Stefan Metzmacher [Fri, 9 Jun 2017 10:30:33 +0000 (12:30 +0200)]
s3:smb2_create: avoid reusing the 'tevent_req' within smbd_smb2_create_send()
As the caller ("smbd_smb2_request_process_create()") already sets the callback,
the first time, it's not safe to reuse the tevent_req structure.
The typical 'tevent_req_nterror(); return tevent_req_post()' will
crash as the tevent_req_nterror() already triggered the former callback,
which calls smbd_smb2_create_recv(), were tevent_req_received() invalidates
the tevent_req structure, so that tevent_req_post() will crash.
We just remember the required values from the old state
and move them to the new state.
We tried to write reproducers for this, but sadly weren't able to trigger
the backtrace we had from a create a customer (using recent code)
with commit
6beba782f1bf951236813e0b46115b8102212c03
included. And this patch fixed the situation for the
customer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12832
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
02146ea5ee729de0e49ecf617e6983f4e61fbe59)
Stefan Metzmacher [Fri, 12 May 2017 07:10:19 +0000 (09:10 +0200)]
auth/spnego: fix gensec_update_ev() argument order for the SPNEGO_FALLBACK case
This went unnoticed so long as we don't use -Wc++-compat
and gensec_update_ev() used the sync update() hook for all
NTLMSSP and Kerberos.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12788
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
31691963b3d9ac460df0c56d36f81ec815db0225)
Stefan Metzmacher [Fri, 5 May 2017 16:49:37 +0000 (18:49 +0200)]
s3:smbd: unimplement FSCTL_VALIDATE_NEGOTIATE_INFO with "server max protocol = SMB2_02"
A client that supports SMB3 will do a signed FSCTL_VALIDATE_NEGOTIATE_INFO
after a tree connect. This FSCTL_VALIDATE_NEGOTIATE_INFO call contains
the client capabilities, client guid, security mode and the array of supported
dialects. But if SMB 2.02 is negotiated the doesn't send these values to the
server in the first connection attempt (when the client starts with a SMB1 Negotiate).
Windows servers that only support SMB2 just return NT_STATUS_FILE_CLOSED
as answer to FSCTL_VALIDATE_NEGOTIATE_INFO.
We should do the same if we just pretend to support SMB 2.02,
as SMB 2.10 always include an SMB2 Negotiate request we can leave it as is.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12772
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
295c9f7b322e6377d0df1b49cb26597d66e80eda)
Stefan Metzmacher [Tue, 25 Apr 2017 11:25:10 +0000 (13:25 +0200)]
samba-tool: fix log message of 'samba-tool user syncpasswords'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12768
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri May 5 01:37:45 CEST 2017 on sn-devel-144
(cherry picked from commit
4c17850ae7b6c85e99e5d4d5bc5d8e89a9ba6d47)
Andreas Schneider [Mon, 26 Jun 2017 21:18:30 +0000 (23:18 +0200)]
s3:tests: Do not delete the contets of LOCAL_PATH with tarmode test
The test_smbclient_tarmode.pl test operates on $LOCAL_PATH by default
and removes everything. So it deletes all precreated files and
directories which the setup_fileserver() function initially set up.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12867
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
4f5cfe2713294462b9dc68afbec2ea2c72230885)
Stefan Metzmacher [Sat, 24 Jun 2017 11:16:03 +0000 (13:16 +0200)]
auth/ntlmssp: enforce NTLMSSP_NEGOTIATE_NTLM2 for the NTLMv2 client case
Some servers may not announce the NTLMSSP_NEGOTIATE_NTLM2
(a.k.a. NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) bit.
But if we're acting as a client using NTLMv2 we need to
enforce this flag, because it's not really a negotiationable
in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12862
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
8ee4f8236830eb3fa1b273fa6927792a800f86bd)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Wed Jun 28 15:19:53 CEST 2017 on sn-devel-144
Daniel Kobras [Fri, 23 Jun 2017 13:39:21 +0000 (15:39 +0200)]
s3: smbd: fix regression with non-wide symlinks to directories over SMB3.
The errno returned by open() is ambiguous when called with flags O_NOFOLLOW and
O_DIRECTORY on a symlink. With ELOOP, we know for certain that we've tried to
open a symlink. With ENOTDIR, we might have hit a symlink, and need to perform
further checks to be sure. Adjust non_widelink_open() accordingly. This fixes
a regression where symlinks to directories within the same share were no
longer followed for some call paths on systems returning ENOTDIR in the above
case.
Also remove the knownfail added in previous commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12860
Signed-off-by: Daniel Kobras <d.kobras@science-computing.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
acc16592b451905dabc093f1d261e93cd3b59520)
Jeremy Allison [Fri, 23 Jun 2017 18:12:22 +0000 (11:12 -0700)]
s3: smbd: Add regression test for non-wide symlinks to directories fail over SMB3.
Mark as knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12860
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
f1f388ef80a6516c2f44b7778420f8ffe28c6471)
Bernhard M. Wiedemann via samba-technical [Mon, 26 Jun 2017 07:46:18 +0000 (09:46 +0200)]
docs-xml: Sort input file list
because filesystems return entries in undeterministic order
and that ends up in index.xml and influences index.html
preventing reproducible builds of samba packages (e.g. for openSUSE)
See https://reproducible-builds.org/ for why this matters
Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Jun 27 16:56:06 CEST 2017 on sn-devel-144
(cherry picked from commit
eedebe2ef1b6ff92975289b6076f236650744621)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12854
Jeremy Allison [Tue, 13 Jun 2017 23:56:48 +0000 (16:56 -0700)]
s3: libsmb: Correctly save and restore connection tcon in smbclient, smbcacls and smbtorture3.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
bd31d538a26bb21cbb53986a6105204da4392e2d)
Jeremy Allison [Tue, 13 Jun 2017 23:37:39 +0000 (16:37 -0700)]
s3: libsmb: Correctly do lifecycle management on cli->smb1.tcon and cli->smb2.tcon.
Treat them identically. Create them on demand after for a tcon call,
and delete them on a tdis call.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
50f50256aa8805921c42d0f9f2f8f89d06d9bd93)
Jeremy Allison [Tue, 13 Jun 2017 23:36:54 +0000 (16:36 -0700)]
s3: libsmb: Fix cli_state_has_tcon() to cope with SMB2 connections.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
c9178ed9cc69b9089292db28ac1a0b7a0519bc2c)
Jeremy Allison [Tue, 13 Jun 2017 23:26:00 +0000 (16:26 -0700)]
s3: libsmb: Widen cli_state_get_tid() / cli_state_set_tid() to 32-bits.
Copes with SMB2 connections.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
93fa0c8660e47cb2605d70dac1156576ab719d64)
Jeremy Allison [Tue, 13 Jun 2017 23:25:25 +0000 (16:25 -0700)]
s3: smbtorture: Show correct use of cli_state_save_tcon() / cli_state_restore_tcon().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
5c0efc9a5ef8ddf96dc394110063bebd5f057415)
Jeremy Allison [Tue, 13 Jun 2017 23:15:00 +0000 (16:15 -0700)]
s3: libsmb: Add cli_state_save_tcon() / cli_state_restore_tcon().
Save and restore tcon pointers in smb1 or smb2 structs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
39026f1c5dbb83120b70b3d9131138a9c2344ba6)
Jeremy Allison [Tue, 13 Jun 2017 23:08:22 +0000 (16:08 -0700)]
libcli: smb: Add smb2cli_tcon_set_id().
Will be used in test and client code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
e726b60226105d0f52a66dac47bfc5797cfc18e7)
Jeremy Allison [Tue, 13 Jun 2017 23:06:22 +0000 (16:06 -0700)]
libcli: smb: Add smbXcli_tcon_copy().
Makes a deep copy of a struct smbXcli_tcon *, will
be used later.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit
655e10685840fd5ebfde24396853b74020a1dc85)
Jeremy Allison [Tue, 20 Jun 2017 18:20:38 +0000 (11:20 -0700)]
s3: smbd: When deleting an fsp pointer ensure we don't keep any references to it around.
Based on a suggestion from <lev@zadarastorage.com>
https://bugzilla.samba.org/show_bug.cgi?id=12818
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 22 00:12:49 CEST 2017 on sn-devel-144
Amitay Isaacs [Thu, 22 Jun 2017 06:15:47 +0000 (16:15 +1000)]
ctdb-recovery: Do not run local ip verification when in recovery
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12857
If we drop public IPs because CTDB is in recovery for too long, then
avoid spamming logs "Trigger takeoverrun" every second.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
ea46699b27ef8d4ac7b5dd07035465cb3df09ea4)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Mon Jun 26 16:51:56 CEST 2017 on sn-devel-144
Amitay Isaacs [Thu, 22 Jun 2017 07:45:20 +0000 (17:45 +1000)]
ctdb-recovery: Get recmode unconditionally in the main_loop
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12857
This can be used later in the main_loop to avoid the local ip check.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
2fd2ccd4c8617cfa7374d7a5ee3d1cc61c4fa4ad)
Amitay Isaacs [Thu, 22 Jun 2017 04:09:32 +0000 (14:09 +1000)]
ctdb-recovery: Finish processing for recovery mode ACTIVE first
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12857
This simplifies the code and avoids complicated conditions.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
f8200153b21f5b19c9a1d57be3e05e739d9fafcd)
Amitay Isaacs [Thu, 22 Jun 2017 04:52:32 +0000 (14:52 +1000)]
ctdb-recovery: Simplify logging of recovery mode setting
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12857
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
d74dadd7f26a9e8c48ba92468d7d0c4a7aa5a8e5)
Amitay Isaacs [Thu, 22 Jun 2017 04:49:02 +0000 (14:49 +1000)]
ctdb-recovery: Setting up of recmode should be idempotent
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12857
If the recovery mode is already set to the expected value, there is
nothing to do.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
f2771fcbf438e8b06321752c7203f01bbe33b573)
Amitay Isaacs [Thu, 22 Jun 2017 04:00:13 +0000 (14:00 +1000)]
ctdb-recovery: Assign banning credits if database fails to freeze
https://bugzilla.samba.org/show_bug.cgi?id=12857
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
c9d9f56bffe1e19665dba8e0cf899399d3d9fb72)
Amitay Isaacs [Thu, 22 Jun 2017 04:34:36 +0000 (14:34 +1000)]
ctdb-scripts: Don't send empty argument string to logger
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12856
This stops logger reading from stdin.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Sat Jun 24 14:37:48 CEST 2017 on sn-devel-144
(cherry picked from commit
2fa069e870c0e6f1daa2a08be5aacac7b1063a5e)
Richard Sharpe [Tue, 20 Jun 2017 19:40:39 +0000 (12:40 -0700)]
Bug 15852. There are valid paths where conn->lsa_pipe_tcp->transport is NULL. Protect against this.
Based on a suggestion from Metze.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12852
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 22 23:16:46 CEST 2017 on sn-devel-144
(cherry picked from commit
03042b85c8140842633b36f3124e504b97b852a1)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Fri Jun 23 17:29:50 CEST 2017 on sn-devel-144
Andreas Schneider [Mon, 19 Jun 2017 13:52:23 +0000 (15:52 +0200)]
s3:tests: Add test for smbclient -UDOMAIN+username
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12849
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 20 14:48:33 CEST 2017 on sn-devel-144
(cherry picked from commit
e60aeb6f56a26019788442247361ed516bf965af)
Andreas Schneider [Mon, 19 Jun 2017 12:50:33 +0000 (14:50 +0200)]
s3:popt_common: Reparse the username in popt_common_credentials_post()
When we parse the username in the options handling, the smb.conf file
has not been loaded yet. So we are not aware of a 'winbind separator'
set in the config file.
We need to read and set the username again in the post-processing of the
credentials.
https://bugzilla.samba.org/show_bug.cgi?id=12849
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
0caf40ec0196de0de016fda0d4aff0734d498d2b)
Stefan Metzmacher [Thu, 15 Jun 2017 21:01:18 +0000 (23:01 +0200)]
s3:smb2_sesssetup: allow a compound request after a SessionSetup
This is not a full fix yet as we don't allow compound requests
after going async.
With SMB 3.11 requiring signed TreeConnect requests it's pointless
to try to compound requests after a SessionSetup.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12845
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 17 10:55:25 CEST 2017 on sn-devel-144
(cherry picked from commit
bb5c394fde03dc8230d5089a66fea1a2541952f5)
Stefan Metzmacher [Thu, 15 Jun 2017 21:01:18 +0000 (23:01 +0200)]
s3:smb2_tcon: allow a compound request after a TreeConnect
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12844
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
f8974bcdbf8abe3803340dcd20206ff4de9d5079)
Stefan Metzmacher [Wed, 15 Mar 2017 17:04:44 +0000 (17:04 +0000)]
s3:libsmb: add cli_state_update_after_sesssetup() helper function
This function updates cli->server_{os,type,domain} to valid values
after a session setup.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12779
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
e0069bd2a4820eca17c59d91bd1853f2f053a7a3)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Mon Jun 19 15:15:47 CEST 2017 on sn-devel-144
Stefan Metzmacher [Wed, 15 Mar 2017 17:04:30 +0000 (17:04 +0000)]
libcli/smb: Fix alignment problems of smb_bytes_pull_str()
This function needs to get the whole smb buffer in order to get
the alignment for unicode correct.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12824
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
e60e77a8afd095bfdb3d678aa48570ca159d9b24)
Andreas Schneider [Tue, 30 May 2017 14:30:33 +0000 (16:30 +0200)]
libcli:smb2: Gracefully handle not supported for FSCTL_VALIDATE_NEGOTIATE_INFO
If FSCTL_VALIDATE_NEGOTIATE_INFO is not implemented, e.g. in a SMB2 only
server then gracefully handle NT_STATUS_NOT_SUPPORTED too.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12808
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jun 15 17:32:45 CEST 2017 on sn-devel-144
(cherry picked from commit
a4d9438ecf92614a0915b9cf61f905ea8170043a)
Martin Schwenke [Fri, 9 Jun 2017 00:57:28 +0000 (10:57 +1000)]
ctdb-tests: Add more NFS eventscript tests for call-out failures
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12837
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
323291a46e26e0493d43052550e57e2989b83b97)
Martin Schwenke [Thu, 8 Jun 2017 04:45:43 +0000 (14:45 +1000)]
ctdb-scripts: NFS call-out failures should cause event failure
Failures in startup/shutdown/releaseip/takeip are currently
incorrectly ignored.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12837
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
22f2068d456759612d340fdcc56276f39a710426)
David Mulder via samba-technical [Wed, 7 Jun 2017 12:43:07 +0000 (06:43 -0600)]
messaging: fix net command failure due to unhandled return code
messaging_init_internal() blanket returned NT_STATUS_INTERNAL_ERROR
instead of correctly changing the return code to an NTSTATUS code. Also
return more appropriate mem error.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12828
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Jun 8 08:04:05 CEST 2017 on sn-devel-144
(cherry picked from commit
08a21f3539fef76a22189b1751fd2a081937a057)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Mon Jun 12 12:59:41 CEST 2017 on sn-devel-144
Douglas Bagnall [Thu, 9 Feb 2017 00:02:52 +0000 (13:02 +1300)]
shadow_copy_get_shadow_copy_data: fix GCC snprintf warning
GCC 7 warns about snprintf truncating a dirent d_name (potentially 255 bytes) to 25 bytes,
even though we have checked that it is 25 long in shadow_copy_match_name().
Using strlcpy instead of snprintf lets us check it again, JUST TO BE SURE.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
a091a30a5bd50bc02df3e9c01b11f70c94dbd053)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Thu Jun 8 17:04:34 CEST 2017 on sn-devel-144
Douglas Bagnall [Sat, 25 Feb 2017 00:38:17 +0000 (13:38 +1300)]
ndr tests: silence a harmless warning
gcc 7.
"duplicate ‘const’ declaration specifier [-Wduplicate-decl-specifier]"
Signed-off-by: Douglas Bagnall <douglas@halo.gen.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
f1b2d356585d43f2bac24d5c32cbef4a90c43f36)
Andreas Schneider [Thu, 1 Jun 2017 12:28:08 +0000 (14:28 +0200)]
s4:torture: Fix comparison between pointer and zero character constant
Fixes building with GCC 7.1
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12827
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
1f4b07e5942235bddcfa999b3575f719752d81c4)
Andreas Schneider [Thu, 1 Jun 2017 12:24:42 +0000 (14:24 +0200)]
waf: Do not trhow a format-truncation error for test/snprintf.c
This fixes building with GCC 7.1
Error:
../lib/replace/test/testsuite.c:355:6: error: ‘%d’ directive output
truncated writing 1 byte into a region of size 0
[-Werror=format-truncation=]
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12827
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
1670d00be88108a483f04c9763012504499b99e4)
Andreas Schneider [Thu, 1 Jun 2017 12:16:56 +0000 (14:16 +0200)]
replace: Use the same size as d_name member of struct dirent
This fixes an error with GCC 7.1
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12827
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
94e21c139f9b0c1d28ee85fdcb9b7490cc64e27b)
Karolin Seeger [Fri, 2 Jun 2017 09:39:07 +0000 (11:39 +0200)]
VERSION: Bump version up to 4.6.6...
and re-enable GIT_SNAPSHOTS.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Fri, 2 Jun 2017 09:38:19 +0000 (11:38 +0200)]
VERSION: Disable GIT_SNAPSHOTS for the 4.6.5 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Fri, 2 Jun 2017 09:37:07 +0000 (11:37 +0200)]
WHATSNEW: Add release notes for Samba 4.6.5.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Martin Schwenke [Thu, 1 Jun 2017 04:37:40 +0000 (14:37 +1000)]
ctdb-common: Fix crash in logging initialisation
Setting CTDB_LOGGING to syslog:nonblocking or syslog:udp will cause
ctdbd to crash at startup due to NULL pointer dereference.
Refactoring in commit
c9124a001f5abf7bb577a8f5341da4cc7411ed22
introduced this regression.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12814
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Jun 1 15:26:19 CEST 2017 on sn-devel-144
(cherry picked from commit
c47e6b140d0c7cc15a93782957090625a832ba59)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Fri Jun 2 14:06:37 CEST 2017 on sn-devel-144
Andreas Schneider [Tue, 21 Mar 2017 14:45:34 +0000 (15:45 +0100)]
s3:smbd: Set up local and remote address for fake connection
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12687
Pair-Programmed-With: Ralph Boehme <slow@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
e530e43d67436881fd039877f956f0ad9b562af9)
Andreas Schneider [Tue, 21 Mar 2017 14:32:37 +0000 (15:32 +0100)]
s3:smbd: Pass down remote and local address to get_referred_path()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12687
Pair-Programmed-With: Ralph Boehme <slow@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
cbf67123e037207662ec0d4e53c55990e21b157e)
Ralph Boehme [Fri, 26 May 2017 13:35:54 +0000 (15:35 +0200)]
s4/torture: test for bug 12798
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12798
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
bd43939ec07a2fc6858d1265fc75a68a7cd96f58)
Ralph Boehme [Fri, 26 May 2017 09:57:08 +0000 (11:57 +0200)]
s3/smbd: fix exclusive lease optimisation
We need to expect any amount of "stat" opens on the file without
triggering an assert.
This is the correct fix for bug #11844. I guess we haven't seens this
very often before bug #12766 got fixed, because most clients were using
LEASES instead of OPLOCKS.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12798
See also:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11844
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12766
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
19b938e1fa9822ac417a3b3a34519087470d7a18)
Ralph Boehme [Fri, 26 May 2017 09:35:52 +0000 (11:35 +0200)]
s3/locking: make find_share_mode_entry public
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12798
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
9d7739e819d5699209b5eacad4a0e2a8b8da0a86)
Jeremy Allison [Wed, 24 May 2017 18:45:35 +0000 (11:45 -0700)]
s3: VFS: Catia: Ensure path name is also converted.
https://bugzilla.samba.org/show_bug.cgi?id=12804
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
fda1e701af804db81dcb3844921e9a327563bc5c)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Tue May 30 16:36:35 CEST 2017 on sn-devel-144
Martin Schwenke [Wed, 24 May 2017 10:21:55 +0000 (20:21 +1000)]
ctdb-tests: Add some extra tests for "ctdb nodestatus"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12802
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri May 26 05:24:34 CEST 2017 on sn-devel-144
(cherry picked from commit
ade535371b86294c12ca3f7eb98d8ef7ecd29caa)
Martin Schwenke [Wed, 24 May 2017 10:27:58 +0000 (20:27 +1000)]
ctdb-tools: "ctdb nodestatus" should only display header for "all"
The "Number of nodes:" header should only be displayed when "all" is
specified. This is how the command behaved in Samba <= 4.4.
Printing the number of nodes is not helpful and is rather confusing in
the default case where only the status of the current node is printed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12802
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
1d10c8e9e637619b754b4a273d3c714fbca7d503)
Martin Schwenke [Wed, 24 May 2017 10:24:54 +0000 (20:24 +1000)]
ctdb-tools: Stop "ctdb nodestatus" from always showing all nodes
Exit code should only reflect current or specified nodes too.
Drop an unwanted call to get_nodemap() that overwrites the previously
calculated node map.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12802
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
a600d467e2842ab05e429c5a67be5b222ddd1c12)
Amitay Isaacs [Thu, 18 May 2017 01:50:09 +0000 (11:50 +1000)]
ctdb-readonly: Avoid a tight loop waiting for revoke to complete
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12697
During revoking readonly delegations, if one of the nodes disappears,
then there is no point re-trying revoking readonly delegation immedately.
The database needs to be recovered before the revoke operation can
succeed.
However, if the revoke is successful, then all the write requests need
to be processed immediately before the read-only requests. This avoids
starving write requests, in case there are read-only requests coming
from other nodes.
In deferred_call_destructor, the result of revoke is not available and
deferred calls cannot be correctly ordered. To correctly order the
deferred calls, process them in revokechild_destructor where the result
of revoke is known.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
f5f05a644dadc0b1858c99c5f1f5af1ef80f3a28)
Amitay Isaacs [Thu, 18 May 2017 00:15:01 +0000 (10:15 +1000)]
Revert "ctdb-readonly: Avoid a tight loop waiting for revoke to complete"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12697
This reverts commit
ad758cb869ac83534993caa212abc9fe9905ec68.
This is an incomplete fix and introduces a regression.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
a50b25d0ebbe731a766f8d2ce1924b34d6041668)
Karolin Seeger [Tue, 30 May 2017 09:59:40 +0000 (11:59 +0200)]
VERSION: Bump version up to 4.6.5.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 30 May 2017 09:57:49 +0000 (11:57 +0200)]
Merge tag 'samba-4.6.4' into v4-6-test
samba: tag release samba-4.6.4
Karolin Seeger [Fri, 19 May 2017 10:13:57 +0000 (12:13 +0200)]
VERSION: Disable GIT_SNAPSHOTS for the 4.6.4 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Fri, 19 May 2017 10:13:03 +0000 (12:13 +0200)]
WHATSNEW: Add release notes for Samba 4.6.4.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Jeremy Allison [Tue, 16 May 2017 23:12:19 +0000 (16:12 -0700)]
s3: smbd: Fix open_files.idl to correctly ignore share_mode_lease *lease in share_mode_entry.
This is currently marked 'skip', which means it isn't stored in the
db, but printed out in ndr dump. However, this pointer can be invalid
if the lease_idx is set to 0xFFFFFFFF (invalid).
This is fixed up inside parse_share_modes(), but not until after
ndr_pull_share_mode_data() is called. If lease_idx == 0xFFFFFFFF
then ndr_print_share_mode_lease() prints an invalid value and
crashes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12793
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 18 03:01:40 CEST 2017 on sn-devel-144
(cherry picked from commit
b691f6d32f79ef8427f567612243dd51ea8d5584)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Fri May 19 13:33:08 CEST 2017 on sn-devel-144
Volker Lendecke [Mon, 8 May 2017 19:40:40 +0000 (21:40 +0200)]
CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Fri, 21 Apr 2017 09:13:49 +0000 (11:13 +0200)]
VERSION: Bump version up to 4.6.4...
and re-enable GIT_SNAPSHOTS.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit
9602cd0b5373aacc22c262b04b828b93cadf6df5)
Amitay Isaacs [Thu, 20 Apr 2017 04:34:54 +0000 (14:34 +1000)]
ctdb-tests: Use tighter pattern for matching expected output
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12792
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon May 15 08:08:10 CEST 2017 on sn-devel-144
(cherry picked from commit
9b5078919796da8dd7893e0a4f716dc1f1991de5)
Amitay Isaacs [Tue, 7 Mar 2017 05:52:26 +0000 (16:52 +1100)]
ctdb-tests: Explicitly search for the specific log entry
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12792
... instead of expecting the last line to be the matching log entry.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
3db572832e9b99ea5b6d531d3b7331b8c0131fd6)
Amitay Isaacs [Fri, 5 May 2017 16:08:50 +0000 (02:08 +1000)]
ctdb-logging: Initialize DEBUGLEVEL before changing the value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12770
DEBUGLEVEL is defined as a const array reference at compile time.
debug_init() converts that to an allocated array reference at run time.
Since debug_init() is a static function, initialize DEBUGLEVEL via
setup_logging().
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon May 8 00:12:25 CEST 2017 on sn-devel-144
(cherry picked from commit
af09a733e953072707cde7df0126652e646970f6)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Tue May 16 13:25:31 CEST 2017 on sn-devel-144
Christian Ambach [Thu, 4 May 2017 10:21:45 +0000 (12:21 +0200)]
s3:smbcacls add prompt for password
if no password was given, ask for one
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12765
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Thu May 4 20:36:50 CEST 2017 on sn-devel-144
(cherry picked from commit
770edb6aab2a1c2cbd85b975511b33b5fc580f13)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Fri May 12 12:57:38 CEST 2017 on sn-devel-144
Volker Lendecke [Thu, 6 Apr 2017 10:50:08 +0000 (12:50 +0200)]
idmap_rfc2307: Test unix-ids-to-sids with 35 groups
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
ee3b17ba4674a17a411c9ec4271e087c8cd7dad1)
Volker Lendecke [Tue, 4 Apr 2017 15:15:10 +0000 (17:15 +0200)]
selftest: Avoid idmap caching when testing idmap_rfc2307
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
da7481f835ddc1fab16d11ccbaf7f33c213af23a)
Volker Lendecke [Fri, 31 Mar 2017 15:23:39 +0000 (15:23 +0000)]
idmap_rfc2307: "ldap_next_entry" needs the previous entry, not the start
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
803ea2d2b7820939d03f7eb381c3cf719a00ff4a)
Volker Lendecke [Fri, 31 Mar 2017 15:20:07 +0000 (15:20 +0000)]
idmap_rfc2307: Don't stop after 30 entries
We start over again and again, so we need to search in the whole list.
This is a quick hack generating a bad O(n^2). The real fix is to
call idmap_rfc2307_find_map with "maps" starting at the right offset,
but that's an optimization for later when it's restructured
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
c0f12170e8b9fb3ab75f53bba637c72f6465192e)
Volker Lendecke [Tue, 4 Apr 2017 13:28:36 +0000 (15:28 +0200)]
test_idmap_rfc2307: Test wbinfo -r for 35 supplementary group memberships
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
e663357b4d7d5cb0c4d8a0ebc97cfcb58429b894)
Volker Lendecke [Tue, 4 Apr 2017 13:12:02 +0000 (15:12 +0200)]
test_idmap_rfc2307: Do a recursive delete in ou=idmap
We'll create more posix objects soon
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
1f5097e3fbf9931c830880637622bb0b05863466)
Volker Lendecke [Tue, 4 Apr 2017 12:59:45 +0000 (14:59 +0200)]
test_idmap_rfc2307: Correct usage
We already have 13 args at this point, and growing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
f34ff621edbfd8b7c99cdadec166a80ae9c5646c)
Volker Lendecke [Tue, 4 Apr 2017 12:15:26 +0000 (14:15 +0200)]
test_idmap_rfc2307: Avoid a tmpfile
We can << directly into ldbadd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
1893bb9bc48d9251820a185c95c65562f2878074)
Volker Lendecke [Tue, 4 Apr 2017 12:15:26 +0000 (14:15 +0200)]
test_idmap_rfc2307: Remove the correct file
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
9e816ea2f8d21d392b4e9050e443ef936629202e)
Volker Lendecke [Fri, 31 Mar 2017 15:23:39 +0000 (15:23 +0000)]
idmap_rfc2307: "ldap_next_entry" needs the previous entry, not the start
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
17563f295ffa7379daa5bf7cc89540df4ae4f7b3)
Volker Lendecke [Fri, 31 Mar 2017 15:20:07 +0000 (15:20 +0000)]
idmap_rfc2307: Don't stop after 30 entries
We start over again and again, so we need to search in the whole list.
This is a quick hack generating a bad O(n^2). The real fix is to
call idmap_rfc2307_find_map with "maps" starting at the right offset,
but that's an optimization for later when it's restructured
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
54a0e7e3d7332f420f36a3a20dd62156e6adea46)
Stefan Metzmacher [Tue, 25 Apr 2017 11:25:57 +0000 (13:25 +0200)]
samba-tool: let 'samba-tool user syncpasswords' report deletions immediately
We need to use the show-recycled control in addition to the
notification control in order to get notifications about deletions.
There's no real problem as the next modification will report the deletion.
But it might be delayed a few minutes.
Note that show-recycled is a superset of show-deleted, so we only need one.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12767
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
afa15e6128473d3e4006f7cdc3762ab4c1cba05a)
Ralph Boehme [Thu, 4 May 2017 09:52:16 +0000 (11:52 +0200)]
s3/smbd: update exclusive oplock optimisation to the lease area
Update an optimisation in update_num_read_oplocks() that checks for
exclusive oplocks to the lease area.
The idea of the optimisation is to avoid expensive db queries in
brlock.tdb if we *know* we're the only open.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12766
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat May 6 22:58:47 CEST 2017 on sn-devel-144
(cherry picked from commit
a50343779a8a92d6f53095b36506b1d47ef68513)
Ralph Boehme [Thu, 20 Apr 2017 19:37:37 +0000 (21:37 +0200)]
s3/smbd: update exclusive oplock optimisation to the lease area
This is similar to
9533a55ee5ffe430589dcea845851b84876ef656 but this
time in the contend_level2_oplocks_begin_default() function.
The idea of the optimisation is to avoid expensive db queries in
locking.tdb if we *know* we're the only open.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12766
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
0a4a08ad1cef3b7d6fd47df3a93c2c89dd287ee8)
Ralph Boehme [Thu, 4 May 2017 09:50:56 +0000 (11:50 +0200)]
s3/locking: helper functions for lease types
Add some helper functions that will be used to update a bunch of checks
for exclusive oplocks to the lease area.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12766
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
f631e95e2de857ea98204609a71e6db00993994b)
Ralph Boehme [Thu, 4 May 2017 09:50:01 +0000 (11:50 +0200)]
s3/locking: add const to fsp_lease_type
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12766
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
952701dce09b1ee89a0f6a450ac244fd6451955b)
Alexander Bokovoy [Wed, 28 Sep 2016 21:09:12 +0000 (00:09 +0300)]
systemd: fix detection of libsystemd
On Fedora 25 detection of libsystemd actually fails due to wrong
assumptions in the configure test. conf.CHECK_LIB returns a list
so 'not conf.CHECK_LIB(...)' is always False and we never get to check
libsystemd.
Instead, remember result of checking pkg-config for separate
libsystemd-daemon and libsystemd-journal libraries. If they miss,
attempt to use libsystemd library instead.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue May 2 13:05:43 CEST 2017 on sn-devel-144
(cherry picked from commit
09bc5b5374227a555f580c3d7c1d82f15bb818bc)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12764
systemd: fix detection of libsystemd
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Wed May 3 20:43:57 CEST 2017 on sn-devel-144
Doug Nazar [Thu, 27 Apr 2017 22:41:24 +0000 (15:41 -0700)]
s3: smbd: inotify_map_mask_to_filter incorrectly indexes an array.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12760
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
a939db725ea81944532ba3b035da0d145bc3b62a)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Wed May 3 13:31:27 CEST 2017 on sn-devel-144
Alexander Bokovoy [Tue, 18 Apr 2017 15:28:29 +0000 (18:28 +0300)]
s3-tests: assignement in shell shall have no spaces around equal sign
When assigning value to 'failed', no spaces should be around '=' sign.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 19 02:53:25 CEST 2017 on sn-devel-144
(cherry picked from commit
d58481bd133a8f59ae553eeff6335162f3c7071c)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12751
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Fri Apr 28 13:07:55 CEST 2017 on sn-devel-144
Alexander Bokovoy [Fri, 31 Mar 2017 09:44:58 +0000 (12:44 +0300)]
_netr_ServerPasswordSet2: use info level 26 to set plain text machine password
To support password change for machine or trusted domain accounts in Active
Directory environment we need to pass down actual plain text password
instead of NT hashes. This would allow a backend like ipasam to update
Kerberos keys as well as NT hashes.
By calling samr_SetUserInfo2 info level 26 we ensure PASSDB layer can
actually get the plain text password. If PASSDB backend implements
pdb_update_sam_account() callback, it then gets the plain text password
from samr_SetUserInfo2.
A plain text password is a data blob represented as up to 256 WCHARs. It
is UTF-16 coded on wire and we have its length from the buffer.
SetUserInfo2 SAMR call chain in decode_pw_buffer() does explicitly
expect 512+4 bytes in the buffer. It then calls convert_string_talloc()
to convert it to UNIX charset passing the correct value of the plaintext
password length. However, convert_string_talloc() expects the length of
input string *including* the terminating null and we pass just the
string length.
convert_string_talloc() then explicitly null-terminates the resulting
string by adding two nulls. In most cases UNIX charset is UTF-8, so we
get null-terminated UTF-8 string down to PASSDB layer.
MS-SAMR does not limit what does the password should contain. It says
it is 'userPassword' value. Either 'userPassword' or 'unicodePwd' cannot
contain null characters according to MS-ADTS 3.1.1.3.1.5 because they
must be proper UTF-8 and UTF-16 strings accordingly.
We are talking to our own SAMR service here.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
ff4fb6935a32e33ef01c97d4ee103bc11ac31da0)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12751
Ralph Boehme [Wed, 19 Apr 2017 11:12:55 +0000 (13:12 +0200)]
vfs_fruit: lp_case_sensitive() does not return a bool
lp_case_sensitive() returns an int, not a bool, so with the default
setting of "Auto" by default we set the AAPL flag
SMB2_CRTCTX_AAPL_CASE_SENSITIVE.
This caused the client to believe the volume is case sensitive where it
wasn't, leading to an error when trying to rename files changing only
the case of the name.
Also fix the existing torture test that verifies AAPL context
negotiation and actually expected the server to return "case sensitive",
while the Samba default is really "case insensitive".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12749
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
36612723b2b18675116b6197183bdfe5e1d9e06f)
Ralph Boehme [Mon, 10 Apr 2017 12:28:18 +0000 (14:28 +0200)]
winbindd: only use the domain name from lookup sids if the domain matches
With the use of sIDHistory it happens that two sids map to the same name:
S-1-5-21-
1387724271-
3540671778-
1971508351-1115 DOMAIN2\d1u1 (1)
S-1-5-21-
3293503978-
489118715-
2763867031-1106 DOMAIN2\d1u1 (1)
On the net it looks like this:
lsa_LookupSids: struct lsa_LookupSids
in: struct lsa_LookupSids
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
344f3586-7de4-4e1d-96a9-
8c6c23e4b2f0
sids : *
sids: struct lsa_SidArray
num_sids : 0x00000002 (2)
sids : *
sids: ARRAY(2)
sids: struct lsa_SidPtr
sid : *
sid : S-1-5-21-
1387724271-
3540671778-
1971508351-1115
sids: struct lsa_SidPtr
sid : *
sid : S-1-5-21-
3293503978-
489118715-
2763867031-1106
names : *
names: struct lsa_TransNameArray
count : 0x00000000 (0)
names : NULL
level : LSA_LOOKUP_NAMES_ALL (1)
count : *
count : 0x00000000 (0)
lsa_LookupSids: struct lsa_LookupSids
out: struct lsa_LookupSids
domains : *
domains : *
domains: struct lsa_RefDomainList
count : 0x00000001 (1)
domains : *
domains: ARRAY(1)
domains: struct lsa_DomainInfo
name: struct lsa_StringLarge
length : 0x000e (14)
size : 0x0010 (16)
string : *
string : 'DOMAIN2'
sid : *
sid : S-1-5-21-
1387724271-
3540671778-
1971508351
max_size : 0x00000020 (32)
names : *
names: struct lsa_TransNameArray
count : 0x00000002 (2)
names : *
names: ARRAY(7)
names: struct lsa_TranslatedName
sid_type : SID_NAME_USER (1)
name: struct lsa_String
length : 0x0008 (8)
size : 0x0008 (8)
string : *
string : 'd1u1'
sid_index : 0x00000000 (0)
names: struct lsa_TranslatedName
sid_type : SID_NAME_USER (1)
name: struct lsa_String
length : 0x0008 (8)
size : 0x0008 (8)
string : *
string : 'd1u1'
sid_index : 0x00000000 (0)
count : *
count : 0x00000002 (2)
result : NT_STATUS_OK
So the name for S-1-5-21-
3293503978-
489118715-
2763867031-1106 has
S-1-5-21-
1387724271-
3540671778-
1971508351 in referenced lsa_DomainInfo
structure. In that case we should not use the domain name from lsa_DomainInfo,
because we would use the wrong idmap backend.
For the case where the domain part of the sIDHistory sid is a still existing
domain, which can be found our internal list of trusted domains, we now use the
correct idmap backend: the idmap domain from the historic SID.
If the historic domain does no longer exist, we will fallback to the default
idmap domain.
The next step would be doing a lookup sid call for the domain sid, which may
help with one-way trusts.
The long term goal needs to be that idmap backends are based on sids only and
only the smb.conf allows names to be used which will be converted to sids on
startup.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12702
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Wed Apr 12 16:43:30 CEST 2017 on sn-devel-144
(cherry picked from commit
9d419c3fe3654f038fbc978ecb7fa87cf8a5cc3b)
Ralph Boehme [Tue, 4 Apr 2017 12:51:09 +0000 (14:51 +0200)]
winbindd: handling of SIDs without domain reference in wb_sids2xids_lookupsids_done()
This lets wb_sids2xids_lookupsids_done() deal with wp_lookupsids
returning UINT32_MAX as domain index for SIDs from unknown domains.
Call find_domain_from_sid_noinit() to search our list of known
domains. If a matching domain is found, use it's name, otherwise use the
empty string "". This needed to handle Samba DCs which always returns
sid_index UINT32_MAX for unknown SIDs, even from known domains.
Currently the wb_lookupsids adds these fake domains with an empty string
as domain name, but that's not the correct place to do it. We need the
domain name as it gets passed to the idmap child where the choise of
idmap backend is based on the domain name. This will possibly be changed
in the future to be based on domain SIDs, not the name.
Prerequisite for bug: https://bugzilla.samba.org/show_bug.cgi?id=12702
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
1efaeb072e55735421191fbae9cc586db6d07bb1)
Ralph Boehme [Mon, 6 Feb 2017 11:47:41 +0000 (12:47 +0100)]
vfs_acl_xattr|tdb: ensure create mask is at least 0666 if ignore_system_acls is set
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12562
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Apr 20 20:50:10 CEST 2017 on sn-devel-144
(cherry picked from commit
375d772d04338861d92e683ae3c6c9d7ecb846ad)
Shilpa Krishnareddy [Tue, 25 Apr 2017 14:59:45 +0000 (16:59 +0200)]
notify: Fix ordering of events in notifyd
In notifyd_trigger_parser() while initializing notify_event_msg values from
notify_trigger_msg, 'when' value is ignored. So the smbd process does not get
correct 'when' value and this is causing issues during qsort in
notify_marshall_changes(). Because of this issue, smb2.notify.dir test was
failing.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12756
Signed-off-by: Shilpa Krishnareddy <skrishnareddy@panzura.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Apr 26 17:02:58 CEST 2017 on sn-devel-144
(cherry picked from commit
5701880655c8a82b6d533c7c2e131cc803e7570b)
Karolin Seeger [Fri, 21 Apr 2017 09:12:58 +0000 (11:12 +0200)]
VERSION: Disable GIT_SNAPSHOTS for the 4.6.3 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Fri, 21 Apr 2017 09:13:49 +0000 (11:13 +0200)]
VERSION: Bump version up to 4.6.4...
and re-enable GIT_SNAPSHOTS.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Fri, 21 Apr 2017 09:12:24 +0000 (11:12 +0200)]
WHATSNEW: Add release notes for Samba 4.6.3.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Hanno Böck [Wed, 19 Apr 2017 12:00:21 +0000 (14:00 +0200)]
cleanupdb: Fix a memory read error
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12748
Signed-off-by: Hanno Böck <hanno@hboeck.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
fd98a7b6a0053b62802e29fb729e219dc08eef6b)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Fri Apr 21 13:59:21 CEST 2017 on sn-devel-144
Michael Adam [Tue, 11 Apr 2017 10:03:52 +0000 (12:03 +0200)]
s3:vfs:shadow_copy2: fix corner case of "/@GMT-token" in shadow_copy2_strip_snapshot
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
26661218b3d3f0d4ee89039727bc110e972c2851)
The last 3 patches address
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12743
vfs_shadow_copy2 fails to list snapshots from shares with GlusterFS backend
Michael Adam [Tue, 11 Apr 2017 10:03:20 +0000 (12:03 +0200)]
s3:vfs:shadow_copy2: fix the corner case if cwd=/ in make_relative_path
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
16c89835cf07caa2082b586666095deba38ef962)
Michael Adam [Tue, 11 Apr 2017 09:18:30 +0000 (11:18 +0200)]
s3:vfs:shadow_copy2: fix quoting in debug messages
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
fffd611fdc558ab428c8a21cf1e68feaf1f6f469)
Stefan Metzmacher [Sun, 2 Apr 2017 22:19:25 +0000 (00:19 +0200)]
pam_winbind: no longer use wbcUserPasswordPolicyInfo when authenticating
The expiry time for the specific user comes from
info->pass_must_change_time and nothing else.
The authenticating DC knows which password policy applies
to the user, that's nothing the client can do, as
domain trusts and fine-grained password policies makes
this a very complex task.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12725
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
fba7ed9a3fa6fcb2d90d1271ae81ec11b554bd2d)
git.samba.org / samba.git / log