37 + libcli/security/security_token.h | 9 +++ libcli/security/util_sid.c | 7 ++ librpc/idl/named_pipe_auth.idl | 9 +-- librpc/rpc/dcerpc_helper.c | 25 +++--- librpc/rpc/dcesrv_co
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4dccf5afa44 ctdb-recovery: Use correct struct ban_node_state type for state from de1fdf1e020 s4:lib:policy: cleanup and handle errors in push_recursive() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4dccf5afa444edecd2893dac7558bac9212526bf Author: Christof Schmitt Date: Tue May 2 12:17:56 2023 -0700 ctdb-recovery: Use correct struct ban_node_state type for state If this codepath is hit, ctdb aborts with: ctdb/server/ctdb_recovery_helper.c:2687: Type mismatch: name[struct ban_node_state] expected[struct node_ban_state]") at ../../lib/talloc/talloc.c:505 Fix this by using the correct type. Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed May 3 08:04:09 UTC 2023 on atb-devel-224 --- Summary of changes: ctdb/server/ctdb_recovery_helper.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/server/ctdb_recovery_helper.c b/ctdb/server/ctdb_recovery_helper.c index f3576474144..4df48417c7a 100644 --- a/ctdb/server/ctdb_recovery_helper.c +++ b/ctdb/server/ctdb_recovery_helper.c @@ -2327,8 +2327,8 @@ static void ban_node_done(struct tevent_req *subreq) { struct tevent_req *req = tevent_req_callback_data( subreq, struct tevent_req); - struct node_ban_state *state = tevent_req_data( - req, struct node_ban_state); + struct ban_node_state *state = tevent_req_data( + req, struct ban_node_state); struct ctdb_reply_control *reply; int ret; bool status; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via dc96e9cfd5d libcli:smb: Fix code spelling via e38f7cf4f19 libcli:security: Fix code spelling via fc7d58ee394 libcli:ldap: Fix code spelling via e3a710f2906 libcli:drsuapi: Fix code spelling via adcc92f8359 libcli:auth: Fix code spelling from 6490ff63552 s3:lib: Give better warnings about corrupted AppleDobule files https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dc96e9cfd5dad8e4586ef6214214f225fdf852c2 Author: Andreas Schneider Date: Thu Apr 27 15:58:18 2023 +0200 libcli:smb: Fix code spelling Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Apr 27 15:27:21 UTC 2023 on atb-devel-224 commit e38f7cf4f19c545d8fa31bed237427942311480d Author: Andreas Schneider Date: Thu Apr 27 15:56:42 2023 +0200 libcli:security: Fix code spelling Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit fc7d58ee39449201304771dd628b220e2578858a Author: Andreas Schneider Date: Thu Apr 27 15:54:54 2023 +0200 libcli:ldap: Fix code spelling Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit e3a710f2906ec263aa87807c9ac1118307f69580 Author: Andreas Schneider Date: Thu Apr 27 15:54:15 2023 +0200 libcli:drsuapi: Fix code spelling Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit adcc92f83594abc3ab98fd0f138cdc76d3d2560d Author: Andreas Schneider Date: Thu Apr 27 15:53:25 2023 +0200 libcli:auth: Fix code spelling Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: libcli/auth/msrpc_parse.c | 2 +- libcli/auth/proto.h | 2 +- libcli/auth/schannel_state_tdb.c | 4 ++-- libcli/auth/session.c | 8 libcli/auth/smbencrypt.c | 2 +- libcli/drsuapi/repl_decrypt.c | 4 ++-- libcli/ldap/tests/ldap_message_test.c | 4 ++-- libcli/security/access_check.c| 2 +- libcli/security/create_descriptor.c | 2 +- libcli/security/object_tree.c | 2 +- libcli/security/privileges.c | 4 ++-- libcli/security/privileges.h | 2 +- libcli/security/security.h| 2 +- libcli/security/security_descriptor.c | 2 +- libcli/security/util_sid.c| 2 +- libcli/smb/smb1cli_close.c| 4 ++-- libcli/smb/smb1cli_create.c | 8 libcli/smb/smb1cli_read.c | 4 ++-- libcli/smb/smb1cli_write.c| 8 libcli/smb/smbXcli_base.c | 6 +++--- libcli/smb/smb_constants.h| 6 +++--- libcli/smb/smb_signing.c | 6 +++--- libcli/smb/tstream_smbXcli_np.c | 2 +- libcli/smb/util.c | 6 +++--- 24 files changed, 47 insertions(+), 47 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/auth/msrpc_parse.c b/libcli/auth/msrpc_parse.c index 86ba2ec00d4..8326261e838 100644 --- a/libcli/auth/msrpc_parse.c +++ b/libcli/auth/msrpc_parse.c @@ -24,7 +24,7 @@ /* this is a tiny msrpc packet generator. I am only using this to - avoid tying this code to a particular varient of our rpc code. This + avoid tying this code to a particular variant of our rpc code. This generator is not general enough for all our rpc needs, its just enough for the spnego/ntlmssp code diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h index f6ca2f1632d..b202542068d 100644 --- a/libcli/auth/proto.h +++ b/libcli/auth/proto.h @@ -224,7 +224,7 @@ bool extract_pwd_blob_from_buffer514(TALLOC_CTX *mem_ctx, /** * @brief Decode AES password buffer to password in the given charset. * - * @param mem_ctx The memory context to allocate the deocded passwrod on. + * @param mem_ctx The memory context to allocate the decoded password on. * * @param in_buffer[514] The in buffer with the decrypted password data. * diff --git a/libcli/auth/schannel_state_tdb.c b/libcli/auth/schannel_state_tdb.c index e0ac8a378a0..ac3654e2c99 100644 --- a/libcli/auth/schannel_state_tdb.c +++ b/libcli/auth/schannel_state_tdb.c @@ -34,7 +34,7 @@ /** Open or create the schannel session store tdb. Non-static so it can - be called from parent processes to corectly handle TDB_CLEAR_IF_FIRST + be called from parent processes to correctly handle TDB_CLEAR_IF_FIRST ***/ struct db_context *open_schannel_session_store(TALLOC_CTX *mem_ctx, @@ -550,7 +550,7 @@ NTSTATUS schannel_save_challenge(struct loadparm_context *lp_ctx, remote machine stored in the schannel database
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8027283dd7c tests: Test ldap whoami exop via a00af01e656 ldap_server: Implement the rfc4532 whoami exop via e88332cbe41 ldb: Implement ldap_whoami in pyldb via 0575cc4b85f ldb: Allow extended operations through ildap via 8aab8d6cafd ldb: Add the RFC4532 LDB_EXTENDED_WHOAMI_OID definition from d5b8b804fe4 Add ROLE_IPA_DC into two more places https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8027283dd7c55b611d0af19caccbdd98bb2fa264 Author: Volker Lendecke Date: Fri Apr 21 16:04:30 2023 +0200 tests: Test ldap whoami exop Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Apr 26 07:20:14 UTC 2023 on atb-devel-224 commit a00af01e656af291a3abf01f05dcc4db51db77d0 Author: Volker Lendecke Date: Wed Nov 3 16:35:00 2021 +0100 ldap_server: Implement the rfc4532 whoami exop Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit e88332cbe41e817d74a411332c66f19aee6071e5 Author: Volker Lendecke Date: Fri Mar 24 11:49:02 2023 +0100 ldb: Implement ldap_whoami in pyldb Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 0575cc4b85f65fbcd3fa7fc2c1961284ba1a02f0 Author: Volker Lendecke Date: Fri Mar 24 11:48:31 2023 +0100 ldb: Allow extended operations through ildap Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett commit 8aab8d6cafdd7d975b8f82692b8fad87723c5c6d Author: Volker Lendecke Date: Wed Nov 10 16:29:59 2021 +0100 ldb: Add the RFC4532 LDB_EXTENDED_WHOAMI_OID definition Signed-off-by: Volker Lendecke Reviewed-by: Andrew Bartlett --- Summary of changes: lib/ldb-samba/ldb_ildap.c | 111 lib/ldb/include/ldb.h | 5 ++ lib/ldb/pyldb.c | 36 python/samba/tests/ldap_whoami.py | 38 source4/ldap_server/ldap_extended.c | 48 source4/selftest/tests.py | 1 + 6 files changed, 239 insertions(+) create mode 100644 python/samba/tests/ldap_whoami.py Changeset truncated at 500 lines: diff --git a/lib/ldb-samba/ldb_ildap.c b/lib/ldb-samba/ldb_ildap.c index d738d1da0cf..c3d872ebaa1 100644 --- a/lib/ldb-samba/ldb_ildap.c +++ b/lib/ldb-samba/ldb_ildap.c @@ -370,6 +370,67 @@ static void ildb_callback(struct ldap_request *req) break; + case LDAP_TAG_ExtendedRequest: { + + struct ldap_ExtendedResponse *ext_response = NULL; + struct ldb_reply *ares = NULL; + + if (req->replies[0]->type != LDAP_TAG_ExtendedResponse) { + ret = LDB_ERR_PROTOCOL_ERROR; + return; + } + ext_response = &req->replies[0]->r.ExtendedResponse; + + status = ldap_check_response(ac->ireq->conn, +&req->replies[0]->r.GeneralResult); + if (!NT_STATUS_IS_OK(status)) { + ret = ildb_map_error(ac->module, status); + request_done = true; + break; + } + + ares = talloc_zero(req, struct ldb_reply); + if (ares == NULL) { + ret = LDB_ERR_OPERATIONS_ERROR; + request_done = true; + break; + } + + ares->type = LDB_REPLY_DONE; + + ares->response = talloc_zero(ares, struct ldb_extended); + if (ares->response == NULL) { + ret = LDB_ERR_OPERATIONS_ERROR; + request_done = true; + break; + } + + ares->response->oid = + talloc_strdup(ares->response, ext_response->oid); + if (ares->response->oid == NULL) { + ret = LDB_ERR_OPERATIONS_ERROR; + request_done = true; + break; + } + + if (ext_response->value != NULL) { + ares->response->data = + talloc_memdup(ares->response, + ext_response->value->data, + ext_response->value->length); + if (ares->response->data == NULL) { + ret = LDB_ERR_OPERATIONS_ERROR; + request_done = true; + break; + } +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 24dd45613a6 python:tests: Skip the source_chars test if not a git dir from 3c50a921aec s3:client: Remove unused tree.c https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 24dd45613a693e029ffc4055abe6ae735a092824 Author: Andreas Schneider Date: Fri Apr 14 21:05:18 2023 +0200 python:tests: Skip the source_chars test if not a git dir This test doesn't work in release tarballs. Skip it if git fails. Signed-off-by: Andreas Schneider Reviewed-by: David Mulder Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Apr 21 13:59:29 UTC 2023 on atb-devel-224 --- Summary of changes: python/samba/tests/source_chars.py | 23 --- 1 file changed, 16 insertions(+), 7 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/source_chars.py b/python/samba/tests/source_chars.py index 49733968e43..e0acb38b8f7 100644 --- a/python/samba/tests/source_chars.py +++ b/python/samba/tests/source_chars.py @@ -23,7 +23,7 @@ from collections import Counter from samba.colour import c_RED, c_GREEN, c_DARK_YELLOW, switch_colour_off import re import unicodedata as u -from samba.tests import TestCase +from samba.tests import TestCase, SkipTest if not sys.stdout.isatty(): switch_colour_off() @@ -35,10 +35,15 @@ def _find_root(): stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=10) -except subprocess.SubprocessError as e: -print(c_RED(f"Error running git (is this a git tree?): {e}")) -print("This test is only useful in a git working tree") -sys.exit(1) +except subprocess.CalledProcessError as err: +print(c_RED("Error running git (is this a git tree?): %s" % (err))) + +SkipTest("This test is only useful in a git working tree") +sys.exit(0) + +if p.returncode != 0: +raise SkipTest("This test is only useful in a git working tree") +sys.exit(0) root = p.stdout.decode().strip() @@ -54,8 +59,7 @@ def _find_root(): return root -ROOT = _find_root() - +ROOT = None IGNORED_FILES = ( 'examples/validchars/validchr.com', @@ -202,6 +206,11 @@ def is_bad_char(c): class CharacterTests(TestCase): +def setUp(self): +global ROOT +if not ROOT: +ROOT = _find_root() + def test_no_unexpected_format_chars(self): """This test tries to ensure that no source file has unicode control characters that can change the apparent order of other -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via af91bcb3593 pylibsmb: Return "flags" in create_returns via 03b552323be libsmb: Return [MS-SMB2] 2.2.14 SMB2 CREATE Response flags field via 86868cb0458 smbd: Save 488 bytes RSS via 33194ad2340 libsmb: Adapt cli_echo_send() to modern conventions via efdae5d2fa5 smbd: Fix a DBG statement via 76497f705f7 libsmb: Make setting errno safer in SMBC_add_cached_server() via 13187d1f6e4 libsmb: Simplify SMBC_add_cached_server() via 64ea002960d libsmb: Avoid an explicit ZERO_STRUCTP with calloc via 061aaf8622a libsmb: Slightly simplify smbc_init() via e0f9407155a libsmb: Make cli_smb2_qpathinfo2() asynchronous via 2446ea916d9 libsmb: Make cli_qpathinfo2_done() parse the results via 1e738cb061c libsmb: Introduce type-safe struct cli_smb2_create_flags from 526f381f413 shadow_copy2: Fix stream open for streams_depot paths https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit af91bcb35934b04d84d097103d92c0420e65d6b9 Author: Volker Lendecke Date: Tue Feb 14 20:49:52 2023 +0100 pylibsmb: Return "flags" in create_returns Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Apr 18 15:58:42 UTC 2023 on atb-devel-224 commit 03b552323be8c9ebc0dc5f0f81779300f9268d1f Author: Volker Lendecke Date: Tue Feb 14 20:44:16 2023 +0100 libsmb: Return [MS-SMB2] 2.2.14 SMB2 CREATE Response flags field Not used yet, mostly for completeness. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 86868cb0458cb7bde81862c831aff56e6df69610 Author: Volker Lendecke Date: Thu Mar 9 17:36:26 2023 +0100 smbd: Save 488 bytes RSS With this ld.so does not have to relocate the string pointers Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 33194ad2340622f3664e5dc517e08035aaf050f5 Author: Volker Lendecke Date: Sat Mar 11 13:51:43 2023 +0100 libsmb: Adapt cli_echo_send() to modern conventions Nowadays we rather do protocol-specific _done() functions, and overall this cuts a few lines. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit efdae5d2fa50939ba9cae73d68d07a644c483f42 Author: Volker Lendecke Date: Sat Mar 11 15:37:59 2023 +0100 smbd: Fix a DBG statement This is not smbd_smb2_create_send() anymore. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 76497f705f7737c8d54ea23554e6b10e400ed4df Author: Volker Lendecke Date: Sat Apr 1 11:57:47 2023 +0200 libsmb: Make setting errno safer in SMBC_add_cached_server() DEBUG should preserve errno, but make this more obvious. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 13187d1f6e48620649ca94f14ef383b38b734263 Author: Volker Lendecke Date: Sat Apr 1 11:57:29 2023 +0200 libsmb: Simplify SMBC_add_cached_server() ENOMEM is the only error condition we have Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 64ea002960dba4a31a2d550d623215328f80852e Author: Volker Lendecke Date: Sat Apr 1 11:55:10 2023 +0200 libsmb: Avoid an explicit ZERO_STRUCTP with calloc Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 061aaf8622a284ff1db0060b39dbfbc59a3f199e Author: Volker Lendecke Date: Sat Apr 1 12:47:51 2023 +0200 libsmb: Slightly simplify smbc_init() Reduce indentation with an early return, review with git show -w Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit e0f9407155a53a7fe5d3f9c68a6eebf10de863b1 Author: Volker Lendecke Date: Tue Apr 4 09:36:08 2023 +0200 libsmb: Make cli_smb2_qpathinfo2() asynchronous Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 2446ea916d9e48b6b8420ddd2a124abc18f62e2e Author: Volker Lendecke Date: Mon Apr 3 18:31:01 2023 +0200 libsmb: Make cli_qpathinfo2_done() parse the results Make it easier to do an async SMB2 version Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 1e738cb061c939e23663d6eb007baf4eea6d8fda Author: Volker Lendecke Date: Wed Apr 12 15:31:03 2023 +0200 libsmb: Introduce type-safe struct cli_smb2_create_flags This makes it clearer what to pass into the create_flags argument to cli_smb2_create_fnum(). There was already confusion in source3/torture/test_smb2.c: It passed in SMB2_OPLOCK_LEVEL_NONE (which was okay because it #defines to 0), but it should have been a straight 0, for example SMB2_OPLOCK_LEVEL_EXCLUSIVE would have been wrong. This way adding other flags (.nofollow comes t
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 45f026c45c9 debug: Only initialize gpfs wrapper when gpfs logging is enabled from 31418f95d3a testprogs: Set PREFIX_ABS before it is used in test_primary_group.sh https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 45f026c45c996bb65d2bd3e350587d51d6862a03 Author: Christof Schmitt Date: Thu Apr 13 11:13:00 2023 -0700 debug: Only initialize gpfs wrapper when gpfs logging is enabled This avoids unnecessary attempts to load libgpfs.so when it is not needed. Signed-off-by: Christof Schmitt Reviewed-by: Michael Tokarev Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Apr 14 12:28:23 UTC 2023 on atb-devel-224 --- Summary of changes: lib/util/debug.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/lib/util/debug.c b/lib/util/debug.c index 95de5ce3595..b83075cb239 100644 --- a/lib/util/debug.c +++ b/lib/util/debug.c @@ -406,7 +406,9 @@ static void debug_lttng_log(int msg_level, const char *msg, size_t msg_len) static void debug_gpfs_reload(bool enabled, bool previously_enabled, const char *prog_name, char *option) { - gpfswrap_init(); + if (enabled) { + gpfswrap_init(); + } if (enabled && !previously_enabled) { gpfswrap_init_trace(); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0cd66fe6bd4 libsmb: Fix test for smbc_getxattr via 4fc166628fd libsmb: fix regression on smbc_getxattr and fix doc via a1231c15ffe s3:libads: Remove executable bit from ldap.c from 3633027e49a rpcd_mdssvc: initialize POSIX locking https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0cd66fe6bd4ac2aa0b302ddf3eb5068fc9c522ec Author: Remi Collet Date: Tue Apr 4 12:16:09 2023 +0200 libsmb: Fix test for smbc_getxattr Bug: https://bugzilla.samba.org/show_bug.cgi?id=14808 Signed-off-by: Remi Collet Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Sun Apr 9 10:44:38 UTC 2023 on atb-devel-224 commit 4fc166628fda160d1cd38c140a9664defc5844ab Author: Remi Collet Date: Tue Apr 4 10:22:09 2023 +0200 libsmb: fix regression on smbc_getxattr and fix doc Bug: https://bugzilla.samba.org/show_bug.cgi?id=14808 Signed-off-by: Remi Collet Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke commit a1231c15ffe5468a2d0ffed8adca3f6d6adcf3b4 Author: Andreas Schneider Date: Thu Apr 6 21:40:31 2023 +0200 s3:libads: Remove executable bit from ldap.c Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: source3/include/libsmbclient.h | 2 +- source3/libads/ldap.c | 0 source3/libsmb/libsmb_xattr.c | 4 ++-- source4/torture/libsmbclient/libsmbclient.c | 25 +++-- 4 files changed, 22 insertions(+), 9 deletions(-) mode change 100755 => 100644 source3/libads/ldap.c Changeset truncated at 500 lines: diff --git a/source3/include/libsmbclient.h b/source3/include/libsmbclient.h index ef8b327e374..056444d008c 100644 --- a/source3/include/libsmbclient.h +++ b/source3/include/libsmbclient.h @@ -2419,7 +2419,7 @@ int smbc_getxattr(const char *url, * required to hold the attribute value will be returned, * but nothing will be placed into the value buffer. * - * @return 0 on success, < 0 on error with errno set: + * @return size on success, < 0 on error with errno set: * - EINVAL The client library is not properly initialized *or one of the parameters is not of a correct *form diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c old mode 100755 new mode 100644 diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c index 1e8d2718a22..1f820521193 100644 --- a/source3/libsmb/libsmb_xattr.c +++ b/source3/libsmb/libsmb_xattr.c @@ -2182,9 +2182,9 @@ SMBC_getxattr_ctx(SMBCCTX *context, TALLOC_FREE(frame); /* * static function cacl_get returns a value greater than zero -* on success. Map this to zero meaning success. +* which is needed buffer size needed when size_t is 0. */ -return ret < 0 ? -1 : 0; +return ret; } /* Unsupported attribute name */ diff --git a/source4/torture/libsmbclient/libsmbclient.c b/source4/torture/libsmbclient/libsmbclient.c index 55ea26f5bc8..72af8fc01c9 100644 --- a/source4/torture/libsmbclient/libsmbclient.c +++ b/source4/torture/libsmbclient/libsmbclient.c @@ -1542,17 +1542,30 @@ static bool torture_libsmbclient_getxattr(struct torture_context *tctx) ret)); /* -* Ensure getting a valid attribute returns 0. +* Ensure getting a valid attribute computes its size. +*/ + ret = smbc_getxattr(getxattr_name, "system.*", NULL, 0); + torture_assert_goto(tctx, + ret >= 0, + ok, + done, + talloc_asprintf(tctx, + "smbc_getxattr(foobar, NULL) on '%s' should " + "get >=0, got %d\n", + getxattr_name, + ret)); + + /* +* Ensure getting a valid attribute returns its size. */ ret = smbc_getxattr(getxattr_name, "system.*", value, sizeof(value)); - torture_assert_int_equal_goto(tctx, - ret, - 0, + torture_assert_goto(tctx, + ret >= 0, ok, done, talloc_asprintf(tctx, - "smbc_getxattr(foobar) on '%s' should " - "get -1, got %d\n", + "smbc_getxattr(foobar, value) on '%s' should " + "get >=0, got %d\n", getxattr_name, ret)); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 38d2ca0a670 smbd: Indicate posix pathnames if SMB311 POSX cc requested from 4b1d2051383 lib:krb5_wrap: Fix code spelling https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 38d2ca0a67087c202c380dd56422889fd0fc3c48 Author: Volker Lendecke Date: Sun Feb 12 12:35:28 2023 +0100 smbd: Indicate posix pathnames if SMB311 POSX cc requested Avoid making smb311 posix extensions a global thing. Posix clients could request non-posix behaviour on individual create calls. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Apr 4 07:04:13 UTC 2023 on atb-devel-224 --- Summary of changes: source3/smbd/smb2_create.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index 93c345f5809..c8f5bbbe471 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -747,7 +747,7 @@ static NTSTATUS smbd_smb2_create_fetch_create_ctx( * ucf_flags_from_smb_request() to * return UCF_POSIX_PATHNAMES in ucf_flags. */ - state->smb1req->posix_pathnames = true; + state->smb1req->posix_pathnames = (state->posx != NULL); } return NT_STATUS_OK; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via bf9130d375b smbd: Fix case normalization in for directories via 342d8f6a0a8 tests: Show that the case sensitive large dir optimization is broken via a9301d8f295 tests: Move libsmb-basic to fileserver_smb1 environment from 62ea6ae8c9d doc/vfs_ceph: document ceph:filesystem parameter https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit bf9130d375b6c401bb79fc1a0911975814759e3b Author: Volker Lendecke Date: Fri Feb 17 10:02:37 2023 +0100 smbd: Fix case normalization in for directories Bug: https://bugzilla.samba.org/show_bug.cgi?id=15313 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Feb 24 08:46:14 UTC 2023 on atb-devel-224 commit 342d8f6a0a8bc2229332783a840c882f85a1dd4e Author: Volker Lendecke Date: Fri Feb 17 15:41:12 2023 +0100 tests: Show that the case sensitive large dir optimization is broken We don't normalize the directories Bug: https://bugzilla.samba.org/show_bug.cgi?id=15313 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit a9301d8f2956409a6d36e7776d0237d03bfbdbf6 Author: Volker Lendecke Date: Fri Feb 17 15:40:30 2023 +0100 tests: Move libsmb-basic to fileserver_smb1 environment This has the lower-case share, used in the next commit Bug: https://bugzilla.samba.org/show_bug.cgi?id=15313 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: python/samba/tests/libsmb-basic.py | 9 + selftest/target/Samba3.pm | 1 + source3/smbd/filename.c| 8 source4/selftest/tests.py | 2 +- 4 files changed, 19 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/libsmb-basic.py b/python/samba/tests/libsmb-basic.py index 61a25a8c682..37b82b26dac 100644 --- a/python/samba/tests/libsmb-basic.py +++ b/python/samba/tests/libsmb-basic.py @@ -193,6 +193,15 @@ class LibsmbTestCase(samba.tests.libsmb.LibsmbTests): finally: c.deltree(testdir) +def test_libsmb_TortureDirCaseSensitive(self): +c = libsmb.Conn(self.server_ip, "lowercase", self.lp, self.creds) +c.mkdir("subdir") +c.mkdir("subdir/b") +ret = c.chkpath("SubDir/b") +c.rmdir("subdir/b") +c.rmdir("subdir") +self.assertTrue(ret) + if __name__ == "__main__": import unittest unittest.main() diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index f9346ae812e..476f59c8783 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -2106,6 +2106,7 @@ sub setup_fileserver_smb1 [global] client min protocol = CORE server min protocol = LANMAN1 + check parent directory delete on close = yes [hidenewfiles] path = $prefix_abs/share diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 73e88add2c3..e9775387d11 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -1123,6 +1123,14 @@ static NTSTATUS filename_convert_dirfsp_nosymlink( char *substitute = NULL; size_t unparsed = 0; + status = normalize_filename_case(conn, dirname, ucf_flags); + if (!NT_STATUS_IS_OK(status)) { + DBG_ERR("normalize_filename_case %s failed: %s\n", + dirname, + nt_errstr(status)); + goto fail; + } + status = openat_pathref_dirfsp_nosymlink( mem_ctx, conn, diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py index 7eff1bb2469..2780d77ad07 100755 --- a/source4/selftest/tests.py +++ b/source4/selftest/tests.py @@ -535,7 +535,7 @@ for t in smbtorture4_testsuites("dlz_bind9."): # The dlz_bind9 tests needs to look at the DNS database plansmbtorture4testsuite(t, "chgdcpass:local", ["ncalrpc:$SERVER", '-U$USERNAME%$PASSWORD']) -planpythontestsuite("nt4_dc_smb1", "samba.tests.libsmb-basic") +planpythontestsuite("fileserver_smb1", "samba.tests.libsmb-basic") planpythontestsuite("ad_member", "samba.tests.smb-notify", environ={'USERNAME':'$DC_USERNAME', -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 206dcf7d426 lib:util: File descriptor being closed repeatedly. from 8441c03ccf8 lib:ldb: Print a debug message in case we have a corrupted MDB https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 206dcf7d426e9e85c896c54839008e194d9a2824 Author: baixiangcpp Date: Fri Feb 10 11:01:47 2023 +0800 lib:util: File descriptor being closed repeatedly. In file_load()/file_lines_load(), the file's fd is obtained using open(), and in fd_load() the fd is converted to a FILE* using fdopen(). However, after fclose(), the fd is closed again using close(). Bug: https://bugzilla.samba.org/show_bug.cgi?id=15311 Signed-off-by: baixiangcpp baixiang...@gmail.com Reviewed-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Feb 16 12:13:05 UTC 2023 on atb-devel-224 --- Summary of changes: lib/util/util_file.c | 9 - 1 file changed, 8 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/lib/util/util_file.c b/lib/util/util_file.c index af90e4a7621..fa5abadedec 100644 --- a/lib/util/util_file.c +++ b/lib/util/util_file.c @@ -175,13 +175,20 @@ _PUBLIC_ char *fd_load(int fd, size_t *psize, size_t maxsize, TALLOC_CTX *mem_ct size_t size = 0; size_t chunk = 1024; int err; + int fd_dup; if (maxsize == 0) { maxsize = SIZE_MAX; } - file = fdopen(fd, "r"); + fd_dup = dup(fd); + if (fd_dup == -1) { + return NULL; + } + + file = fdopen(fd_dup, "r"); if (file == NULL) { + close(fd_dup); return NULL; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 238056e5aad ctdb-scripts: Avoid using testparm to process its own output via 9a04ca1e1cd ctdb-scripts: Do not replace commas with spaces in "smb ports" list via 029dddfb79f ctdb-scripts: Reformat script with "shfmt -w -p -i 0 -fn" from 5d8647376fb vfs: Fix whitespace in vfs_aixacl_util.c https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 238056e5aadb597e3f6165757990a88952644866 Author: Martin Schwenke Date: Mon Feb 13 14:59:18 2023 +1100 ctdb-scripts: Avoid using testparm to process its own output When testparm processes the output of "testparm -v" (which includes default values) it appears to do global checks (or some other sort of initialisation logic) for all specified values. This includes a DNS lookup for the node's hostname, as a side-effect of a libldap ldap_set_option() call when processing "ldap debug level". If DNS servers are down then this can induce timeouts, possibly resulting in monitor timeouts. Avoid this by using sed to extract configuration values from the testparm cache file. This is already shown to work when retrieving share paths, where testparm is basically used as cat. Update the sed pattern to avoid matching empty values on the right-hand side of the equals ('=') - this avoids the default empty path value (and "smb ports" never has an empty value). Corresponding test changes: * 50.samba.monitor.111.sh no longer expects a failure from being unable to set smb ports, since testparm is no longer used in that code path. * smb ports needs to be set in fake smb.conf so it is in the default output and can be extracted using sed. * Although testparm --parameter-name is no longer used in 50.samba.script, update the stub implementation (in case it is ever used again) to extract from fake smb.conf, since "smb ports" is now set there. The change from $parameter to $param allows a long line to stay below 80 columns. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Feb 14 08:43:53 UTC 2023 on atb-devel-224 commit 9a04ca1e1cdf90065338b0ecb27043e63109a2cb Author: Martin Schwenke Date: Tue Feb 14 12:36:11 2023 +1100 ctdb-scripts: Do not replace commas with spaces in "smb ports" list The list changed back to space-separated in commit 93448f4be92d4e018aaf2f9705f0351360b2ed0f, so simplify the code a little. Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke commit 029dddfb79fb557039c9daa9eebde333e6d19233 Author: Martin Schwenke Date: Mon Feb 13 13:02:52 2023 +1100 ctdb-scripts: Reformat script with "shfmt -w -p -i 0 -fn" Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke --- Summary of changes: ctdb/config/events/legacy/50.samba.script | 167 +++-- .../UNIT/eventscripts/50.samba.monitor.111.sh | 4 +- ctdb/tests/UNIT/eventscripts/etc/samba/smb.conf| 1 + ctdb/tests/UNIT/eventscripts/stubs/testparm| 23 +-- 4 files changed, 95 insertions(+), 100 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/config/events/legacy/50.samba.script b/ctdb/config/events/legacy/50.samba.script index 81c6e7fa6ba..84600e25024 100755 --- a/ctdb/config/events/legacy/50.samba.script +++ b/ctdb/config/events/legacy/50.samba.script @@ -1,7 +1,7 @@ #!/bin/sh # ctdb event script for Samba -[ -n "$CTDB_BASE" ] || \ +[ -n "$CTDB_BASE" ] || CTDB_BASE=$(d=$(dirname "$0") && cd -P "$d" && dirname "$PWD") . "${CTDB_BASE}/functions" @@ -9,16 +9,16 @@ detect_init_style case $CTDB_INIT_STYLE in - suse) - CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smb} - ;; - debian) - CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smbd} - ;; - *) - # Use redhat style as default: - CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smb} - ;; +suse) + CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smb} + ;; +debian) + CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smbd} + ;; +*) + # Use redhat style as default: + CTDB_SERVICE_SMB=${CTDB_SERVICE_SMB:-smb} + ;; esac service_name="samba" @@ -27,25 +27,25 @@ load_script_options ctdb_setup_state_dir "service" "$service_name" -service_start () +service_start() { -# make sure samba is not already started -service "$CTDB_SERVICE_SMB&
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f7b50bc059d smbd: Use smbXsrv_open_global_parse_record() in .._verify_record() via 132b83d0659 smbd: Simplify smbXsrv_open_global_parse_record() via 2f6776741dc smbd: Move smbXsrv_open_global_parse_record() up in smbXsrv_open.c via 3c779de8cf9 smbd: Simplify smbXsrv_open_global_verify_record() via f1a66267bcf smbd: Save a few lines in smb2srv_open_lookup_replay_cache() via 35a32171b50 smbd: Fix a typo from 253891032ee python: Don't use deprecated escape sequences https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f7b50bc059d1b5c7e40cdc4e88ef5ee16f7db670 Author: Volker Lendecke Date: Thu Jan 19 12:29:20 2023 +0100 smbd: Use smbXsrv_open_global_parse_record() in .._verify_record() Signed-off-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Jan 24 09:15:26 UTC 2023 on atb-devel-224 commit 132b83d0659ddc25a96327edc1c7dd23b17a56fd Author: Volker Lendecke Date: Thu Jan 19 12:25:21 2023 +0100 smbd: Simplify smbXsrv_open_global_parse_record() It does not need a db_record. Signed-off-by: Volker Lendecke commit 2f6776741dc6469d78b94da22d75f26a5fc9 Author: Volker Lendecke Date: Thu Jan 19 12:22:33 2023 +0100 smbd: Move smbXsrv_open_global_parse_record() up in smbXsrv_open.c Avoid a prototype in the next patches Signed-off-by: Volker Lendecke commit 3c779de8cf99d0936956a12484fd726d5be46c7e Author: Volker Lendecke Date: Fri Jan 6 16:25:03 2023 +0100 smbd: Simplify smbXsrv_open_global_verify_record() Don't depend on the record to be passed in, return NTSTATUS. The two flags were a bit confusing to me, now NT_STATUS_OK means "found a valid record with a live process", and NT_STATUS_FATAL_APP_EXIT means we found a stale record from a crashed smbd Signed-off-by: Volker Lendecke commit f1a66267bcfcd48f3c7ca2ada3f62d40209163e3 Author: Volker Lendecke Date: Wed Jan 11 11:44:29 2023 +0100 smbd: Save a few lines in smb2srv_open_lookup_replay_cache() Directly initialize variables, don't leave dangling pointers in TDB_DATA Signed-off-by: Volker Lendecke commit 35a32171b5067d5b80acffc99f8d43cdc7f5f9a7 Author: Volker Lendecke Date: Wed Jan 11 08:18:35 2023 +0100 smbd: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher --- Summary of changes: source3/smbd/smbXsrv_open.c | 312 1 file changed, 141 insertions(+), 171 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smbXsrv_open.c b/source3/smbd/smbXsrv_open.c index 6aa44ec4fcc..585d1ec0838 100644 --- a/source3/smbd/smbXsrv_open.c +++ b/source3/smbd/smbXsrv_open.c @@ -225,11 +225,11 @@ static NTSTATUS smbXsrv_open_local_lookup(struct smbXsrv_open_table *table, return NT_STATUS_OK; } -static void smbXsrv_open_global_verify_record(struct db_record *db_rec, - bool *is_free, - bool *was_free, - TALLOC_CTX *mem_ctx, - struct smbXsrv_open_global0 **_g); +static NTSTATUS smbXsrv_open_global_verify_record( + TDB_DATA key, + TDB_DATA val, + TALLOC_CTX *mem_ctx, + struct smbXsrv_open_global0 **_global0); static NTSTATUS smbXsrv_open_global_allocate( struct db_context *db, struct smbXsrv_open_global0 *global) @@ -245,9 +245,11 @@ static NTSTATUS smbXsrv_open_global_allocate( * ID for SRVSVC. */ for (i = 0; i < UINT32_MAX; i++) { - bool is_free = false; - bool was_free = false; + struct smbXsrv_open_global_key_buf key_buf; + struct smbXsrv_open_global0 *tmp_global0 = NULL; + TDB_DATA key, val; uint32_t id; + NTSTATUS status; if (i >= min_tries && last_free != 0) { id = last_free; @@ -261,141 +263,154 @@ static NTSTATUS smbXsrv_open_global_allocate( id--; } - global->db_rec = smbXsrv_open_global_fetch_locked( - db, id, global); + key = smbXsrv_open_global_id_to_key(id, &key_buf); + + global->db_rec = dbwrap_fetch_locked(db, global, key); if (global->db_rec == NULL) { return NT_STATUS_INSUFFICIENT_RESOURCES; } + val = dbwrap_record_get_value(global->db_rec); - smbXsrv_open_global_verify_record(global->db_rec,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 872ea49ac6d kdc: Don't reference ENODATA in platform-independent code from 84f56f2b98b ldb: change the version to 2.8.0 for Samba 4.19 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 872ea49ac6dced44f114f80b7065017a381f46d7 Author: Volker Lendecke Date: Wed Jan 18 11:49:00 2023 +0100 kdc: Don't reference ENODATA in platform-independent code FreeBSD has ENOATTR but not ENODATA, Linux has ENODATA but not ENOATTR for returning "attr does not exist". With 2eb899de6a2 we settled on ENOATTR to handle this case. Alternatively we could #define ENODATA ENOATTR on FreeBSD... Signed-off-by: Volker Lendecke Reviewed-by: douglas.bagn...@catalyst.net.nz Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jan 19 09:24:15 UTC 2023 on atb-devel-224 --- Summary of changes: source4/kdc/mit_samba.c | 5 +++-- source4/kdc/pac-glue.c | 7 --- source4/kdc/wdc-samba4.c | 3 ++- 3 files changed, 9 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c index 54d308d35e8..8df3ad36228 100644 --- a/source4/kdc/mit_samba.c +++ b/source4/kdc/mit_samba.c @@ -25,6 +25,7 @@ #include "param/param.h" #include "dsdb/samdb/samdb.h" #include "system/kerberos.h" +#include "lib/replace/system/filesys.h" #include #include #include @@ -640,7 +641,7 @@ krb5_error_code mit_samba_reget_pac(struct mit_samba_context *ctx, new_pac); if (code != 0) { krb5_pac_free(context, new_pac); - if (code == ENODATA) { + if (code == ENOATTR) { krb5_pac_free(context, *pac); *pac = NULL; code = 0; @@ -740,7 +741,7 @@ krb5_error_code mit_samba_update_pac(struct mit_samba_context *ctx, old_pac, new_pac); if (code != 0) { - if (code == ENODATA) { + if (code == ENOATTR) { /* * We can't tell the KDC to not issue a PAC. It will * just return the newly allocated empty PAC. diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index f844b08d513..e9b951ff48e 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -23,6 +23,7 @@ #include "lib/replace/replace.h" #include "lib/replace/system/kerberos.h" +#include "lib/replace/system/filesys.h" #include "lib/util/debug.h" #include "lib/util/samba_util.h" #include "lib/util/talloc_stack.h" @@ -1401,7 +1402,7 @@ WERROR samba_rodc_confirm_user_is_allowed(uint32_t num_object_sids, * @param new_pac The new already allocated PAC * @return A Kerberos error code. If no PAC should be returned, the code will be - * ENODATA! + * ENOATTR! */ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx, krb5_context context, @@ -1756,7 +1757,7 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx, * need to re-generate anything anyway. */ if (!samba_princ_needs_pac(server)) { - code = ENODATA; + code = ENOATTR; goto done; } @@ -1779,7 +1780,7 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx, &requested_pac); if (code != 0 || !requested_pac) { if (!requested_pac) { - code = ENODATA; + code = ENOATTR; } goto done; } diff --git a/source4/kdc/wdc-samba4.c b/source4/kdc/wdc-samba4.c index 1c10f13972f..f3ca04550b0 100644 --- a/source4/kdc/wdc-samba4.c +++ b/source4/kdc/wdc-samba4.c @@ -29,6 +29,7 @@ #include "sdb_hdb.h" #include "librpc/gen_ndr/auth.h" #include +#include "lib/replace/system/filesys.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_KERBEROS @@ -361,7 +362,7 @@ static krb5_error_code samba_wdc_reget_pac2(astgs_request_t r, new_pac); if (ret != 0) { krb5_pac_free(context, new_pac); - if (ret == ENODATA) { + if (ret == ENOATTR) { krb5_pac_free(context, *pac); *pac = NULL; ret = 0; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3d3d01cda8d s3: smbd: Tweak openat_pathref_dirfsp_nosymlink() to NULL out fsp->fsp_name after calling fd_close() on intermediate directories, rather than before. via c844bff3eca selftest: Show vfs_virusscanner crashes when traversing a 2-level directory tree. from 1421969b86b CI: add a test for @GMT mask in SMB1 find https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3d3d01cda8d3a6d0d18d1b808aa9414e71d56062 Author: Jeremy Allison Date: Thu Jan 12 11:20:08 2023 -0800 s3: smbd: Tweak openat_pathref_dirfsp_nosymlink() to NULL out fsp->fsp_name after calling fd_close() on intermediate directories, rather than before. vfs_virusfilter expects a non-NULL fsp->fsp_name to use for printing debugs (it always indirects fsp->fsp_name). vfs_fruit also does the same, so would also crash in fruit_close() with 'debug level = 10' and vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no set (we don't test with that which is why we haven't noticed this before). Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15283 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Jan 13 08:33:47 UTC 2023 on sn-devel-184 commit c844bff3eca336547c6cedfeeb03adda4eed57c6 Author: Jeremy Allison Date: Thu Jan 12 10:22:09 2023 -0800 selftest: Show vfs_virusscanner crashes when traversing a 2-level directory tree. Modify check_infected_read() test to use a 2-level deep directory. We must have vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no set on the virusscanner share as otherwise the openat flag shortcut defeats the test. Add knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15283 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke --- Summary of changes: selftest/target/Samba3.pm | 1 + source3/script/tests/test_virus_scanner.sh | 25 ++--- source3/smbd/files.c | 4 ++-- 3 files changed, 21 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index c6cdc84b615..6f93694f1b3 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -1998,6 +1998,7 @@ sub setup_fileserver virusfilter:infected files = *infected* virusfilter:infected file action = rename virusfilter:scan on close = yes + vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS = no [volumeserialnumber] path = $volume_serial_number_sharedir diff --git a/source3/script/tests/test_virus_scanner.sh b/source3/script/tests/test_virus_scanner.sh index 913c353028b..83b50df915f 100755 --- a/source3/script/tests/test_virus_scanner.sh +++ b/source3/script/tests/test_virus_scanner.sh @@ -26,25 +26,36 @@ check_infected_read() { rm -rf "${sharedir:?}"/* - if ! touch "${sharedir}/infected.txt"; then - echo "ERROR: Cannot create ${sharedir}/infected.txt" + if ! mkdir "${sharedir}/read1"; then + echo "ERROR: Cannot create ${sharedir}/read1" + return 1 + fi + + if ! mkdir "${sharedir}/read1/read2"; then + echo "ERROR: Cannot create ${sharedir}/read1/read2" return 1 fi - ${SMBCLIENT} "//${SERVER_IP}/${SHARE}" -U"${USER}"%"${PASSWORD}" -c "get infected.txt ${sharedir}/infected.download.txt" + if ! touch "${sharedir}/read1/read2/infected.txt"; then + echo "ERROR: Cannot create ${sharedir}/read1/read2/infected.txt" + return 1 + fi + + ${SMBCLIENT} "//${SERVER_IP}/${SHARE}" -U"${USER}"%"${PASSWORD}" -c "get read1/read2/infected.txt ${sharedir}/read1/read2/infected.download.txt" # check that virusfilter:rename prefix/suffix was added - if [ ! -f "${sharedir}/virusfilter.infected.txt.infected" ]; then - echo "ERROR: ${sharedir}/virusfilter.infected.txt.infected is missing." + if [ ! -f "${sharedir}/read1/read2/virusfilter.infected.txt.infected" ]; then + echo "ERROR: ${sharedir}/read1/read2/virusfilter.infected.txt.infected is missing." return 1 fi # check that file was not downloaded - if [ -f "${sharedir}/infected.download.txt" ]; then - echo "ERROR: {sharedir}/infected.download.txt should not exist." + i
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 98d84192a03 s3:utils:mdsearch go to cmdline_messaging_context_free from de5d31f452b s3:smbstatus: go to cmdline_messaging_context_free https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 98d84192a03a4f1135eaf1590fb62b16d8bc49c8 Author: Jones Syue Date: Thu Jan 12 15:47:20 2023 +0800 s3:utils:mdsearch go to cmdline_messaging_context_free mdsearch utility would exit earlier with failure in several cases like: a. samba server is not running yet, [~] # mdsearch -Uuser%password1 ${server} Public '*=="Samba"' main: Cannot connect to server: NT_STATUS_CONNECTION_REFUSED b. spotlight backend service is not ready yet, [~] # mdsearch -Uuser%password1 ${server} Public '*=="Samba"' Failed to connect mdssvc c. mdsearch utility paramters is not as expecred, [~] # mdsearch -Uuser%password1 ${server} share_not_exist '*=="Samba"' mdscli_search failed And in the mean while once mdsearch utility exit earlier with failure, the lock files are left behind in the directory 'msg.sock' and 'msg.lock'. If a script to run mdsearch utility in a loop, this might result in used space slowly growing-up on underlying filesystem. Supposed to add a new label 'fail_free_messaging', make it go through the cmdline_messaging_context_free() which deletes the lock files in the directory msg.sock and msg.lock before mdsearch utility is exiting with failure. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15284 Signed-off-by: Jones Syue Reviewed-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Jan 12 11:40:19 UTC 2023 on sn-devel-184 --- Summary of changes: source3/utils/mdsearch.c | 20 +++- 1 file changed, 11 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/mdsearch.c b/source3/utils/mdsearch.c index ab48e366a0a..eddb83874cb 100644 --- a/source3/utils/mdsearch.c +++ b/source3/utils/mdsearch.c @@ -144,12 +144,12 @@ int main(int argc, char **argv) flags); if (!NT_STATUS_IS_OK(status)) { DBG_ERR("Cannot connect to server: %s\n", nt_errstr(status)); - goto fail; + goto fail_free_messaging; } status = cli_rpc_pipe_open_noauth(cli, &ndr_table_mdssvc, &rpccli); if (!NT_STATUS_IS_OK(status)) { - goto fail; + goto fail_free_messaging; } status = mdscli_connect(frame, @@ -159,7 +159,7 @@ int main(int argc, char **argv) &mdscli_ctx); if (!NT_STATUS_IS_OK(status)) { printf("Failed to connect mdssvc\n"); - goto fail; + goto fail_free_messaging; } if (opt_path == NULL) { @@ -168,7 +168,7 @@ int main(int argc, char **argv) basepath = talloc_strdup(frame, opt_path); } if (basepath == NULL) { - goto fail; + goto fail_free_messaging; } status = mdscli_search(frame, @@ -179,7 +179,7 @@ int main(int argc, char **argv) &search); if (!NT_STATUS_IS_OK(status)) { printf("mdscli_search failed\n"); - goto fail; + goto fail_free_messaging; } if (!opt_live) { @@ -199,7 +199,7 @@ int main(int argc, char **argv) } if (!NT_STATUS_IS_OK(status)) { printf("mdscli_get_results failed\n"); - goto fail; + goto fail_free_messaging; } ncnids = talloc_array_length(cnids); @@ -217,7 +217,7 @@ int main(int argc, char **argv) if (!NT_STATUS_IS_OK(status)) { printf("Get path for CNID 0x%"PRIx64" failed\n", cnids[i]); - goto fail; + goto fail_free_messaging; } printf("%s\n", path); TALLOC_FREE(path); @@ -227,13 +227,13 @@ int main(int argc, char **argv) status = mdscli_close_search(&search); if (!NT_STATUS_IS_OK(status)) { printf("mdscli_close_search failed\n"); - goto fail; + goto fail_free_messaging; } status = md
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via de5d31f452b s3:smbstatus: go to cmdline_messaging_context_free from 7ffa732d828 s3: smbd: Move check_fsp_open() and check_fsp() to smb1_reply.c https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit de5d31f452b2445bd92b1746efb05aa096716af8 Author: Jones Syue Date: Wed Jan 11 16:59:42 2023 +0800 s3:smbstatus: go to cmdline_messaging_context_free If the locking.tdb is not found, (for example, fresh new installed samba server is not running yet) smbstatus utility would exit earlier, and lock files are left behind in the directory 'msg.sock' and 'msg.lock'. Consider that a script to run smbstatus utility in a loop, this might result in used space slowly growing-up on the underlying filesystem. Since the samba server is not running yet, there is no cleanupd daemon could delete these files to reclaim space. Supposed to use 'ret = 0; goto done;' instead of exit(0), this would go through the cmdline_messaging_context_free() which deletes the lock files in the directory msg.sock and msg.lock before smbstatus utility is exiting. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15282 Signed-off-by: Jones Syue Reviewed-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jan 11 17:08:10 UTC 2023 on sn-devel-184 --- Summary of changes: source3/utils/status.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/utils/status.c b/source3/utils/status.c index d1c69c512a8..cca8b7d6cb2 100644 --- a/source3/utils/status.c +++ b/source3/utils/status.c @@ -1185,7 +1185,8 @@ int main(int argc, const char *argv[]) fprintf(stderr, "This is normal if an SMB client has never " "connected to your server.\n"); TALLOC_FREE(db_path); - exit(0); + ret = 0; + goto done; } else { TALLOC_FREE(db); TALLOC_FREE(db_path); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7ffa732d828 s3: smbd: Move check_fsp_open() and check_fsp() to smb1_reply.c via 2fe95f6a302 s3: smbd: Ensure check_fsp_ntquota_handle() doesn't send SMB1 error packets. via 55f4ac65f91 s3: smbd: SMB1 check_fsp_open() implicitly calls reply_nterror(.., NT_STATUS_INVALID_HANDLE) on error so don't duplicate in reply_close(). from d7bab36ad11 tests/krb5: Use Python bindings for LZ77+Huffman compression https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7ffa732d8280c2e88daab6c3b97de71a3cdfb3ba Author: Jeremy Allison Date: Mon Jan 9 17:33:14 2023 -0800 s3: smbd: Move check_fsp_open() and check_fsp() to smb1_reply.c As these functions can implicitly call reply_nterror(..., NT_STATUS_INVALID_HANDLE) they should never be available to SMB2 code paths. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jan 11 08:17:04 UTC 2023 on sn-devel-184 commit 2fe95f6a3020ed2d582f94ab7640e8ef640a1c36 Author: Jeremy Allison Date: Mon Jan 9 17:22:12 2023 -0800 s3: smbd: Ensure check_fsp_ntquota_handle() doesn't send SMB1 error packets. check_fsp_ntquota_handle() is called from SMB2 codepaths as well as from SMB1. Even in the SMB1 cases the callers of check_fsp_ntquota_handle() handle sendng the error packet when check_fsp_ntquota_handle returns false so on a 'return false' we'd end up sending an error packet twice. The SMB2 callers of check_fsp_ntquota_handle() already check that fsp is valid, so there's no danger of us sending an SMB1 error packet over the SMB2 stream (so I'm not classing this as a bug to be back-ported). Fix check_fsp_ntquota_handle() by inlineing the check_fsp_open() functionality without the reply_nterror() calls. This will allow the next commit to move check_fsp_open() with the implicit reply_nterror() and also check_fsp() (which calls check_fsp_open()) into the SMB1 smb1_reply.c file as SMB1-only code. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 55f4ac65f9120d12ed4059b5c3214e9a97f97205 Author: Jeremy Allison Date: Mon Jan 9 17:28:06 2023 -0800 s3: smbd: SMB1 check_fsp_open() implicitly calls reply_nterror(.., NT_STATUS_INVALID_HANDLE) on error so don't duplicate in reply_close(). We'd end up sending 2 SMB1 error packets in this case. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke --- Summary of changes: source3/smbd/smb1_reply.c | 41 - source3/smbd/smb2_reply.c | 46 +- 2 files changed, 45 insertions(+), 42 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb1_reply.c b/source3/smbd/smb1_reply.c index d53f5902da4..de6b4d99f79 100644 --- a/source3/smbd/smb1_reply.c +++ b/source3/smbd/smb1_reply.c @@ -52,6 +52,46 @@ #include "source3/printing/rap_jobid.h" #include "source3/lib/substitute.h" +/ + Check if we have a correct fsp pointing to a file. Basic check for open fsp. +/ + +bool check_fsp_open(connection_struct *conn, struct smb_request *req, +files_struct *fsp) +{ + if ((fsp == NULL) || (conn == NULL)) { + reply_nterror(req, NT_STATUS_INVALID_HANDLE); + return false; + } + if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) { + reply_nterror(req, NT_STATUS_INVALID_HANDLE); + return false; + } + return true; +} + +/ + Check if we have a correct fsp pointing to a file. +/ + +bool check_fsp(connection_struct *conn, struct smb_request *req, + files_struct *fsp) +{ + if (!check_fsp_open(conn, req, fsp)) { + return false; + } + if (fsp->fsp_flags.is_directory) { + reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST); + return false; + } + if (fsp_get_pathref_fd(fsp) == -1) { + reply_nterror(req, NT_STATUS_ACCESS_DENIED); + return false; + } + fsp->num_smb_operations++; + return true; +} + / Reply to a tcon. conn POINTER CAN BE NULL HERE ! @@ -4744,7 +4784,6 @@ void re
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c9a6e242d15 s3: smbd: Strip any leading '\' characters if the SMB2 DFS flag is set. via d99d14cbc1d s3: smbtorture: Add SMB2-DFS-FILENAME-LEADING-BACKSLASH test. from 01cdc5e00be lib/replace - add extra check to bsd_attr_list https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c9a6e242d15ee707a2e30f973fd37e80b3225aca Author: Jeremy Allison Date: Tue Jan 3 18:28:54 2023 -0800 s3: smbd: Strip any leading '\\' characters if the SMB2 DFS flag is set. MacOS clients send SMB2 DFS pathnames as \server\share\file\name. Ensure smbd can cope with this by stipping any leading '\\' characters from an SMB2 packet with the DFS flag set. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15277 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Jan 4 07:46:06 UTC 2023 on sn-devel-184 commit d99d14cbc1db2e59e6c0d6169dd623bfb686fa0f Author: Jeremy Allison Date: Tue Jan 3 17:53:17 2023 -0800 s3: smbtorture: Add SMB2-DFS-FILENAME-LEADING-BACKSLASH test. Shows that we fail to cope with MacOSX clients that send a (or more than one) leading '\\' character for an SMB2 DFS pathname. I missed this in earlier tests as Windows, Linux, and libsmbclient clients do NOT send a leading backslash for SMB2 DFS paths. Only MacOSX (sigh:-). Passes against Windows. Adds a knownfail for smbd. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15277 Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke --- Summary of changes: source3/selftest/tests.py | 14 source3/smbd/smb2_create.c | 13 ++- source3/torture/proto.h | 1 + source3/torture/test_smb2.c | 190 source3/torture/torture.c | 4 + 5 files changed, 220 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index a40316ef532..8039b4a8171 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -257,6 +257,20 @@ plantestsuite("samba3.smbtorture_s3.smb2.SMB2-DFS-PATHS", smbtorture3, "-mSMB2"]) +# BUG: https://bugzilla.samba.org/show_bug.cgi?id=15277 +# MacOSX clients send a leading '\\' character for DFS paths. +# +plantestsuite("samba3.smbtorture_s3.smb2.SMB2-DFS-FILENAME-LEADING-BACKSLASH", +"fileserver", +[os.path.join(samba3srcdir, + "script/tests/test_smbtorture_s3.sh"), +'SMB2-DFS-FILENAME-LEADING-BACKSLASH', +'//$SERVER_IP/msdfs-pathname-share', +'$USERNAME', +'$PASSWORD', +smbtorture3, +"-mSMB2"]) + # # SMB2-NON-DFS-SHARE needs to run against a special share non-msdfs-pathname-share # This is an empty non-DFS share with no links, used merely to test diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index aba339014bb..0f18d5594a4 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -776,6 +776,17 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx, in_file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS; + is_dfs = (smb1req->flags2 & FLAGS2_DFS_PATHNAMES); + if (is_dfs) { + /* +* With a DFS flag set, remove any leading '\\' +* characters from in_name before further processing. +*/ + while (in_name[0] == '\\') { + in_name++; + } + } + state->fname = talloc_strdup(state, in_name); if (tevent_req_nomem(state->fname, req)) { return tevent_req_post(req, state->ev); @@ -960,8 +971,6 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx, state->lease_ptr = NULL; } - is_dfs = (smb1req->flags2 & FLAGS2_DFS_PATHNAMES); - /* convert '\\' into '/' */ status = check_path_syntax_smb2(state->fname, is_dfs); if (tevent_req_nterror(req, status)) { diff --git a/source3/torture/proto.h b/source3/torture/proto.h index 92b7dd4216c..df98a7445d7 100644 --- a/source3/torture/proto.h +++ b/source3/torture/proto.h @@ -123,6 +123,7 @@ bool run_smb2_stream_acl(int dummy); bool run_smb2_dfs_paths(int dummy); bool run_smb2_non_dfs_share(int dummy); bool run_smb2_dfs_share_non_dfs_pat
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 89828c64c9a libsmb: Simplify clistr_is_previous_version_path() via 833cb4cb812 libsmb: Slightly simplify cli_smb2_create_fnum_send() via c64c8af6d4b libsmb: Use clistr_smb2_extract_snapshot_token() in cli_smb2_create_fnum_send() via 157a79f0ca4 s3: lib: Add new clistr_smb2_extract_snapshot_token() function. via fdc6449a3fd s3: smbd: Make extract_snapshot_token() a wrapper for extract_snapshot_token_internal(). via 96d68c6b8ae libsmb: Make a r/w copy of fname in cli_smb2_create_fnum_send() from 9189bd9c9c1 build: Convert winexe to use enabled= in wscript https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 89828c64c9a8114bb5f596bc007a7c126e803d80 Author: Volker Lendecke Date: Thu Dec 15 19:14:48 2022 +0100 libsmb: Simplify clistr_is_previous_version_path() Nobody looks at the out params anymore Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Dec 16 08:42:18 UTC 2022 on sn-devel-184 commit 833cb4cb8126dcbee914551bcd2e852cec67786c Author: Volker Lendecke Date: Thu Dec 15 19:10:09 2022 +0100 libsmb: Slightly simplify cli_smb2_create_fnum_send() We can now write to fname directly. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c64c8af6d4b121b0fa7ebe13b5c7c28ee9cc8053 Author: Jeremy Allison Date: Thu Dec 15 13:32:35 2022 -0800 libsmb: Use clistr_smb2_extract_snapshot_token() in cli_smb2_create_fnum_send() Now that fname is writable, we can avoid a bit of complexity with clistr_smb2_extract_snapshot_token() Signed-off-by: Volker Lendecke Signed-off-by: Jeremy Allison commit 157a79f0ca45a19db0826a7b49ab0582e8191a68 Author: Jeremy Allison Date: Thu Dec 15 13:26:49 2022 -0800 s3: lib: Add new clistr_smb2_extract_snapshot_token() function. Strips @GMT from client pathnames for SMB2 (uses '\\' separator). Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit fdc6449a3fdfb342184d6a30f22d8cf9cf708841 Author: Jeremy Allison Date: Thu Dec 15 13:24:12 2022 -0800 s3: smbd: Make extract_snapshot_token() a wrapper for extract_snapshot_token_internal(). Allows us to pass in path separator from a new function without changing existing calling code. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke commit 96d68c6b8aef33d6a227f3b52c241140cc0e8246 Author: Volker Lendecke Date: Thu Dec 15 18:54:58 2022 +0100 libsmb: Make a r/w copy of fname in cli_smb2_create_fnum_send() We're messing with this in 2 places in this routine and have to make a copy in both places. Make this writable, so we don't have to make a copy further down. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/lib/util_path.c| 34 ++--- source3/lib/util_path.h| 6 ++ source3/libsmb/cli_smb2_fnum.c | 43 ++ source3/libsmb/clifile.c | 28 +-- source3/libsmb/clilist.c | 4 ++-- 5 files changed, 46 insertions(+), 69 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/util_path.c b/source3/lib/util_path.c index 5a94b391dd6..9c9c6eb5807 100644 --- a/source3/lib/util_path.c +++ b/source3/lib/util_path.c @@ -260,10 +260,7 @@ static bool find_snapshot_token( return true; } -bool clistr_is_previous_version_path(const char *path, -const char **startp, -const char **endp, -NTTIME *ptwrp) +bool clistr_is_previous_version_path(const char *path) { const char *start = NULL; const char *next = NULL; @@ -271,30 +268,17 @@ bool clistr_is_previous_version_path(const char *path, bool ok; ok = find_snapshot_token(path, '\\', &start, &next, &twrp); - if (!ok) { - return false; - } - - if (startp != NULL) { - *startp = start; - } - if (endp != NULL) { - *endp = next; - } - if (ptwrp != NULL) { - *ptwrp = twrp; - } - return true; + return ok; } -bool extract_snapshot_token(char *fname, NTTIME *twrp) +static bool extract_snapshot_token_internal(char *fname, NTTIME *twrp, char sep) { const char *start = NULL; const char *next = NULL; size_t remaining; bool found; - found = find_snapshot_token(fname, '/', &start, &next, twrp); + found = find
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5259926de71 s4/torture/smb2: avoid possibly closing undefined handle from 5d82af05f31 smbd: Remove a few "extern userdom_struct current_user_info" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5259926de71d9915f6152d99e20cce3920ba4aeb Author: Douglas Bagnall Date: Tue Dec 13 10:11:17 2022 +1300 s4/torture/smb2: avoid possibly closing undefined handle From OSS-Fuzz compilation: Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1456:2: error: variable 'dir_handle' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized] Step #3 - "compile-honggfuzz-address-x86_64": torture_assert_ntstatus_ok_goto(tctx, status, ret, done, Step #3 - "compile-honggfuzz-address-x86_64": ^~~~ Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:748:3: note: expanded from macro 'torture_assert_ntstatus_ok_goto' Step #3 - "compile-honggfuzz-address-x86_64": torture_assert_ntstatus_equal_goto(torture_ctx,expr,NT_STATUS_OK,ret,label,cmt) Step #3 - "compile-honggfuzz-address-x86_64": ^~~ Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:316:6: note: expanded from macro 'torture_assert_ntstatus_equal_goto' Step #3 - "compile-honggfuzz-address-x86_64": if (!NT_STATUS_EQUAL(__got, __expected)) { \ Step #3 - "compile-honggfuzz-address-x86_64": ^~~ Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1582:24: note: uninitialized use occurs here Step #3 - "compile-honggfuzz-address-x86_64": smb2_util_close(tree, dir_handle); Step #3 - "compile-honggfuzz-address-x86_64": ^~ Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1456:2: note: remove the 'if' if its condition is always false Step #3 - "compile-honggfuzz-address-x86_64": torture_assert_ntstatus_ok_goto(tctx, status, ret, done, Step #3 - "compile-honggfuzz-address-x86_64": ^ Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:748:3: note: expanded from macro 'torture_assert_ntstatus_ok_goto' Step #3 - "compile-honggfuzz-address-x86_64": torture_assert_ntstatus_equal_goto(torture_ctx,expr,NT_STATUS_OK,ret,label,cmt) Step #3 - "compile-honggfuzz-address-x86_64": ^ Step #3 - "compile-honggfuzz-address-x86_64": ../../lib/torture/torture.h:316:2: note: expanded from macro 'torture_assert_ntstatus_equal_goto' Step #3 - "compile-honggfuzz-address-x86_64": if (!NT_STATUS_EQUAL(__got, __expected)) { \ Step #3 - "compile-honggfuzz-address-x86_64": ^ Step #3 - "compile-honggfuzz-address-x86_64": ../../source4/torture/smb2/dir.c:1434:2: note: variable 'dir_handle' is declared here Step #3 - "compile-honggfuzz-address-x86_64": struct smb2_handle dir_handle; Step #3 - "compile-honggfuzz-address-x86_64": ^ Signed-off-by: Douglas Bagnall Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Dec 13 07:45:20 UTC 2022 on sn-devel-184 --- Summary of changes: source4/torture/smb2/dir.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/smb2/dir.c b/source4/torture/smb2/dir.c index 3acd655e366..049e208f02a 100644 --- a/source4/torture/smb2/dir.c +++ b/source4/torture/smb2/dir.c @@ -1453,8 +1453,8 @@ static bool test_1k_files_rename(struct torture_context *tctx, }; status = smb2_create(tree, tree, &dir); - torture_assert_ntstatus_ok_goto(tctx, status, ret, done, - "Could not create test directory"); + torture_assert_ntstatus_ok(tctx, status, + "Could not create test directory"); dir_handle = dir.out.file.handle; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 70e8da42917 s3:libads: Fix debug message from 99480c50ca6 smbd: Close the opened file in smbd_smb2_create_after_exec() error case https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 70e8da4291727329ba239da48de6eec16217864e Author: Pavel Filipenský Date: Thu Dec 8 15:19:09 2022 +0100 s3:libads: Fix debug message 652c8ce1 has introduced talloc_move() which zeroes kdc_str Signed-off-by: Pavel Filipenský Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Dec 8 16:06:48 UTC 2022 on sn-devel-184 --- Summary of changes: source3/libads/kerberos.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 3fd86e87064..4accfdecb4a 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -592,7 +592,7 @@ static char *get_kdc_ip_string(char *mem_ctx, result = talloc_move(mem_ctx, &kdc_str); out: if (result != NULL) { - DBG_DEBUG("Returning\n%s\n", kdc_str); + DBG_DEBUG("Returning\n%s\n", result); } else { DBG_NOTICE("Failed to get KDC ip address\n"); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0c2146eb00c lib/compression: Include missing stat header file from f569f2c17f8 python/samba: use s3 param samba config parsing https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0c2146eb00c0e4fc4c933c3d5f2bf3469c3671ba Author: Anoop C S Date: Mon Dec 5 16:24:46 2022 +0530 lib/compression: Include missing stat header file was missing from compression library tests which resulted in the following compile time error: ../../lib/compression/tests/test_lzx_huffman.c: In function ‘datablob_from_file’: ../../lib/compression/tests/test_lzx_huffman.c:383:21: error: storage size of ‘s’ isn’t known 383 | struct stat s; | ^ ../../lib/compression/tests/test_lzx_huffman.c:389:15: warning: implicit declaration of function ‘fstat’ [-Wimplicit-function-declaration] 389 | ret = fstat(fileno(fh), &s); | ^ Signed-off-by: Anoop C S Reviewed-by: Douglas Bagnall Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Dec 6 11:39:16 UTC 2022 on sn-devel-184 --- Summary of changes: lib/compression/tests/test_lzx_huffman.c| 1 + lib/compression/tests/test_lzxpress_plain.c | 1 + 2 files changed, 2 insertions(+) Changeset truncated at 500 lines: diff --git a/lib/compression/tests/test_lzx_huffman.c b/lib/compression/tests/test_lzx_huffman.c index da094555c2d..3a055183f7b 100644 --- a/lib/compression/tests/test_lzx_huffman.c +++ b/lib/compression/tests/test_lzx_huffman.c @@ -27,6 +27,7 @@ #include #include #include +#include #include "replace.h" #include #include "lzxpress_huffman.h" diff --git a/lib/compression/tests/test_lzxpress_plain.c b/lib/compression/tests/test_lzxpress_plain.c index 57130852fc9..17e5a26207b 100644 --- a/lib/compression/tests/test_lzxpress_plain.c +++ b/lib/compression/tests/test_lzxpress_plain.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include "includes.h" #include "talloc.h" -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6ea1af287ee smbd: Simplify symlink_target_below_conn() via f31fb6e1ad0 smbd: Simplify readlink_talloc() via 453f846e189 smbd: No dfs_filename_convert() in filename_convert_smb1_search_path() via 71772c48f24 libsmb: Remove sync cli_posix_readlink() wrapper via a7f4ed09084 smbclient: Use cli_readlink via f17131020ec libsmb: Make readlink issue posix_readlink via 4be2569c002 smbd: Fix a comment via a1a0a7119d7 smbd: Slightly simplify smb_posix_unlink() via 0996ccdb821 tests: Test error codes for SET_REPARSE_POINT via 96580c8e195 tests: Try setting a 0-sized reparse point via b58f5f3379a tests: Ignore symlink trusts flags in symlink error returns via ec86c377238 pylibsmb: Add symlink flags via 7239d756290 lib: Add symlink trust flags from dochelp via f10f259eaeb tests: Fix use of self.assertRaises() via 73233bc341e tests: Show that we can write to a reparse point file via 62302849dd9 tests: Show that a directory with a reparse point can't be populated via 7fe3fab655e tests: IO_REPARSE_TAG_NOT_HANDLED is acceptable for unlink from ef8c8ac54cd s3:utils: Fix stack smashing in net offlinejoin https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6ea1af287eef832641464c6f764ea84a484a06f7 Author: Volker Lendecke Date: Sun Dec 4 12:16:39 2022 +0100 smbd: Simplify symlink_target_below_conn() readlink_talloc() deals exactly the same way with a NULL relname Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Dec 5 16:06:51 UTC 2022 on sn-devel-184 commit f31fb6e1ad0664fdba351822ec754c0d1b771657 Author: Volker Lendecke Date: Sun Dec 4 12:14:12 2022 +0100 smbd: Simplify readlink_talloc() SMB_VFS_READLINKAT() just looks at the basename, we can avoid the relname being talloc'ed Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 453f846e1897f7cbcc454f3095eb21d7ffb32be8 Author: Volker Lendecke Date: Mon Oct 24 19:56:31 2022 +0200 smbd: No dfs_filename_convert() in filename_convert_smb1_search_path() We further down call filename_convert_dirfsp(), which also has this call. No need to copy that code here as well. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 71772c48f241bdc048f99f297b5e0a77fdfda253 Author: Volker Lendecke Date: Sun Dec 4 11:07:09 2022 +0100 libsmb: Remove sync cli_posix_readlink() wrapper cli_readlink() now covers smb1 posix extensions as well Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit a7f4ed090845023069693412033da803edc32a31 Author: Volker Lendecke Date: Wed Oct 12 20:38:14 2022 +0200 smbclient: Use cli_readlink Make smbclient's readlink command also work for SMB2 reparse style symlink. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit f17131020ec23c5b88f56b4c8f4dfd4d3e88d6a2 Author: Volker Lendecke Date: Wed Oct 12 20:35:10 2022 +0200 libsmb: Make readlink issue posix_readlink Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 4be2569c002a8d592e08b0f1fb8b85154082e4a5 Author: Volker Lendecke Date: Tue Oct 11 17:01:28 2022 +0200 smbd: Fix a comment Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit a1a0a7119d746b884de43db6466b9e064d124a87 Author: Volker Lendecke Date: Wed Oct 12 07:27:36 2022 +0200 smbd: Slightly simplify smb_posix_unlink() We did check VALID_STAT() above. Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 0996ccdb821692f037eb1f6f2c01490aa7ab062e Author: Volker Lendecke Date: Fri Dec 2 10:34:55 2022 +0100 tests: Test error codes for SET_REPARSE_POINT Signed-off-by: Volker Lendecke Reviewed-by: David Mulder commit 96580c8e1957776a8564fc73363f30259827a686 Author: Volker Lendecke Date: Fri Dec 2 10:20:06 2022 +0100 tests: Try setting a 0-sized reparse point Signed-off-by: Volker Lendecke Reviewed-by: David Mulder commit b58f5f3379abac496d27f6afc0e31c8b874aa851 Author: Volker Lendecke Date: Fri Dec 2 10:17:15 2022 +0100 tests: Ignore symlink trusts flags in symlink error returns Signed-off-by: Volker Lendecke Reviewed-by: David Mulder commit ec86c377238ccc4e00b36ed3c9fe203a19a8139b Author: Volker Lendecke Date: Fri Dec 2 10:10:12 2022 +0100 pylibsmb: Add symlink flags Signed-off-by: Volker Lendecke Reviewed-by: David Mulder commit 7239d756290292f5056ea0235630e8413ef5960f Author: Volker Lendecke Date: Fri Dec 2 10:06:31 2022 +0100 l
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b97d31abb44 nsswitch:tests: Use ldb(modify|search) from the system via 5ea3a15be68 manpages: samba-dcerpcd: fix typo (add missing space) from 5f2565f0a8e testprogs: Do not run tests if undump.sh is not available https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b97d31abb44717a35951a9fcbef0248a7fb150af Author: Andreas Schneider Date: Thu Dec 1 15:49:43 2022 +0100 nsswitch:tests: Use ldb(modify|search) from the system If Samba is built against the system libldb, use the system tools. Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Dec 5 09:36:40 UTC 2022 on sn-devel-184 commit 5ea3a15be6896a0520382610e5d4ce6ac207aeec Author: Mikhail Novosyolov Date: Fri Oct 21 12:08:39 2022 +0300 manpages: samba-dcerpcd: fix typo (add missing space) Signed-off-by: Mikhail Novosyolov Reviewed-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: docs-xml/manpages/samba-dcerpcd.8.xml | 2 +- nsswitch/tests/test_idmap_ad.sh | 11 +-- 2 files changed, 10 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/samba-dcerpcd.8.xml b/docs-xml/manpages/samba-dcerpcd.8.xml index da8b77c9517..1e6f1918a17 100644 --- a/docs-xml/manpages/samba-dcerpcd.8.xml +++ b/docs-xml/manpages/samba-dcerpcd.8.xml @@ -70,7 +70,7 @@ helpers">true is set (the default setting), it is invoked on demand from smbd or winbind with a command line - containing--np-helper to serve DCERPC over named pipes + containing --np-helper to serve DCERPC over named pipes (np). It can also be used in a standalone mode where it is started separately from smbd or winbind via system startup scripts. If diff --git a/nsswitch/tests/test_idmap_ad.sh b/nsswitch/tests/test_idmap_ad.sh index 323aa1728d0..aef74bead96 100755 --- a/nsswitch/tests/test_idmap_ad.sh +++ b/nsswitch/tests/test_idmap_ad.sh @@ -16,8 +16,15 @@ TRUST_SERVER="$5" TRUST_PASSWORD="$6" wbinfo="$VALGRIND $BINDIR/wbinfo" -ldbmodify="$VALGRIND $BINDIR/ldbmodify" -ldbsearch="$VALGRIND $BINDIR/ldbsearch" +ldbmodify="${VALGRIND} ldbmodify" +if [ -x "${BINDIR}/ldbmodify" ]; then + ldbmodify="${VALGRIND} ${BINDIR}/ldbmodify" +fi + +ldbsearch="${VALGRIND} ldbsearch" +if [ -x "${BINDIR}/ldbsearch" ]; then + ldbsearch="${VALGRIND} ${BINDIR}/ldbsearch" +fi failed=0 -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5f2565f0a8e testprogs: Do not run tests if undump.sh is not available via 7d8347e8900 testprogs: If built against system db use the system tools in ldapcmp_restoredc.sh via 9a97e54f35a testprogs: If built against system db use the system tools in test_net_ads_dns.sh via 4b9d1b36424 testprogs: If built against system db use the system tools in test_trust_token.sh via c0d7642a372 testprogs: If built against system db use the system tools in test_primary_group.sh from a451fa5ef93 lib:compression: Initialize variables https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5f2565f0a8e57d7afb3cc84157c9ed9c55e66e01 Author: Andreas Schneider Date: Sat Dec 3 18:06:43 2022 +0100 testprogs: Do not run tests if undump.sh is not available We don't include source4/selftest/provisions/ in source tarballs! Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Dec 5 08:22:29 UTC 2022 on sn-devel-184 commit 7d8347e8900ae01fc7073a8b9647c37959dfbe7c Author: Andreas Schneider Date: Sun Dec 4 19:46:36 2022 +0100 testprogs: If built against system db use the system tools in ldapcmp_restoredc.sh Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit 9a97e54f35af800c5ccb15e54399d8935bf4f70d Author: Andreas Schneider Date: Sun Dec 4 19:44:52 2022 +0100 testprogs: If built against system db use the system tools in test_net_ads_dns.sh Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit 4b9d1b3642428d8445ddfb46b47de394e80d5857 Author: Andreas Schneider Date: Sun Dec 4 19:34:35 2022 +0100 testprogs: If built against system db use the system tools in test_trust_token.sh Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke commit c0d7642a372de20aed498d4830a59a9a5af57020 Author: Andreas Schneider Date: Sat Dec 3 17:48:33 2022 +0100 testprogs: If built against system db use the system tools in test_primary_group.sh Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: testprogs/blackbox/ldapcmp_restoredc.sh | 7 ++- testprogs/blackbox/test_net_ads_dns.sh | 13 +++-- testprogs/blackbox/test_primary_group.sh | 22 -- testprogs/blackbox/test_special_group.sh | 7 +++ testprogs/blackbox/test_trust_token.sh | 7 --- 5 files changed, 44 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/testprogs/blackbox/ldapcmp_restoredc.sh b/testprogs/blackbox/ldapcmp_restoredc.sh index 831b992e960..bf3ba321d8f 100755 --- a/testprogs/blackbox/ldapcmp_restoredc.sh +++ b/testprogs/blackbox/ldapcmp_restoredc.sh @@ -15,10 +15,15 @@ shift 2 . $(dirname $0)/subunit.sh +ldbsearch="${VALGRIND} ldbsearch" +if [ -x "${BINDIR}/ldbsearch" ]; then + ldbsearch="${VALGRIND} ${BINDIR}/ldbsearch" +fi + basedn() { SAMDB_PATH=$1 - $BINDIR/ldbsearch -H $SAMDB_PATH --basedn='' --scope=base defaultNamingContext | grep defaultNamingContext | awk '{print $2}' + ${ldbsearch} -H $SAMDB_PATH --basedn='' --scope=base defaultNamingContext | grep defaultNamingContext | awk '{print $2}' } ldapcmp_with_orig() diff --git a/testprogs/blackbox/test_net_ads_dns.sh b/testprogs/blackbox/test_net_ads_dns.sh index 2409420f785..feb731ca1fe 100755 --- a/testprogs/blackbox/test_net_ads_dns.sh +++ b/testprogs/blackbox/test_net_ads_dns.sh @@ -25,8 +25,17 @@ samba_tool="$samba4bindir/samba-tool" net_tool="$samba4bindir/net" smbpasswd="$samba4bindir/smbpasswd" texpect="$samba4bindir/texpect" -ldbsearch="$samba4bindir/ldbsearch" -ldbmodify="$samba4bindir/ldbmodify" + +ldbsearch="${VALGRIND} ldbsearch" +if [ -x "${BINDIR}/ldbsearch" ]; then + ldbsearch="${VALGRIND} ${BINDIR}/ldbsearch" +fi + +ldbmodify="${VALGRIND} ldbmodify" +if [ -x "${BINDIR}/ldbmodify" ]; then + ldbmodify="${VALGRIND} ${BINDIR}/ldbmodify" +fi + newuser="$samba_tool user create" groupaddmem="$samba_tool group addmembers" diff --git a/testprogs/blackbox/test_primary_group.sh b/testprogs/blackbox/test_primary_group.sh index cd2d61495f2..e71504338e5 100755 --- a/testprogs/blackbox/test_primary_group.sh +++ b/testprogs/blackbox/test_primary_group.sh @@ -21,6 +21,16 @@ failed=0 . $(dirname $0)/subunit.sh . $(dirname $0)/common_test_fns.inc +ldbsearch="${VALGRIND} ldbsearch" +if [ -x "${BINDIR}/ldbsearch" ]; then + ldbsearch=&qu
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cffe96ef613 nfs4_acl: Add comment for setting ACL as root via 154a0613f89 posix_acls: Make try_chown and unpack_nt_owners static via bfb4b368e10 nfs4_acls: Call chown_if_needed function to remove duplicate code via eeb8a66bf76 posix_acl: Move chown checks to new function via 1f3826a7f65 posix_acls: Remove redundant call to save mode from d9c192546fa lib/compression/lzxpress: fix our slow compression https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cffe96ef6132966305c640a329ed91f0f9514452 Author: Christof Schmitt Date: Tue Nov 29 16:51:10 2022 -0700 nfs4_acl: Add comment for setting ACL as root Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Dec 2 08:02:13 UTC 2022 on sn-devel-184 commit 154a0613f89a84becd6461e36d61a80509b9a9ef Author: Christof Schmitt Date: Tue Jul 12 16:35:37 2022 -0700 posix_acls: Make try_chown and unpack_nt_owners static These functions are now only called from check_chown in posix_acls.c Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke commit bfb4b368e1031c9c61274572fe8a453c055267a7 Author: Christof Schmitt Date: Tue Jul 12 16:32:08 2022 -0700 nfs4_acls: Call chown_if_needed function to remove duplicate code Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke commit eeb8a66bf76e4cc095532887cf2532b10e31b23f Author: Christof Schmitt Date: Tue Nov 29 16:46:24 2022 -0700 posix_acl: Move chown checks to new function Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke commit 1f3826a7f65a9123be6ebe3f9cc234ca691b28ec Author: Christof Schmitt Date: Tue Jul 12 16:08:07 2022 -0700 posix_acls: Remove redundant call to save mode The same assignment is already done earlier, and nothing is changed in between. Signed-off-by: Christof Schmitt Reviewed-by: Volker Lendecke --- Summary of changes: source3/modules/nfs4_acls.c | 51 source3/smbd/posix_acls.c | 111 +--- source3/smbd/proto.h| 5 +- 3 files changed, 77 insertions(+), 90 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index ff446bb1166..2daae990042 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -978,8 +978,6 @@ NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp, boolresult, is_directory; bool set_acl_as_root = false; - uid_t newUID = (uid_t)-1; - gid_t newGID = (gid_t)-1; int saved_errno; NTSTATUS status; TALLOC_CTX *frame = talloc_stackframe(); @@ -1019,49 +1017,20 @@ NTSTATUS smb_set_nt_acl_nfs4(vfs_handle_struct *handle, files_struct *fsp, is_directory = S_ISDIR(fsp->fsp_name->st.st_ex_mode); if (pparams->do_chown) { - /* chown logic is a copy/paste from posix_acl.c:set_nt_acl */ - - uid_t old_uid = fsp->fsp_name->st.st_ex_uid; - gid_t old_gid = fsp->fsp_name->st.st_ex_gid; - status = unpack_nt_owners(fsp->conn, &newUID, &newGID, - security_info_sent, psd); + /* +* When the chown succeeds, the special entries in the +* file system ACL refer to the new owner. In order to +* apply the complete information from the DACL, +* setting the ACL then has to succeed. Track this +* case with set_acl_as_root and set the ACL as root +* accordingly. +*/ + status = chown_if_needed(fsp, security_info_sent, psd, +&set_acl_as_root); if (!NT_STATUS_IS_OK(status)) { - DEBUG(8, ("unpack_nt_owners failed")); TALLOC_FREE(frame); return status; } - if (((newUID != (uid_t)-1) && (old_uid != newUID)) || - ((newGID != (gid_t)-1) && (old_gid != newGID))) - { - status = try_chown(fsp, newUID, newGID); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(3,("chown %s, %u, %u failed. Error = " -"%s.\n", fsp_str_dbg(fsp), -(unsigned int)newUID, -(unsigned int)newGID, -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 357bafe6258 smbd: Allow POSIX getinfo levels for smb3 unix extensions via bbc82a5d425 s3: Test that store_smb2_posix_info hides info for '..' via d0ad452fc81 s3: smbd: store_smb2_posix_info hide info for '..' via bdb98c83974 smbd: Implement SMB2_FS_POSIX_INFORMATION_INTERNAL via a73d9032388 tests/s3: Test file/dir permissions with SMB3 posix via 09c8426b95a tests/s3: Test case sensitive open with SMB3 posix via 160173ee064 tests/s3: Test delete on close with SMB3 posix via f481cd4a60a libcli: Add client support for SMB2_FILE_POSIX_INFORMATION via f0e1137425f tests/s3: Test reserved chars in posix filename via 08226d6c2e8 smbd: Implement SMB2_FILE_POSIX_INFORMATION in smbd_marshall_dir_entry via 7c2f08d564f tests/s3: Test SMB2_FIND_POSIX_INFORMATION dir query via 284787996d4 libsmb: Allow listing with posix context via 99de8d7cfa3 libsmb: Make info_level configurable in dir listing via 2c1a02d622c smbd: Plumb SMB2_FIND_POSIX_INFORMATION through the directory reading code. via 72004f8f948 s3: smbd: Add SMB2_FILE_POSIX_INFORMATION getinfo info level (100 on the wire). from 535a08dfc4c smbd: reject FILE_ATTRIBUTE_TEMPORARY on directories https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 357bafe62584e2ca1bbf0dfaf6f949262daf59dc Author: Volker Lendecke Date: Tue Nov 22 16:00:53 2022 +0100 smbd: Allow POSIX getinfo levels for smb3 unix extensions Signed-off-by: Volker Lendecke Reviewed-by: David Mulder Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Nov 29 11:23:58 UTC 2022 on sn-devel-184 commit bbc82a5d425ad51a269e1ab8e4db859943fcc4ff Author: David Mulder Date: Thu Nov 3 10:28:58 2022 -0600 s3: Test that store_smb2_posix_info hides info for '..' Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit d0ad452fc81f65017d1f783e98a58117278d8289 Author: David Mulder Date: Tue Oct 18 07:37:47 2022 -0600 s3: smbd: store_smb2_posix_info hide info for '..' When receiving a query for '..', hide the owner and group sids, the inode, and the dev id. Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit bdb98c8397462805b4cdfaedeee24c5d2b294b86 Author: David Mulder Date: Mon Sep 12 16:09:50 2022 -0700 smbd: Implement SMB2_FS_POSIX_INFORMATION_INTERNAL Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit a73d903238807f0e53c70dc2ecb017093206b7e8 Author: David Mulder Date: Fri Aug 5 14:00:30 2022 -0600 tests/s3: Test file/dir permissions with SMB3 posix Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 09c8426b95a0f95e10e1c22a1f0a285ce81fb19f Author: David Mulder Date: Fri Aug 5 13:05:48 2022 -0600 tests/s3: Test case sensitive open with SMB3 posix Disabled because we don't handle posix paths correctly yet. Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 160173ee0641c871981868ee100d84b4046710a6 Author: David Mulder Date: Fri Aug 5 10:56:32 2022 -0600 tests/s3: Test delete on close with SMB3 posix Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit f481cd4a60a55a30e78fe6da4aa5f5fe90fa433e Author: David Mulder Date: Fri Jul 8 13:15:51 2022 -0600 libcli: Add client support for SMB2_FILE_POSIX_INFORMATION Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit f0e1137425f5ed1ff97c729e4b39be626602e6b7 Author: David Mulder Date: Thu Jul 7 12:57:01 2022 -0600 tests/s3: Test reserved chars in posix filename Disabled because we don't handle posix paths correctly yet. Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 08226d6c2e8ed1e1d8104afcfcea37a66de0a413 Author: David Mulder Date: Fri Jun 17 15:06:29 2022 -0600 smbd: Implement SMB2_FILE_POSIX_INFORMATION in smbd_marshall_dir_entry Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 7c2f08d564f74d8259d0ad8c3b25923eb3e5ece4 Author: David Mulder Date: Wed Jun 15 15:39:00 2022 -0600 tests/s3: Test SMB2_FIND_POSIX_INFORMATION dir query Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 284787996d45ee8e5848a5071b42f114c791a56a Author: David Mulder Date: Tue Sep 20 10:28:20 2022 -0600 libsmb: Allow listing with posix context Signed-off-by: David Mulder Reviewed-by: Volker Lendecke commit 99de8d7cfa390a06a0a7e5ac14843a3bea3c9365 Author: David Mulder Date: Wed Jun 15 13:20:30 2022 -0600 libsmb: Make info_level configurable in dir listing This was hard coded to SMB2_FIND_ID_BOTH_DIRECTORY_INFO
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3b9ccfa4ac7 net: use correct printf format, fi3_id is an uint32_t from 95676825adb gitlab-ci: do some basic testing on ubuntu1804-32bit https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3b9ccfa4ac73332f324426dec940579e5eac96bc Author: Ralph Boehme Date: Tue Jan 10 12:22:28 2017 +0100 net: use correct printf format, fi3_id is an uint32_t Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Nov 24 16:39:12 UTC 2022 on sn-devel-184 --- Summary of changes: source3/utils/net_rpc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 1c89ffcd5e5..e1a0c491dd4 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -5644,7 +5644,7 @@ static int rpc_file_close(struct net_context *c, int argc, const char **argv) static void display_file_info_3(struct FILE_INFO_3 *r) { - d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n", + d_printf("%-7.1" PRIu32 " %-20.20s 0x%-4.2x %-6.1u %s\n", r->fi3_id, r->fi3_username, r->fi3_permissions, r->fi3_num_locks, r->fi3_pathname); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 09e9dd576da torture: Test the "server addresses" parameter via f9a3a6b434f testprogs: Fix testit_expect_failure_grep() via 55feb593012 testprogs: Add testit_grep_count() helper via e24481251dd srvsvc: Only list shares in "server addresses" via 23167a4dd7b smbd: Implement "server addresses" for tree connect via 9321a533cdc lib: Add lp_allow_local_address() via d9c4f94e4fd smbd: Add "server addresses" parameter via 12edd038cfa smbd: Some whitespace fixes from 4a68d43b7b0 third_party: Update nss_wrapper to version 1.1.13 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 09e9dd576dad5a38287b2241a965f769f1264292 Author: Volker Lendecke Date: Mon Nov 7 20:34:57 2022 +0100 torture: Test the "server addresses" parameter Thanks to Metze for the hint that all file servers already listen on 2 addressess -- V4 and V6 :-) Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Nov 10 08:23:14 UTC 2022 on sn-devel-184 commit f9a3a6b434f6b82303241a57beae3e1762a2c41d Author: Volker Lendecke Date: Wed Nov 9 14:09:34 2022 +0100 testprogs: Fix testit_expect_failure_grep() Callers expect success (i.e. retval==0) if grep failed with non-zero error status. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 55feb593012fc5b24e795a00081666fca740429c Author: Volker Lendecke Date: Wed Nov 9 14:04:23 2022 +0100 testprogs: Add testit_grep_count() helper Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit e24481251ddc64abfd51b9bd101833814defd8c4 Author: Volker Lendecke Date: Fri Oct 21 17:02:07 2022 +0200 srvsvc: Only list shares in "server addresses" Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 23167a4dd7be30123f66826999db559a4bc0db7d Author: Volker Lendecke Date: Fri Oct 21 16:58:36 2022 +0200 smbd: Implement "server addresses" for tree connect Only allow share connections if the server address matches Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 9321a533cdc3cbb81afa03bcf3cd5030b8b317ea Author: Volker Lendecke Date: Fri Oct 21 16:45:35 2022 +0200 lib: Add lp_allow_local_address() Helper function for listing and accessing shares Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit d9c4f94e4fde22a91c230d2ddb2eb3b9c56f88b0 Author: Volker Lendecke Date: Fri Oct 21 17:01:21 2022 +0200 smbd: Add "server addresses" parameter This is a per-share parameter to limit share visibility and accessibility to specific server IP addresses. This can be used to limit the visibility and accessibility of shares on different subnets offered by the server. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 12edd038cfa1326c517cb51e6b4c7bdf75f471fa Author: Volker Lendecke Date: Fri Oct 21 09:17:42 2022 +0200 smbd: Some whitespace fixes Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher --- Summary of changes: docs-xml/smbdotconf/browse/server_addresses.xml | 12 + selftest/target/Samba3.pm | 4 ++ source3/include/proto.h | 2 + source3/lib/util_sock.c | 1 + source3/param/service.c | 69 + source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 10 +++- source3/script/tests/test_server_addresses.sh | 32 source3/selftest/tests.py | 5 ++ source3/smbd/smb2_service.c | 35 +++-- testprogs/blackbox/subunit.sh | 31 ++- 10 files changed, 193 insertions(+), 8 deletions(-) create mode 100644 docs-xml/smbdotconf/browse/server_addresses.xml create mode 100755 source3/script/tests/test_server_addresses.sh Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/browse/server_addresses.xml b/docs-xml/smbdotconf/browse/server_addresses.xml new file mode 100644 index 000..e1dd6d60f8e --- /dev/null +++ b/docs-xml/smbdotconf/browse/server_addresses.xml @@ -0,0 +1,12 @@ +http://www.samba.org/samba/DTD/samba-doc";> + + This is a per-share parameter to limit share visibility and + accessibility to specific server IP addresses. Multi-homed servers + can offer a different set of shares per interface. + An empty list means to offer a share on all interfaces. + + + diff --git a/selftest/target/Samba3.pm b/selftest/targ
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 76adda9d2fe lib/replace: fix memory leak in snprintf replacements from 3030813765f gp: Ignore crontab -l error, since it means empty https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 76adda9d2fea9f93f4cf97536db5c0be6deeb98c Author: Stefan Metzmacher Date: Mon Oct 31 13:16:25 2022 +0100 lib/replace: fix memory leak in snprintf replacements BUG: https://bugzilla.samba.org/show_bug.cgi?id=15230 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Nov 9 11:18:02 UTC 2022 on sn-devel-184 --- Summary of changes: lib/replace/snprintf.c | 2 ++ 1 file changed, 2 insertions(+) Changeset truncated at 500 lines: diff --git a/lib/replace/snprintf.c b/lib/replace/snprintf.c index 6e4424b0b31..de814af4164 100644 --- a/lib/replace/snprintf.c +++ b/lib/replace/snprintf.c @@ -751,6 +751,8 @@ done: while (chunks) { cnk = chunks->next; + if (chunks->min_star) free(chunks->min_star); + if (chunks->max_star) free(chunks->max_star); free(chunks); chunks = cnk; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ffc59fe0946 smbd: Correct store_smb2_posix_info size check from 69273c3a836 docs-xml: ea support option restricted to user ns https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ffc59fe094612ca2ed549a5a7c7bc7017401991c Author: David Mulder Date: Fri Sep 9 08:14:44 2022 -0600 smbd: Correct store_smb2_posix_info size check Signed-off-by: David Mulder Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Oct 28 13:43:59 UTC 2022 on sn-devel-184 --- Summary of changes: source3/smbd/smb2_posix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_posix.c b/source3/smbd/smb2_posix.c index 6f7f106726f..9dbe16be42e 100644 --- a/source3/smbd/smb2_posix.c +++ b/source3/smbd/smb2_posix.c @@ -111,7 +111,7 @@ ssize_t store_smb2_posix_info( return -1; } - if (cc_len + 68 < buflen) { + if (buflen < cc_len + 68) { return cc_len + 68; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 69273c3a836 docs-xml: ea support option restricted to user ns via 34c6db64c2f s3: smbd: Consistently map EAs to user namespace from 8c94bbba270 testprogs/blackbox: add 'net ads keytab delete' tests to test_net_ads.sh https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 69273c3a836ede97c7fde74e2f1fdc84e92ec86f Author: Daniel Kobras Date: Fri Oct 21 16:40:14 2022 +0200 docs-xml: ea support option restricted to user ns Update documentation to match current behavior. Signed-off-by: Daniel Kobras Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Oct 28 07:24:18 UTC 2022 on sn-devel-184 commit 34c6db64c2ff62673f8df218487cda4139c10843 Author: Daniel Kobras Date: Mon Sep 26 10:27:19 2022 +0200 s3: smbd: Consistently map EAs to user namespace Samba has always been mapping Windows EAs to the 'user' namespace on the POSIX side. However, in the opposite direction, the mapping would also map other user-readable POSIX EA namespaces to Windows EAs, only stripping the 'user' namespace prefix, and passing all other EA names verbatim. This means any POSIX EA 'other.foo' collides with 'user.other.foo' on the Windows side, hence the mapping of non-user namespaces is unreliable. Also, copy operations via Windows would rename an existing POSIX EA 'other.foo' in the source file to 'user.other.foo' in the destination. The 'user' namespace, however, may not be enabled on the underlying filesystem, leading to subtle failure modes like the ones reported in eg. <https://bugzilla.samba.org/show_bug.cgi?id=15186> Fix the issues by restricting the mapping to the 'user' POSIX EA namespace consistently for either direction. Link: https://lists.samba.org/archive/samba-technical/2022-September/137634.html BUG: https://bugzilla.samba.org/show_bug.cgi?id=15186 Signed-off-by: Daniel Kobras Reviewed-by: Michael Weiser Tested-by: Michael Weiser Reviewed-by: Jeremy Allison Reviewed-by: Volker Lendecke --- Summary of changes: docs-xml/smbdotconf/protocol/easupport.xml | 9 + source3/smbd/smb2_trans2.c | 23 +-- 2 files changed, 30 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/protocol/easupport.xml b/docs-xml/smbdotconf/protocol/easupport.xml index fd425e8b514..f111a4c23be 100644 --- a/docs-xml/smbdotconf/protocol/easupport.xml +++ b/docs-xml/smbdotconf/protocol/easupport.xml @@ -14,8 +14,17 @@ attributes (e.g. the getfattr1 / setfattr1 utilities must work). + Access to extended user attributes must be allowed by the underlying +filesystem (e.g. when mounted with a system-dependent option like user_xattr on Linux). + +This option exposes the "user" attribute namespace from the underlying filesystem to +clients. In order to match Windows conventions, the namespace prefix ("user.") is +stripped from the attribute name on the client side. The handling of further attribute +namespaces (like "security", "system", or "trusted") is not affected by this option. + + Note that the SMB protocol allows setting attributes whose value is 64K bytes long, and that on NTFS, the maximum storage space for extended attributes per file is 64K. On some filesystem the limits may be lower. Filesystems with too limited EA diff --git a/source3/smbd/smb2_trans2.c b/source3/smbd/smb2_trans2.c index 95cecce96e1..69f6184bff1 100644 --- a/source3/smbd/smb2_trans2.c +++ b/source3/smbd/smb2_trans2.c @@ -454,7 +454,19 @@ static NTSTATUS get_ea_list_from_fsp(TALLOC_CTX *mem_ctx, struct ea_list *listp; fstring dos_ea_name; - if (strnequal(names[i], "system.", 7) + /* +* POSIX EA names are divided into several namespaces by +* means of string prefixes. Usually, the system controls +* semantics for each namespace, but the 'user' namespace is +* available for arbitrary use, which comes closest to +* Windows EA semantics. Hence, we map POSIX EAs from the +* 'user' namespace to Windows EAs, and just ignore all the +* other namespaces. Also, a few specific names in the 'user' +* namespace are used by Samba internally. Filter them
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 688be0177b0 ctdb: Fix a use-after-free in run_proc from 9a8bc67f4a5 vfs_glusterfs: Remove special handling of O_CREAT flag https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 688be0177b04d04709813a02ae6da1e983ac25dd Author: Volker Lendecke Date: Fri Sep 30 17:02:41 2022 +0200 ctdb: Fix a use-after-free in run_proc If you happen to talloc_free(run_ctx) before all the tevent_req's hanging off it, you run into the following: ==495196== Invalid read of size 8 ==495196==at 0x10D757: run_proc_state_destructor (run_proc.c:413) ==495196==by 0x488F736: _tc_free_internal (talloc.c:1158) ==495196==by 0x488FBDD: _talloc_free_internal (talloc.c:1248) ==495196==by 0x4890F41: _talloc_free (talloc.c:1792) ==495196==by 0x48538B1: tevent_req_received (tevent_req.c:293) ==495196==by 0x4853429: tevent_req_destructor (tevent_req.c:129) ==495196==by 0x488F736: _tc_free_internal (talloc.c:1158) ==495196==by 0x4890AF6: _tc_free_children_internal (talloc.c:1669) ==495196==by 0x488F967: _tc_free_internal (talloc.c:1184) ==495196==by 0x488FBDD: _talloc_free_internal (talloc.c:1248) ==495196==by 0x4890F41: _talloc_free (talloc.c:1792) ==495196==by 0x10DE62: main (run_proc_test.c:86) ==495196== Address 0x55b77f8 is 152 bytes inside a block of size 160 free'd ==495196==at 0x48399AB: free (vg_replace_malloc.c:538) ==495196==by 0x488FB25: _tc_free_internal (talloc.c:1222) ==495196==by 0x488FBDD: _talloc_free_internal (talloc.c:1248) ==495196==by 0x4890F41: _talloc_free (talloc.c:1792) ==495196==by 0x10D315: run_proc_context_destructor (run_proc.c:329) ==495196==by 0x488F736: _tc_free_internal (talloc.c:1158) ==495196==by 0x488FBDD: _talloc_free_internal (talloc.c:1248) ==495196==by 0x4890F41: _talloc_free (talloc.c:1792) ==495196==by 0x10DE62: main (run_proc_test.c:86) ==495196== Block was alloc'd at ==495196==at 0x483877F: malloc (vg_replace_malloc.c:307) ==495196==by 0x488EAD9: __talloc_with_prefix (talloc.c:783) ==495196==by 0x488EC73: __talloc (talloc.c:825) ==495196==by 0x488F0FC: _talloc_named_const (talloc.c:982) ==495196==by 0x48925B1: _talloc_zero (talloc.c:2421) ==495196==by 0x10C8F2: proc_new (run_proc.c:61) ==495196==by 0x10D4C9: run_proc_send (run_proc.c:381) ==495196==by 0x10DDF6: main (run_proc_test.c:79) This happens because run_proc_context_destructor() directly does a talloc_free() on the struct proc_context's and not the enclosing tevent_req's. run_proc_kill() makes sure that we don't follow proc->req, but it forgets the "state->proc", which is free()'ed, but later dereferenced in run_proc_state_destructor(). This is an attempt at a quick fix, I believe we should convert run_proc_context->plist into an array of tevent_req's, so that we can properly TALLOC_FREE() according to the "natural" hierarchy and not just pull an arbitrary thread out of that heap. Signed-off-by: Volker Lendecke Reviewed-by: Martin Schwenke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Oct 6 15:10:20 UTC 2022 on sn-devel-184 --- Summary of changes: ctdb/common/run_proc.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/common/run_proc.c b/ctdb/common/run_proc.c index d55af6c3a1e..84bc343ba1f 100644 --- a/ctdb/common/run_proc.c +++ b/ctdb/common/run_proc.c @@ -408,10 +408,10 @@ struct tevent_req *run_proc_send(TALLOC_CTX *mem_ctx, static int run_proc_state_destructor(struct run_proc_state *state) { /* Do not get rid of the child process if timeout has occurred */ - if (state->proc->req != NULL) { + if ((state->proc != NULL) && (state->proc->req != NULL)) { state->proc->req = NULL; DLIST_REMOVE(state->run_ctx->plist, state->proc); - talloc_free(state->proc); + TALLOC_FREE(state->proc); } return 0; @@ -439,6 +439,7 @@ static void run_proc_kill(struct tevent_req *req) req, struct run_proc_state); state->proc->req = NULL; + state->proc = NULL; state->result.sig = SIGKILL; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f6b391e04a4 vfs_gpfs: Protect against timestamps before the Unix epoch from d9dda4b7af2 ctdb-scripts: Add debugging variable CTDB_KILLTCP_DEBUGLEVEL https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f6b391e04a4d5974b908f4f375bd2876083aa7b2 Author: Volker Lendecke Date: Mon Aug 22 15:24:01 2022 +0200 vfs_gpfs: Protect against timestamps before the Unix epoch In addition to b954d181cd2 we should also protect against timestamps before the epoch. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15151 Signed-off-by: Volker Lendecke Reviewed-by: Christof Schmitt Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Sep 23 06:50:17 UTC 2022 on sn-devel-184 --- Summary of changes: source3/modules/vfs_gpfs.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index 1f3d803e1c5..779627f8115 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1679,10 +1679,10 @@ static int timespec_to_gpfs_time( return 0; } - if (ts.tv_sec > UINT32_MAX) { - DBG_WARNING("GPFS uses 32-bit unsigned timestamps, " - "%ju is too large\n", - (uintmax_t)ts.tv_sec); + if (ts.tv_sec < 0 || ts.tv_sec > UINT32_MAX) { + DBG_NOTICE("GPFS uses 32-bit unsigned timestamps " + "and cannot handle %jd.\n", + (intmax_t)ts.tv_sec); errno = ERANGE; return -1; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1788b59bc0a s3/winbindd: Fix bad access to sid array (with debug level >= info) from e4929866610 s3: torture: Add a comprehensive SMB2 DFS path torture tester. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1788b59bc0aaa8f18186ad9b9945fbd634f02445 Author: Noel Power Date: Wed Aug 31 12:27:53 2022 +0100 s3/winbindd: Fix bad access to sid array (with debug level >= info) ==6436==at 0xA85F95B: dom_sid_string_buf (dom_sid.c:444) ==6436==by 0xA85FBF2: dom_sid_str_buf (dom_sid.c:515) ==6436==by 0x17EDF8: wb_lookupusergroups_recv (wb_lookupusergroups.c:115) ==6436==by 0x17F964: wb_gettoken_gotgroups (wb_gettoken.c:123) ==6436==by 0x56AD332: _tevent_req_notify_callback (tevent_req.c:141) ==6436==by 0x56AD493: tevent_req_finish (tevent_req.c:193) ==6436==by 0x56AD5C0: tevent_req_trigger (tevent_req.c:250) ==6436==by 0x56AC119: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) ==6436==by 0x56AC268: tevent_common_loop_immediate (tevent_immediate.c:236) ==6436==by 0x56B678A: epoll_event_loop_once (tevent_epoll.c:919) ==6436==by 0x56B31C3: std_event_loop_once (tevent_standard.c:110) ==6436==by 0x56AA621: _tevent_loop_once (tevent.c:825) ==6436== ==6436== Invalid read of size 1 ==6436==at 0xA85F95B: dom_sid_string_buf (dom_sid.c:444) ==6436==by 0xA85FBF2: dom_sid_str_buf (dom_sid.c:515) ==6436==by 0x17EDF8: wb_lookupusergroups_recv (wb_lookupusergroups.c:115) ==6436==by 0x17F964: wb_gettoken_gotgroups (wb_gettoken.c:123) ==6436==by 0x56AD332: _tevent_req_notify_callback (tevent_req.c:141) ==6436==by 0x56AD493: tevent_req_finish (tevent_req.c:193) ==6436==by 0x56AD5C0: tevent_req_trigger (tevent_req.c:250) ==6436==by 0x56AC119: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) ==6436==by 0x56AC268: tevent_common_loop_immediate (tevent_immediate.c:236) ==6436==by 0x56B678A: epoll_event_loop_once (tevent_epoll.c:919) ==6436==by 0x56B31C3: std_event_loop_once (tevent_standard.c:110) ==6436==by 0x56AA621: _tevent_loop_once (tevent.c:825) BUG: https://bugzilla.samba.org/show_bug.cgi?id=15160 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Aug 31 15:07:31 UTC 2022 on sn-devel-184 --- Summary of changes: source3/winbindd/wb_lookupusergroups.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/wb_lookupusergroups.c b/source3/winbindd/wb_lookupusergroups.c index 7ac1b6e03d2..7f359ee9316 100644 --- a/source3/winbindd/wb_lookupusergroups.c +++ b/source3/winbindd/wb_lookupusergroups.c @@ -113,7 +113,7 @@ NTSTATUS wb_lookupusergroups_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, for (i = 0; i < *num_sids; i++) { struct dom_sid_buf buf; D_INFO("%"PRIu32": %s\n", - i, dom_sid_str_buf(&*sids[i], &buf)); + i, dom_sid_str_buf(&(*sids)[i], &buf)); } } return NT_STATUS_OK; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 06f35edaf12 lib: Map ERANGE to NT_STATUS_INTEGER_OVERFLOW via b954d181cd2 vfs_gpfs: Prevent mangling of GPFS timestamps after 2106 from 96e2a82760e s3:smbd: only clear LEASE_READ if there's no read lease is left https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 06f35edaf129ce3195960905d38af73ec12fc716 Author: Volker Lendecke Date: Tue Sep 1 13:24:55 2020 +0200 lib: Map ERANGE to NT_STATUS_INTEGER_OVERFLOW Bug: https://bugzilla.samba.org/show_bug.cgi?id=15151 Signed-off-by: Volker Lendecke Reviewed-by: Christof Schmitt Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Fri Aug 19 12:43:06 UTC 2022 on sn-devel-184 commit b954d181cd25d9029d3c222e8d97fe7a3b0b2400 Author: Volker Lendecke Date: Mon Aug 31 16:14:14 2020 +0200 vfs_gpfs: Prevent mangling of GPFS timestamps after 2106 gpfs_set_times as of August 2020 stores 32-bit unsigned tv_sec. We should not silently garble time stamps but reject the attempt to set an out-of-range timestamp. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15151 Signed-off-by: Volker Lendecke Reviewed-by: Christof Schmitt --- Summary of changes: source3/lib/errmap_unix.c | 3 +++ source3/modules/vfs_gpfs.c | 43 +-- 2 files changed, 36 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/errmap_unix.c b/source3/lib/errmap_unix.c index 73b2f532a06..029efae0f51 100644 --- a/source3/lib/errmap_unix.c +++ b/source3/lib/errmap_unix.c @@ -119,6 +119,9 @@ static const struct { { EOVERFLOW, NT_STATUS_ALLOTTED_SPACE_EXCEEDED }, #endif { EINPROGRESS, NT_STATUS_MORE_PROCESSING_REQUIRED }, +#ifdef ERANGE + { ERANGE, NT_STATUS_INTEGER_OVERFLOW }, +#endif }; /* diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c index bb15ba630b9..1f3d803e1c5 100644 --- a/source3/modules/vfs_gpfs.c +++ b/source3/modules/vfs_gpfs.c @@ -1672,15 +1672,27 @@ static int vfs_gpfs_lstat(struct vfs_handle_struct *handle, return ret; } -static void timespec_to_gpfs_time(struct timespec ts, gpfs_timestruc_t *gt, - int idx, int *flags) +static int timespec_to_gpfs_time( + struct timespec ts, gpfs_timestruc_t *gt, int idx, int *flags) { - if (!is_omit_timespec(&ts)) { - *flags |= 1 << idx; - gt[idx].tv_sec = ts.tv_sec; - gt[idx].tv_nsec = ts.tv_nsec; - DEBUG(10, ("Setting GPFS time %d, flags 0x%x\n", idx, *flags)); + if (is_omit_timespec(&ts)) { + return 0; } + + if (ts.tv_sec > UINT32_MAX) { + DBG_WARNING("GPFS uses 32-bit unsigned timestamps, " + "%ju is too large\n", + (uintmax_t)ts.tv_sec); + errno = ERANGE; + return -1; + } + + *flags |= 1 << idx; + gt[idx].tv_sec = ts.tv_sec; + gt[idx].tv_nsec = ts.tv_nsec; + DBG_DEBUG("Setting GPFS time %d, flags 0x%x\n", idx, *flags); + + return 0; } static int smbd_gpfs_set_times(struct files_struct *fsp, @@ -1691,10 +1703,21 @@ static int smbd_gpfs_set_times(struct files_struct *fsp, int rc; ZERO_ARRAY(gpfs_times); - timespec_to_gpfs_time(ft->atime, gpfs_times, 0, &flags); - timespec_to_gpfs_time(ft->mtime, gpfs_times, 1, &flags); + rc = timespec_to_gpfs_time(ft->atime, gpfs_times, 0, &flags); + if (rc != 0) { + return rc; + } + + rc = timespec_to_gpfs_time(ft->mtime, gpfs_times, 1, &flags); + if (rc != 0) { + return rc; + } + /* No good mapping from LastChangeTime to ctime, not storing */ - timespec_to_gpfs_time(ft->create_time, gpfs_times, 3, &flags); + rc = timespec_to_gpfs_time(ft->create_time, gpfs_times, 3, &flags); + if (rc != 0) { + return rc; + } if (!flags) { DBG_DEBUG("nothing to do, return to avoid EINVAL\n"); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 076c22fbd7e selftest/Samba3: let nt4_dc* use vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS=no via 4708ba2f013 vfs_default: Use openat2(RESOLVE_NO_SYMLINKS) if available via 8544f4490a0 vfs_default: prepare O_PATH usage with openat2() via d6653067b20 s3:smbd: let openat_pathref_dirfsp_nosymlink() try VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS first via 35b99c87ef9 s3:smbd: let openat_pathref_dirfsp_nosymlink() handle ELOOP similar to ENOTDIR via 17484d069b9 s3:smbd: let openat_pathref_dirfsp_nosymlink() do a verification loop against . and .. first via f7dc2755832 vfs: define VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS via ae1a84f7313 lib/replace: let DISABLE_OPATH also undef __NR_openat2 via f7618dd31a9 lib/replace: add fallback defines for __NR_openat2 via b89001e9226 lib/replace: use syscall(__NR_openat2) if available via 37ba6df174d lib/replace: always include in replace.c if available via ce804b78164 lib/replace: add a replacement for openat2() that returns ENOSYS via 2369d083336 vfs_btrfs: fix include order, includes.h or replace.h should be first via cea9451f780 vfs_io_uring: hide a possible definition of struct open_how in liburing/compat.h via 2b51bad7475 wafsamba: allow cflags for CHECK_TYPE[_IN]() via 085f1485753 s3:tests: add a lot more tests to test_symlink_traversal_smb2.sh from a38fad29803 s3:utils: Fix NULL check https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 076c22fbd7ecbf22dbfeb1711609f07fd42f88b0 Author: Stefan Metzmacher Date: Fri Aug 12 10:55:42 2022 +0200 selftest/Samba3: let nt4_dc* use vfs_default:VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS=no We should always test the code path without openat2 being available, even if the kernel supports it. Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Aug 15 16:00:26 UTC 2022 on sn-devel-184 commit 4708ba2f013c5f5ea5aa5dcf4873c2b4a86fb8ff Author: Volker Lendecke Date: Fri Jun 17 17:41:52 2022 +0200 vfs_default: Use openat2(RESOLVE_NO_SYMLINKS) if available This improves the following test: time smbtorture //127.0.0.1/m -Uroot%test \ smb2.create.bench-path-contention-shared \ --option='torture:bench_path=Apps\1\2\3\4\5\6\7\8\9\10' \ --option="torture:timelimit=600" \ --option="torture:nprocs=1" From: open[num/s=14186,avslat=0.44,minlat=0.42,maxlat=0.79] close[num/s=14185,avslat=0.27,minlat=0.25,maxlat=0.57] to: open[num/s=16917,avslat=0.38,minlat=0.35,maxlat=0.000340] close[num/s=16916,avslat=0.20,minlat=0.19,maxlat=0.000104] Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Volker Lendecke Signed-off-by: Stefan Metzmacher commit 8544f4490a0b5e54b807daedddb96778744b62ee Author: Stefan Metzmacher Date: Wed Jul 27 18:43:14 2022 + vfs_default: prepare O_PATH usage with openat2() When O_PATH is specified in flags, flag bits other than O_CLOEXEC, O_DIRECTORY, and O_NOFOLLOW are ignored. In preparation to use openat2(), which gives an error instead of ignoring flags, we better remove unexpected flags, callers typically pass O_RDONLY and O_NONBLOCK. Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit d6653067b20e61af1f05423764c8486a1a5445c8 Author: Volker Lendecke Date: Thu Jul 14 19:44:04 2022 +0200 s3:smbd: let openat_pathref_dirfsp_nosymlink() try VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS first This will reduce the amount of syscalls and the related cost drastically for long path names. Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Volker Lendecke Signed-off-by: Stefan Metzmacher commit 35b99c87ef92df006f8b0a41bbea051f0faeadb9 Author: Stefan Metzmacher Date: Fri Aug 12 19:12:44 2022 +0200 s3:smbd: let openat_pathref_dirfsp_nosymlink() handle ELOOP similar to ENOTDIR This is no likely to happen as we use O_NOFOLLOW with O_DIRECTORY, but it's better to be prepared... This will be more important in the upcoming openat2(RESOLVE_NO_SYMLINK) case, but we should be consitent... Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit 17484d069b92d08b0228fb509ea42ab4c3f496a8 Author: Stefan Metzmacher Date: Wed Aug 10 22:01:10 2022 +0200 s3:smbd: let openat_pathref_dirfsp_nosymlink() do a verification loop against . and .. first I guess we should catch NT_STATUS_OBJECT_NAME_INVALID first, currently the check is already done in check_path_syntax*,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fc45fcfde51 vfs_default: assert all passed in fsp's and names are non-stream type via 51243e38497 vfs_streams_xattr: restrict which fcntl's are allowed on streams via f0299abf1b2 smbd: skip access checks for stat-opens on streams in open_file() via 06555c6bcb5 smbd: use metadata_fsp() in get_acl_group_bits() via 3af8f8e8741 smbd: ignore request to set the SPARSE attribute on streams via 55e55804bb2 smbd: use metadata_fsp() with SMB_VFS_FSET_DOS_ATTRIBUTES() via 03b9ce84736 smbd: use metadata_fsp() with SMB_VFS_FGET_DOS_ATTRIBUTES() via 4ab29e2a345 smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL() via c949e4b2a42 smbd: use metadata_fsp() with SMB_VFS_FGET_NT_ACL() via 23bc760ec5d CI: add a test trying to delete a stream on a pathref ("stat open") handle via 92e0045d7ca vfs_xattr_tdb: add "xattr_tdb:ignore_user_xattr" option via 451ad315a9b vfs_xattr_tdb: add a module config via b26dc252aaf vfs_xattr_tdb: move close_xattr_db() via 0d3995cec10 smdb: use fsp_is_alternate_stream() in open_file() from 042141efdb5 third_party: Reformat shell scripts https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fc45fcfde51b0b0bdcd524c82a0f9eabf7273045 Author: Ralph Boehme Date: Wed Jul 27 18:40:21 2022 +0200 vfs_default: assert all passed in fsp's and names are non-stream type Enforce fsp is a non-stream one in as many VFS operations as possible in vfs_default. We really need an assert here instead of returning an error, as otherwise he can have very hard to diagnose bugs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Wed Aug 10 16:32:35 UTC 2022 on sn-devel-184 commit 51243e3849736acbbf1d8f52cc02cdec5995fde4 Author: Ralph Boehme Date: Fri Jul 29 07:07:25 2022 +0200 vfs_streams_xattr: restrict which fcntl's are allowed on streams BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit f0299abf1b28a14518328710d9f84bef17fd2ecf Author: Ralph Boehme Date: Wed Jul 27 15:58:37 2022 +0200 smbd: skip access checks for stat-opens on streams in open_file() For streams, access is already checked in create_file_unixpath() by check_base_file_access(). We already skip the access check in this function when doing an IO open of a file, see above in open_file(), also skip it for "stat opens". BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 06555c6bcb5644fc9eea35b3cbae8d8801c65ab6 Author: Ralph Boehme Date: Wed Jul 27 19:05:26 2022 +0200 smbd: use metadata_fsp() in get_acl_group_bits() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 3af8f8e8741cc8c889bbf416ccd38a1b702917ec Author: Ralph Boehme Date: Fri Jul 29 14:56:41 2022 +0200 smbd: ignore request to set the SPARSE attribute on streams As per MS-FSA 2.1.1.5 this is a per stream attribute, but our backends don't support it in a consistent way, therefor just pretend success and ignore the request. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 55e55804bb2d0f21c1bbe207257bb40555f3b7a2 Author: Ralph Boehme Date: Fri Jul 29 14:56:21 2022 +0200 smbd: use metadata_fsp() with SMB_VFS_FSET_DOS_ATTRIBUTES() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 03b9ce84736d536ab2dd8a5ce1a2656e6a90c8c8 Author: Ralph Boehme Date: Fri Jul 29 14:55:08 2022 +0200 smbd: use metadata_fsp() with SMB_VFS_FGET_DOS_ATTRIBUTES() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme Reviewed-by: Volker Lendecke commit 4ab29e2a345b48ebba652d5154e96adf954a6757 Author: Ralph Boehme Date: Fri Jul 29 14:54:07 2022 +0200 smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL(
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 82d931d23d1 s3: smbd: Oops. DBG_ERR messages I used to debug parse_dfs_path(), should have been DBG_DEBUG. from fb937ddc838 lib/util/access: source3/auth/user_util: Check for INNETGR https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 82d931d23d14670c086082483943700d61d1b7a0 Author: Jeremy Allison Date: Fri Aug 5 11:06:13 2022 -0700 s3: smbd: Oops. DBG_ERR messages I used to debug parse_dfs_path(), should have been DBG_DEBUG. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Aug 8 09:07:24 UTC 2022 on sn-devel-184 --- Summary of changes: source3/smbd/msdfs.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c index 1f24c87ccbd..a52a2449965 100644 --- a/source3/smbd/msdfs.c +++ b/source3/smbd/msdfs.c @@ -121,7 +121,7 @@ static NTSTATUS parse_dfs_path(connection_struct *conn, */ trim_char(p, '/', '/'); - DBG_ERR("p = |%s| after trimming /'s\n", p); + DBG_DEBUG("p = |%s| after trimming /'s\n", p); /* Now tokenize. */ /* Parse out hostname. */ @@ -143,7 +143,7 @@ static NTSTATUS parse_dfs_path(connection_struct *conn, *p = '\0'; pdp->hostname = pathname_local; - DBG_ERR("hostname: %s\n",pdp->hostname); + DBG_DEBUG("hostname: %s\n",pdp->hostname); /* Parse out servicename. */ servicename = p+1; @@ -183,7 +183,7 @@ static NTSTATUS parse_dfs_path(connection_struct *conn, pdp->servicename = servicename; - DBG_ERR("servicename: %s\n", pdp->servicename); + DBG_DEBUG("servicename: %s\n", pdp->servicename); if(p == NULL) { /* Client sent self referral \server\share. */ @@ -202,7 +202,7 @@ static NTSTATUS parse_dfs_path(connection_struct *conn, */ pdp->reqpath = p; - DBG_ERR("rest of the path: %s\n", pdp->reqpath); + DBG_DEBUG("rest of the path: %s\n", pdp->reqpath); return NT_STATUS_OK; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fb937ddc838 lib/util/access: source3/auth/user_util: Check for INNETGR via e13875601ff nsswitch/wins: Define NETDB_* for other libc's from 7cd87156761 vfs: Add struct vfs_open_how.resolve https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fb937ddc838043deb82b6a557dce8f29001d0a19 Author: listout Date: Thu Jul 14 18:51:09 2022 +0530 lib/util/access: source3/auth/user_util: Check for INNETGR Checking for presence of both netgroup and innetgr. INNETGR is not defined on libc's such as musl so not checking results in a build error. Signed-off-by: listout Reviewed-by: Andreas Schneider Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Aug 8 07:28:31 UTC 2022 on sn-devel-184 commit e13875601ff6f488b48e7de0f6838db3565401d4 Author: listout Date: Thu Jul 14 18:45:17 2022 +0530 nsswitch/wins: Define NETDB_* for other libc's Define NETDB_SUCCESS and NETDB_INTERNAL if they are not defined. On libc's such as musl NETDB_INTERNAL and NETDB_SUCCESS are not defined. Signed-off-by: listout Reviewed-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: lib/util/access.c| 2 +- nsswitch/wins.c | 8 source3/auth/user_util.c | 4 ++-- 3 files changed, 11 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/access.c b/lib/util/access.c index b1b4bffaeaa..f4b5ae79125 100644 --- a/lib/util/access.c +++ b/lib/util/access.c @@ -115,7 +115,7 @@ static bool string_match(const char *tok,const char *s) return true; } } else if (tok[0] == '@') { /* netgroup: look it up */ -#ifdef HAVE_NETGROUP +#if defined(HAVE_NETGROUP) && defined(HAVE_INNETGR) DATA_BLOB tmp; char *mydomain = NULL; char *hostname = NULL; diff --git a/nsswitch/wins.c b/nsswitch/wins.c index e202a45e26e..a310477cfad 100644 --- a/nsswitch/wins.c +++ b/nsswitch/wins.c @@ -40,6 +40,14 @@ static pthread_mutex_t wins_nss_mutex = PTHREAD_MUTEX_INITIALIZER; #define INADDRSZ 4 #endif +#ifndef NETDB_INTERNAL +#define NETDB_INTERNAL -1 +#endif + +#ifndef NETDB_SUCCESS +#define NETDB_SUCCESS 0 +#endif + _PUBLIC_ON_LINUX_ NSS_STATUS _nss_wins_gethostbyname_r(const char *hostname, struct hostent *he, diff --git a/source3/auth/user_util.c b/source3/auth/user_util.c index 805f3ada231..cd97d62af4b 100644 --- a/source3/auth/user_util.c +++ b/source3/auth/user_util.c @@ -135,7 +135,7 @@ static void store_map_in_gencache(TALLOC_CTX *ctx, const char *from, const char bool user_in_netgroup(TALLOC_CTX *ctx, const char *user, const char *ngname) { -#ifdef HAVE_NETGROUP +#if defined(HAVE_NETGROUP) && defined(HAVE_INNETGR) char nis_domain_buf[256]; const char *nis_domain = NULL; char *lowercase_user = NULL; @@ -183,7 +183,7 @@ bool user_in_netgroup(TALLOC_CTX *ctx, const char *user, const char *ngname) TALLOC_FREE(lowercase_user); return true; } -#endif /* HAVE_NETGROUP */ +#endif /* HAVE_NETGROUP and HAVE_INNETGR */ return false; } -- Samba Shared Repository