Andreas Schneider [Tue, 11 Jun 2019 13:18:26 +0000 (15:18 +0200)]
auth:ntlmssp: Use gnutls_error_to_ntstatus() in ntlmssp_server
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Jun 2019 13:16:31 +0000 (15:16 +0200)]
auth:ntlmssp: Use gnutls_error_to_ntstatus() in ntlmssp_client
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Jun 2019 13:14:42 +0000 (15:14 +0200)]
libcli:smb: Use gnutls_error_to_ntstatus() in smb_signing
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Jun 2019 13:11:30 +0000 (15:11 +0200)]
libcli:auth: Use gnutls_error_to_ntstatus() in credentials
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Jun 2019 12:44:10 +0000 (14:44 +0200)]
s3:smbd: Use gnutls_error_to_ntstatus() in smb2_sesssetup
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Jun 2019 12:35:25 +0000 (14:35 +0200)]
s3:smbd: Use gnutls_error_to_ntstatus() in smb2_server
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Jun 2019 10:18:01 +0000 (12:18 +0200)]
libcli:smb: Use gnutls_error_to_ntstatus() in smbXcli_base.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Jun 2019 10:13:50 +0000 (12:13 +0200)]
auth:gensec: Use gnutls_error_to_ntstatus() in schannel
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Jun 2019 10:10:38 +0000 (12:10 +0200)]
libcli:smb: Use gnutls_error_to_ntstatus() in smb2_signing_check_pdu()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Jun 2019 10:09:31 +0000 (12:09 +0200)]
libcli:smb: Use gnutls_error_to_ntstatus() in smb2_signing_sign_pdu()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Jun 2019 10:03:33 +0000 (12:03 +0200)]
libcli:smb: Return NSTATUS for smb2_signing_check_pdu()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Jun 2019 08:26:23 +0000 (10:26 +0200)]
s4:libcli: Use gnutls_error_to_ntstatus() or singing
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 22 May 2019 15:09:50 +0000 (17:09 +0200)]
libcli:util: Add gnutls_error
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 24 May 2019 16:36:48 +0000 (18:36 +0200)]
dnsp.idl: fix payload for DSPROPERTY_ZONE_DELETED_FROM_HOSTNAME
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13969
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 21 11:02:21 UTC 2019 on sn-devel-184
Stefan Metzmacher [Tue, 30 Apr 2019 12:21:22 +0000 (14:21 +0200)]
dnsp.idl: fix the dnsp_dns_addr_array definition
The endian changes are needed in order to get the following result
from the blobs Windows generated (see the torture test):
AddrArray: ARRAY(3)
AddrArray: struct dnsp_dns_addr
family : 0x0002 (2)
port : 0x0035 (53)
ipv4 : 172.31.99.33
ipv6 : 0000:0000:0000:0000:0000:0000:0000:0000
[MS-DNSP] states that the port is supposed to be ignored, but it's still
good to decode it as port '53' (0x0035) instead of '13568' (0x3500).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13969
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Stefan Metzmacher [Tue, 30 Apr 2019 08:07:51 +0000 (10:07 +0200)]
dnsp.idl: fix dnsp_ip4_array definition
In future we should use ipv4address, but that would result in a much
larger change.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13969
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Stefan Metzmacher [Fri, 24 May 2019 15:39:17 +0000 (17:39 +0200)]
s4:torture: add local.ndr.dnsp tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13969
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Gary Lockyer [Fri, 21 Jun 2019 02:32:08 +0000 (14:32 +1200)]
lib ldb key value: use TALLOC_FREE() per README.Coding
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 21 05:45:02 UTC 2019 on sn-devel-184
Gary Lockyer [Wed, 6 Mar 2019 02:28:45 +0000 (15:28 +1300)]
lib ldb key value: fix index buffering
As a performance enhancement the key value layer maintains a cache of
the index records, which is written to disk as part of a prepare commit.
This patch adds an extra cache at the operation layer to ensure that the
cached indexes remain consistent in the event of an operation failing.
Add test to test for index corruption in a failed modify.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Fri, 21 Jun 2019 02:52:24 +0000 (14:52 +1200)]
lib ldb key value: Remove check_parent from ldb_kv_index_idxptr()
The callers will soon have two possible parents for this pointer, so
we need to remove this check, which was added out of caution given
the rather strange pattern of putting an active memory pointer into a
TDB (as a hash map).
That is, the only callers that did call this with "true" would
have to call this with "false", so just remove the complexity.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Mon, 25 Mar 2019 23:42:32 +0000 (12:42 +1300)]
lib ldb ldb_key_value tests: Add tests for wrapped operations
Add test exercising the sub/nested transactions wrapping the key value
operations.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Wed, 6 Mar 2019 21:37:18 +0000 (10:37 +1300)]
lib ldb key value: add nested transaction support.
Use the nested transaction support added to the key value back ends to
make key value operations atomic. This will ensure that rename
operation failures, which delete the original record and add a new
record, leave the database in a consistent state.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Wed, 6 Mar 2019 21:18:00 +0000 (10:18 +1300)]
lib ldb key value backends: Add nested txn support
Add limited nested transaction support to the back ends to make the key value
operations atomic (for those back ends that support nested transactions).
Note: that only the lmdb backend currently supports nested transactions.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Wed, 6 Mar 2019 02:45:54 +0000 (15:45 +1300)]
lib ldb tests: remove deprecation warning from api.py
Remove the "DeprecationWarning: Please use assertEqual instead."
warnings from api.py
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Wed, 6 Mar 2019 02:32:08 +0000 (15:32 +1300)]
lib ldb tests: Test nested transactions
Add a test to document that ldb does not currently support nested
transactions.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 19 Jun 2019 17:11:41 +0000 (05:11 +1200)]
provision: Suggest "minimal-responses yes;" by default
This improves Samba AD DC performance as a DNS server dramatically, because NS records do not
need to be looked up and there is less risk the response will have to fall back
to TCP, doubling the cost again.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 21 00:52:19 UTC 2019 on sn-devel-184
Björn Jacke [Thu, 20 Jun 2019 10:27:46 +0000 (12:27 +0200)]
README: fix samba mailman list address
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Tue, 21 May 2019 01:56:12 +0000 (13:56 +1200)]
script/autobuild.py: make code more pythonic
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Thu, 23 May 2019 02:07:49 +0000 (14:07 +1200)]
script/autobuild.py: avoid nested try except block
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Thu, 23 May 2019 02:04:18 +0000 (14:04 +1200)]
script/autobuild.py: rm redundant empty str in options
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Wed, 22 May 2019 11:50:01 +0000 (23:50 +1200)]
script/autobuild.py: define cwd for builder and avoid chdir
We can pass cwd in Popen, no need to chdir for each cmd.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Wed, 22 May 2019 00:15:40 +0000 (12:15 +1200)]
script/autobuild.py: improve run_cmd with check_output
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Wed, 22 May 2019 11:29:56 +0000 (23:29 +1200)]
script/autobuild.py: add helper functions to simplify make test cmd
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Wed, 22 May 2019 10:34:57 +0000 (22:34 +1200)]
script/autobuild.py: replace random-sleep.sh with python function
The random-sleep.sh script is tricky, and there is no need to rely on another
script just for random sleep.
Using the python function, the random number generation will happen when
load autobuild.py other than execute cmd, but shouldn't affect the
result.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Wed, 22 May 2019 10:17:28 +0000 (22:17 +1200)]
script/autobuild.py: rm unused mime type text/plain in tasks
The mime type `text/plain` is repeated everywhere but not used any more.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joe Guo [Wed, 22 May 2019 10:11:28 +0000 (22:11 +1200)]
script/autobuild.py: fix tasks indent
Indent tasks at same level, make it easier to copy/move lines arround.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 17 Jun 2019 11:18:36 +0000 (13:18 +0200)]
gitlab-ci: Add Fedora 30
Fedora 30 ships with gcc9.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Hanselmann [Thu, 4 Apr 2019 00:26:13 +0000 (02:26 +0200)]
regfio: Return instead of assert for short blocks
Assertions should only be used when there's absolutely no recovery or to
verify data structure invariants. In this case the supplied registry
hive file may have a malformed block with a size of zero. Such a block
should not terminate the whole program.
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Thu, 20 Jun 2019 18:58:42 +0000 (20:58 +0200)]
smbd: Remove struct blocking_lock_record
Forgot that one in the last patches
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 20 23:39:34 UTC 2019 on sn-devel-184
Volker Lendecke [Thu, 20 Jun 2019 11:42:12 +0000 (13:42 +0200)]
vfs: Remove SMB_VFS_BRL_CANCEL_WINDOWS
This is not called anymore, bump the VFS version number in a separate
commit
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 20 18:34:20 UTC 2019 on sn-devel-184
Volker Lendecke [Thu, 20 Jun 2019 09:07:17 +0000 (11:07 +0200)]
smbd: Remove unused brlock code
No PENDING locks in brlock.tdb anymore.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 19 Jun 2019 20:00:25 +0000 (22:00 +0200)]
smbd: Cancel smbd_smb1_do_locks requests in reply_ntcancel
Last link to the specialized brlock queue
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 19 Jun 2019 14:08:49 +0000 (16:08 +0200)]
smbd: Add a clarifying comment on triggering waiters
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 19 Jun 2019 13:49:46 +0000 (15:49 +0200)]
smbd: Don't call cancel_pending_lock_requests_by_fid on close
We don't use that queue anymore
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 15 Jun 2019 22:23:50 +0000 (15:23 -0700)]
smbd: Base smb2_lock.c on tevent_req
smb2 locking is a lot more regular than reply_lockingX. So this is a
much smaller change.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 14 Jun 2019 22:17:12 +0000 (15:17 -0700)]
smbd: Use smbd_smb1_do_locks_send() in smb_set_posix_lock()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 13 Jun 2019 10:59:54 +0000 (03:59 -0700)]
smbd: Use smbd_smb1_do_locks_send() in reply_lockingX()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 13 Jun 2019 10:56:13 +0000 (03:56 -0700)]
smbd: Use smbd_smb1_do_locks_send() in reply_lock()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 13 Jun 2019 10:48:31 +0000 (03:48 -0700)]
smbd: Use smbd_smb1_do_locks_send() in reply_lockread()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 13 Jun 2019 10:46:01 +0000 (03:46 -0700)]
smbd: Remove SMB1 special case handling from brlock.c
This is now handled in smbd_smb1_do_locks_send/recv.
From here on for a few commits we won't survive make test.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 13 Jun 2019 10:58:02 +0000 (03:58 -0700)]
smbd: Ping dbwrap_watch on locking.tdb for in smbd_do_unlocking()
smbd_smb1_do_locks_send() watches the file's locking.tdb record for
changes, like the oplock code does. Unlocking a byte range thus must
trigger a retry.
With the share mode cache get_existing_share_mode_lock() is pretty
cheap. We have to write out the share mode record with the current
code, but an obvious optimization will be a share_mode_do_locked doing
all this without actually unmarshalling the locking.tdb entry. And --
there's precedence for this pattern in downgrade_lease()...
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 13 Jun 2019 10:38:57 +0000 (03:38 -0700)]
smbd: Add smbd_smb1_do_locks_send/recv()
This contains the SMB1-specific brlock logic. Right now our core
brlock code has specialized code to deal with pending locks. For
dealing with pending requests waiting for something nowadays we
recommend to use tevent_req. This code also provides the basis to
remove the SMB1 special case handling from the core logic, isolating
protocol features specific to SMB1 and not exposed in SMB2 in
SMB1-specific code.
The core brlock code will not see blocking locks anymore. Instead, the
code in this patch will always immediately fail and take care of the
retries and timeouts.
Retries are implemented by a dbwrap_watch_record_send on the
corresponding locking.tdb entry. A later commit will make unlocks
trigger wakeups there. I chose locking.tdb and not brlock itself to
simplify the implementation. We already have oplock break watchers on
locking.tdb, this will only add one more. This might lead to spurious
wakeups, but they are taken care of by careful retries. An advantage
of doing that is the implicit handling of a killed blocker PID through
dbwrap_watch, obsoleting brl_revalidate.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 27 May 2019 15:03:38 +0000 (17:03 +0200)]
smbd: Slightly simplify smbd_smb2_lock_send()
For unlocking we don't need the error mapping, do an early return
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 20 Jun 2019 10:20:39 +0000 (12:20 +0200)]
smbd: Return "blocker_pid" from do_lock()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 20 Jun 2019 10:42:23 +0000 (12:42 +0200)]
smbd: Add some paranoia against NULL dereference
Quite a few callers set "psmblctx" to NULL, and I could not really
follow 100% that brl_lock only assigns that in the blocking lock
case. Too many layers :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 20 Jun 2019 10:05:30 +0000 (12:05 +0200)]
smbd: Add "blocker_pid" to brl_lock()
Soon we will wait on a conflicting lock to become free via
dbwrap_watched_watch_send. That routine can take a server_id that
blocks us, watching it to go away. To use that, we need to know which
PID it is that blocks us.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 20 Jun 2019 08:46:21 +0000 (10:46 +0200)]
torture3: Test cancelling locking&x with ntcancel
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 19 Jun 2019 18:47:24 +0000 (20:47 +0200)]
libsmb: Make cli_lockingx cancellable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 19 Jun 2019 15:50:54 +0000 (17:50 +0200)]
torture3: Run a blocking lock&x call with a subsequent read
Samba aborts the read&x after a blocked, but eventually successful
locking&x call. Both Windows and source4/ntvfs do the read properly,
source3/smbd does not. With later code, this will become possible much
easier. Lets see if it's worth it given that we've got away with this
forever.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 15 Jun 2019 04:55:09 +0000 (21:55 -0700)]
torture3: Test blocking posix locks
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 3 Jun 2019 09:00:25 +0000 (11:00 +0200)]
torture3: Test LOCKINGX_CANCEL without locks
Tested against W2012R2
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 30 May 2019 08:38:41 +0000 (10:38 +0200)]
torture3: Add a test to block a locking&read
Right now we fail this with smbd, we return LOCK_NOT_GRANTED instead
of FILE_LOCK_CONFLICT. This will change with later commits.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 14 Jun 2019 12:34:08 +0000 (05:34 -0700)]
smbd: Use smbd_do_unlocking() in reply_unlock()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 14 Jun 2019 11:48:58 +0000 (04:48 -0700)]
smbd: Use smbd_do_unlocking() in reply_writeunlock()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 14 Jun 2019 11:45:05 +0000 (04:45 -0700)]
smbd: Use smbd_do_unlocking() in smb_set_posix_lock()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 14 Jun 2019 11:39:04 +0000 (04:39 -0700)]
smbd: Add "lock_flav" to smbd_do_unlocking()
The next commits will pass all direct "do_unlock" calls through
smbd_do_unlocking(). Why? Unlocking will later on require that we take
the share mode lock for the file in question while the unlock is
happening, and this should be in one central place.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 13 Jun 2019 19:19:35 +0000 (12:19 -0700)]
smbd: Simplify smb_set_posix_lock()
Instead of reading twice from pdata, use a switch statement
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 13 Jun 2019 19:12:59 +0000 (12:12 -0700)]
smbd: Avoid casts in smb_set_posix_lock()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 14 Jun 2019 12:33:03 +0000 (05:33 -0700)]
smbd: Use NT_STATUS_IS_OK() in reply_unlock()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 14 Jun 2019 12:00:35 +0000 (05:00 -0700)]
smbd: Avoid casts in reply_unlock()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 19 Jun 2019 09:45:30 +0000 (11:45 +0200)]
lib: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 14 Jun 2019 17:08:57 +0000 (10:08 -0700)]
smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 12 Jun 2019 09:19:32 +0000 (02:19 -0700)]
tevent: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 19 Jun 2019 19:15:38 +0000 (21:15 +0200)]
smbd: Only remove locks by mid if necessary
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Björn Baumbach [Wed, 19 Jun 2019 20:35:43 +0000 (22:35 +0200)]
docs: fix typo in "ntlm auth" doc in smb.conf man page
Thanks to Amit Kumar <amitkuma@redhat.com>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13784
Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Thu Jun 20 17:14:50 UTC 2019 on sn-devel-184
Björn Baumbach [Wed, 19 Jun 2019 10:22:01 +0000 (12:22 +0200)]
docs: add documentation for the samba-tool ntacl changedomsid command
Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Douglas Bagnall [Fri, 17 May 2019 02:42:24 +0000 (14:42 +1200)]
CVE-2019-12436 dsdb/paged_results: ignore successful results without messages
So that we don't dereference result->msgs[0] when it doesn't exist.
This can happen when the object has changed in such a way that it no
longer matches the original search query.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13951
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Wed Jun 19 08:16:39 UTC 2019 on sn-devel-184
Douglas Bagnall [Wed, 22 May 2019 01:23:25 +0000 (13:23 +1200)]
CVE-2019-12435 rpc/dns: avoid NULL deference if zone not found in DnssrvOperation2
We still want to return DOES_NOT_EXIST when request_filter is not 0.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13922
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 22 May 2019 00:58:01 +0000 (12:58 +1200)]
CVE-2019-12435 rpc/dns: avoid NULL deference if zone not found in DnssrvOperation
We still want to return DOES_NOT_EXIST when request_filter is not 0.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13922
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 18 Jun 2019 12:43:50 +0000 (14:43 +0200)]
s3:client: Link smbspool_krb5_wrapper against krb5samba
Heimdal doesn't provide krb5_free_unparsed_name(), so we need to use the
function we provide in krb5samba.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13939
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 18 18:10:40 UTC 2019 on sn-devel-184
Lukas Slebodnik [Wed, 12 Jun 2019 10:27:04 +0000 (12:27 +0200)]
wafsamba: Use native waf timer
__main__:1: DeprecationWarning: time.clock has been deprecated in Python 3.3
and will be removed from Python 3.8: use time.perf_counter
or time.process_time instead
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13998
Signed-off-by: Lukas Slebodnik <lslebodn@fedoraproject.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Björn Baumbach [Wed, 12 Jun 2019 19:02:43 +0000 (21:02 +0200)]
selftest: add tests for samba-tool ntacl changedomsid
Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Tue Jun 18 16:54:22 UTC 2019 on sn-devel-184
Björn Baumbach [Tue, 11 Jun 2019 13:11:20 +0000 (15:11 +0200)]
samba-tool: add ntacl changedomsid command
This tool is meant to locally change all entries in acl_xattr when the
machine's SID has accidentially changed or the data set has been copied
to another box either via backup/restore or rsync.
Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Mon, 17 Jun 2019 12:20:56 +0000 (14:20 +0200)]
samba-tool ntacl: consolidate code for getting the local domain sid
Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Wed, 12 Jun 2019 19:16:25 +0000 (21:16 +0200)]
python/ntacls: use correct "state directory" smb.conf option instead of "state dir"
samba-tool ntacl get testfile --xattr-backend=tdb --use-ntvfs
Fixes: Unknown parameter encountered: "state dir"
Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Wed, 12 Jun 2019 19:00:01 +0000 (21:00 +0200)]
selftest: add test for samba-tool ntacl get/set --use-ntvfs --xattr-backend=tdb
Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 13 Jun 2019 19:21:09 +0000 (12:21 -0700)]
smbd: Deprecate "blocking locks" parameter
This parameter adds complexity to our brlock implementation that I don't think
is justified. Not a lot of complexity, but if we would want to really support
it we'd need tests. Instead of doing those, I think removing the parameter is
the better choice.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 18 14:47:08 UTC 2019 on sn-devel-184
Volker Lendecke [Tue, 11 Jun 2019 12:04:39 +0000 (05:04 -0700)]
smbd: Slightly simplify smb_set_posix_lock()
Avoid indentation by an early return;
Best viewed with git show -b
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Mon, 3 Jun 2019 11:41:30 +0000 (13:41 +0200)]
smbd: Add a explanation for num_aio_requests
We could have used talloc_array_length()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Mon, 3 Jun 2019 09:16:33 +0000 (11:16 +0200)]
smbd: Align integer types in reply_lockingX
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Mon, 3 Jun 2019 19:31:26 +0000 (21:31 +0200)]
smbd: Avoid casts
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Sun, 2 Jun 2019 10:50:50 +0000 (12:50 +0200)]
smbtorture: Match comment with test
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Sat, 1 Jun 2019 12:46:55 +0000 (14:46 +0200)]
smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Mon, 3 Jun 2019 09:34:51 +0000 (11:34 +0200)]
smbd: smbd_do_locking() does not use the "type" param anymore
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Fri, 31 May 2019 10:19:25 +0000 (12:19 +0200)]
smbd: Simplify smbd_do_locking()
LOCKING_ANDX_CANCEL_LOCK only is used in SMB1. Move its handling out
of the shared smb1/smb2 code.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 30 May 2019 09:42:16 +0000 (11:42 +0200)]
smbd: Slightly simplify reply_lockingX()
Make the data dependencies more obvious. "locks" and "ulocks" are used
only for short time spans. Any sane compiler will coalesce them to
just one stack variable.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 30 May 2019 09:39:10 +0000 (11:39 +0200)]
smbd: Slightly simplify reply_lockingX()
The brltype only depends upon the central locktype, don't calculate it
every time in the loop parsing the lock requests
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 30 May 2019 09:31:56 +0000 (11:31 +0200)]
smbd: Slightly simplify reply_lockingX()
Don't do an "else" after an early return
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 30 May 2019 07:52:22 +0000 (09:52 +0200)]
libsmb: Use cli_lockingx() in cli_unlock()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 30 May 2019 07:42:36 +0000 (09:42 +0200)]
libsmb: Use cli_lockingx() in cli_locktype()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>