samba.git
6 months agoWHATSNEW.txt: change "mangled names" default to "illegal"
Ralph Boehme [Mon, 8 Jul 2019 13:26:02 +0000 (15:26 +0200)]
WHATSNEW.txt: change "mangled names" default to "illegal"

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Jul  8 17:56:50 UTC 2019 on sn-devel-184

6 months agodocs/xml: change default for "mangled names" to "illegal"
Ralph Boehme [Mon, 8 Jul 2019 12:14:29 +0000 (14:14 +0200)]
docs/xml: change default for "mangled names" to "illegal"

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
6 months agoselftest: explicitly set "mangled names = yes"
Ralph Boehme [Mon, 8 Jul 2019 13:26:25 +0000 (15:26 +0200)]
selftest: explicitly set "mangled names = yes"

This is the current default and what 'make test' assumes currently.

The next commit will change the default to "illegal".

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
6 months agoWHATSNEW.txt: disable SMB1 by default!
Stefan Metzmacher [Wed, 12 Jun 2019 17:08:14 +0000 (19:08 +0200)]
WHATSNEW.txt: disable SMB1 by default!

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agodocs-xml: change "client min protocol" to SMB2_02
Stefan Metzmacher [Thu, 6 Jun 2019 12:07:13 +0000 (14:07 +0200)]
docs-xml: change "client min protocol" to SMB2_02

It's time to disable SMB1 by default...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agoselftest: explicitly set "client min protocol = CORE"
Stefan Metzmacher [Mon, 8 Jul 2019 09:31:27 +0000 (11:31 +0200)]
selftest: explicitly set "client min protocol = CORE"

This is the current default and what 'make test' assumes currently.

The next commit will change the default to disable SMB1.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agodocs-xml: change "server min protocol" to SMB2_02
Stefan Metzmacher [Thu, 6 Jun 2019 12:07:13 +0000 (14:07 +0200)]
docs-xml: change "server min protocol" to SMB2_02

SMB2_02 was available with Windows Vista.
It's time to turn SMB1 off by default.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agoselftest: explicitly set "server min protocol = LANMAN1"
Stefan Metzmacher [Mon, 8 Jul 2019 09:55:13 +0000 (11:55 +0200)]
selftest: explicitly set "server min protocol = LANMAN1"

This is the current default and what 'make test' assumes currently.

The next commit will change the default to disable SMB1.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agosmbd: Move fcb_or_dos_open() out of open_file_ntcreate()
Volker Lendecke [Fri, 5 Jul 2019 07:52:43 +0000 (09:52 +0200)]
smbd: Move fcb_or_dos_open() out of open_file_ntcreate()

This is SMB1-only and pre-ntcreate with only 3 callers that look at
NTCREATEX_OPTIONS_PRIVATE_DENY_[DOS|FCB]. It is a bit less efficient
if it kicks in (we have to recreate the fsp), but SMB1 is less and
less popular, and this particular share mode combination from the
open&x family of calls might not be worth optimizing for.

This adds smb1_utils.[ch] as a kitchen sink for functions that can go
away once we drop SMB1.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
6 months agosmbd: Slightly simplify open_mode_check()
Volker Lendecke [Thu, 4 Jul 2019 11:55:41 +0000 (13:55 +0200)]
smbd: Slightly simplify open_mode_check()

If there are no share modes, we'll just not enter the loop.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
6 months agovfs_fruit: Fix a typo
Volker Lendecke [Thu, 4 Jul 2019 11:55:28 +0000 (13:55 +0200)]
vfs_fruit: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
6 months agosmbd: Slightly simplify fsp_lease_update()
Volker Lendecke [Thu, 4 Jul 2019 06:48:05 +0000 (08:48 +0200)]
smbd: Slightly simplify fsp_lease_update()

We have already dereferenced fsp->lease

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
6 months agosmbd: Simplify smbd_smb2_setinfo_send()
Volker Lendecke [Wed, 3 Jul 2019 11:44:59 +0000 (13:44 +0200)]
smbd: Simplify smbd_smb2_setinfo_send()

Avoid an "else" branch

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
6 months agosmbd: Make get_relative_fid_filename() static to open.c
Volker Lendecke [Wed, 3 Jul 2019 13:33:02 +0000 (15:33 +0200)]
smbd: Make get_relative_fid_filename() static to open.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
6 months agosmbd: Make find_share_mode_entry() static to locking.c
Volker Lendecke [Wed, 3 Jul 2019 09:25:41 +0000 (11:25 +0200)]
smbd: Make find_share_mode_entry() static to locking.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
6 months agoauth/kerberos: clang: Fix same instances of 'Value stored is never read'
Noel Power [Thu, 4 Jul 2019 11:54:18 +0000 (11:54 +0000)]
auth/kerberos: clang: Fix same instances of 'Value stored is never read'

Fixes:

auth/kerberos/gssapi_pac.c:136:3: warning: Value stored to 'gss_maj' is never read <--[clang]
                gss_maj = gss_release_buffer(&gss_min, &pac_buffer);
                ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:137:3: warning: Value stored to 'gss_maj' is never read <--[clang]
                gss_maj = gss_release_buffer(&gss_min, &pac_display_buffer);
                ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:265:4: warning: Value stored to 'gss_maj' is never read <--[clang]
                        gss_maj = gss_release_buffer_set(&gss_min, &set);
                        ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:273:4: warning: Value stored to 'gss_maj' is never read <--[clang]
                        gss_maj = gss_release_buffer_set(&gss_min, &set);
                        ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:279:4: warning: Value stored to 'gss_maj' is never read <--[clang]
                        gss_maj = gss_release_buffer_set(&gss_min, &set);
                        ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:285:5: warning: Value stored to 'gss_maj' is never read <--[clang]
                                gss_maj = gss_release_buffer_set(&gss_min, &set);
                                ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:291:2: warning: Value stored to 'gss_maj' is never read <--[clang]
        gss_maj = gss_release_buffer_set(&gss_min, &set);
        ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
7 warnings generated.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Mon Jul  8 11:04:15 UTC 2019 on sn-devel-184

6 months agos4/dsdb/schema: clang: Fix Array access results in null pointer deref
Noel Power [Thu, 4 Jul 2019 11:50:29 +0000 (11:50 +0000)]
s4/dsdb/schema: clang: Fix Array access results in null pointer deref

Fixes:
source4/dsdb/schema/schema_query.c:223:15: warning: Array access (from variable 'attr_list') results in a null pointer dereference <--[clang]
        attr_list[i] = NULL;
        ~~~~~~~~~    ^
1 warning generated.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
6 months agos4/dsdb/schema: Fix 'Value stored to 'ret' is never read'
Noel Power [Wed, 3 Jul 2019 14:56:55 +0000 (14:56 +0000)]
s4/dsdb/schema: Fix 'Value stored to 'ret' is never read'

Fixes:

source4/dsdb/schema/schema_set.c:274:3: warning: Value stored to 'ret' is never read <--[clang]
                ret = LDB_SUCCESS;
                ^     ~~~~~~~~~~~
source4/dsdb/schema/schema_set.c:327:3: warning: Value stored to 'ret' is never read <--[clang]
                ret = LDB_SUCCESS;
                ^     ~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
6 months agos4/dsdb/schema: Fix Access to field results in deference of null pointer
Noel Power [Wed, 3 Jul 2019 12:51:01 +0000 (12:51 +0000)]
s4/dsdb/schema: Fix Access to field results in deference of null pointer

Fixes:

source4/dsdb/schema/schema_info_attr.c:207:38: warning: Access to field 'revision' results in a dereference of a null pointer (loaded from variable 'schema_info') <--[clang]
        if (schema->schema_info->revision > schema_info->revision) {
                                            ^~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
6 months agos3/lib: Fix Access to field results in dereference of NULL pointer
Noel Power [Wed, 3 Jul 2019 12:45:56 +0000 (12:45 +0000)]
s3/lib: Fix Access to field results in dereference of NULL pointer

Fixes:

ource3/lib/messages_dgm.c:176:29: warning: Access to field 'queue' results in a dereference of a null pointer (loaded from variable 'out') <--[clang]
        qlen = tevent_queue_length(out->queue);

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
6 months agolib/param: clang: Fix Value stored is never read
Noel Power [Wed, 3 Jul 2019 11:34:19 +0000 (11:34 +0000)]
lib/param: clang: Fix Value stored is never read

Fixes:
lib/param/loadparm.c:2164:2: warning: Value stored to 'bRetval' is never read <--[clang]
        bRetval = false;
        ^         ~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
6 months agolib/util: clang: Fix 'Null pointer passed as an argument'
Noel Power [Wed, 3 Jul 2019 11:10:44 +0000 (11:10 +0000)]
lib/util: clang: Fix 'Null pointer passed as an argument'

Fixes lib/util/iov_buf.c:50:4: warning: Null pointer passed as an argument to a 'nonnull' parameter <--[clang]
                        memcpy(p, iov[i].iov_base, thislen);
                        ^
1 warning generated.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
6 months agoWHATSNEW: changed default/deprecation of allocation roundup size
Björn Jacke [Sun, 7 Jul 2019 21:35:15 +0000 (23:35 +0200)]
WHATSNEW: changed default/deprecation of allocation roundup size

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Jul  8 09:29:33 UTC 2019 on sn-devel-184

6 months agodocs-xml: deprecate allocation roundup size parameter
Björn Jacke [Wed, 19 Jun 2019 11:20:34 +0000 (13:20 +0200)]
docs-xml: deprecate allocation roundup size parameter

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Sun Jul  7 23:21:55 UTC 2019 on sn-devel-184

6 months agoparam: change default of "allocation roundup size" to 0
Björn Jacke [Wed, 19 Jun 2019 11:04:55 +0000 (13:04 +0200)]
param: change default of "allocation roundup size" to 0

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
6 months agotorture: fix durable open/alloc-size test
Björn Jacke [Thu, 20 Jun 2019 14:10:52 +0000 (16:10 +0200)]
torture: fix durable open/alloc-size test

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
6 months agoWHATSNEW: Add CTDB updates for 4.11
Martin Schwenke [Thu, 27 Jun 2019 10:41:57 +0000 (20:41 +1000)]
WHATSNEW: Add CTDB updates for 4.11

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jul  5 08:05:00 UTC 2019 on sn-devel-184

6 months agoctdb-tools: CID 1449530 - Negative loop bound
Martin Schwenke [Wed, 3 Jul 2019 10:58:54 +0000 (20:58 +1000)]
ctdb-tools: CID 1449530 - Negative loop bound

Regression introduced by commit
2558f96da1f9be8034f26736c8050bb38a1f82a8.  count should be signed
because list_of_connected_nodes() returns -1 on failure.  Variable i
is used in both signed and unsigned contexts, so add new signed
variable j for use in signed context.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-config: depend on /etc/ctdb/nodes file
Rafael David Tinoco [Thu, 27 Jun 2019 20:12:25 +0000 (20:12 +0000)]
ctdb-config: depend on /etc/ctdb/nodes file

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14017

CTDB should start as a disabled unit (systemd) in most of the
distributions and, when trying to enable it for the first time, user
should get an unconfigured, or similar, error.

Depending on /etc/ctdb/nodes file will give a clear direction to final
user on what is needed in order to get cluster up and running. It should
work like previous ENABLED=NO variables in SySV like initialization
scripts.

Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tests: Rename local-daemon.sh dump-logs to print-log
Martin Schwenke [Sun, 30 Jun 2019 21:04:19 +0000 (07:04 +1000)]
ctdb-tests: Rename local-daemon.sh dump-logs to print-log

This makes it consistent with print-socket.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jul  5 06:19:11 UTC 2019 on sn-devel-184

6 months agoctdb-build: Tweak hacking of rpcgen output
Martin Schwenke [Tue, 25 Jun 2019 00:03:44 +0000 (10:03 +1000)]
ctdb-build: Tweak hacking of rpcgen output

csbuild doesn't like the hack where variable buf is initialised to
itself to avoid an unused variable warning.  buf is unused so remove
it instead.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-daemon: Don't check if lock_ctx->ctdb_db is NULL
Martin Schwenke [Mon, 24 Jun 2019 20:35:04 +0000 (06:35 +1000)]
ctdb-daemon: Don't check if lock_ctx->ctdb_db is NULL

This can never be NULL.  It could probably be NULL in the past when
"all database" locks existed.

There are paths where is is checked for NULL and then later
dereferenced, causing static analysers to produce spurious warnings.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-common: Mark ctdb_fatal() and ctdb_die() as _NORETURN_
Martin Schwenke [Mon, 24 Jun 2019 07:01:07 +0000 (17:01 +1000)]
ctdb-common: Mark ctdb_fatal() and ctdb_die() as _NORETURN_

This avoids static analysers continuing analysis after calls to these
functions and producing incorrect warnings.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-event: Fix signed/unsigned comparisons by casting
Martin Schwenke [Mon, 24 Jun 2019 06:45:06 +0000 (16:45 +1000)]
ctdb-event: Fix signed/unsigned comparisons by casting

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-database: Fix signed/unsigned comparison by casting
Martin Schwenke [Mon, 24 Jun 2019 06:44:37 +0000 (16:44 +1000)]
ctdb-database: Fix signed/unsigned comparison by casting

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-event: Assign missing return value
Martin Schwenke [Mon, 24 Jun 2019 06:42:58 +0000 (16:42 +1000)]
ctdb-event: Assign missing return value

Otherwise ret == 0 is returned from successful call to
ctdb_int32_pull().

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-common: Fix signed/unsigned comparisons by declaring as unsigned
Martin Schwenke [Mon, 24 Jun 2019 06:42:21 +0000 (16:42 +1000)]
ctdb-common: Fix signed/unsigned comparisons by declaring as unsigned

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-common: Fix error handling
Martin Schwenke [Mon, 24 Jun 2019 06:36:47 +0000 (16:36 +1000)]
ctdb-common: Fix error handling

According to the documentation, sendto() should either send the packet
as given or return with an error.  However, given that it can return
the number of bytes sent, treat the theoretical error of a short
packet send separately, since errno would not be set in this case.

Similarly, treat a short packet recv() separately from an error where
errno is set.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-common: Fix signed/unsigned comparisons by casting
Martin Schwenke [Mon, 24 Jun 2019 06:35:01 +0000 (16:35 +1000)]
ctdb-common: Fix signed/unsigned comparisons by casting

One case needs an extra variable declared.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-daemon: Drop unused function ctdb_vfork_with_logging()
Martin Schwenke [Mon, 24 Jun 2019 04:02:53 +0000 (14:02 +1000)]
ctdb-daemon: Drop unused function ctdb_vfork_with_logging()

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-protocol: Avoid signed/unsigned comparison by casting
Martin Schwenke [Sun, 23 Jun 2019 11:00:38 +0000 (21:00 +1000)]
ctdb-protocol: Avoid signed/unsigned comparison by casting

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-protocol: Variable for return value of strlcpy() should be size_t
Martin Schwenke [Sun, 23 Jun 2019 10:59:34 +0000 (20:59 +1000)]
ctdb-protocol: Variable for return value of strlcpy() should be size_t

This avoids an unnecessary signed/unsigned comparison issue.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-protocol: Fix signed/unsigned comparison by declaring as unsigned
Martin Schwenke [Wed, 26 Jun 2019 06:14:28 +0000 (16:14 +1000)]
ctdb-protocol: Fix signed/unsigned comparison by declaring as unsigned

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-protocol: Do not ignore return value of ctdb_g_lock_pull()
Martin Schwenke [Fri, 7 Jun 2019 14:04:31 +0000 (00:04 +1000)]
ctdb-protocol: Do not ignore return value of ctdb_g_lock_pull()

clang reports:

  ctdb/protocol/protocol_types.c:5191:3: warning: Value stored to 'ret' is never read

Found by csbuild.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-daemon: Don't index by PNN when initialising node flags
Martin Schwenke [Fri, 21 Jun 2019 20:23:12 +0000 (06:23 +1000)]
ctdb-daemon: Don't index by PNN when initialising node flags

Indexing by PNN is wrong.

This also removes a signed/unsigned comparison because the PNN is not
compared to -1 anymore.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-daemon: Replace function ctdb_ip_to_nodeid() with ctdb_ip_to_pnn()
Martin Schwenke [Fri, 21 Jun 2019 19:53:15 +0000 (05:53 +1000)]
ctdb-daemon: Replace function ctdb_ip_to_nodeid() with ctdb_ip_to_pnn()

Node ID is a poorly defined concept, indicating the slot in the node
map where the IP address was found.  This signed value also ends up
compared to num_nodes, which is unsigned, producing unwanted warnings.

Just return the PNN because this what both callers really want.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tcp: Fix signed/unsigned comparisons by declaring as unsigned
Martin Schwenke [Fri, 21 Jun 2019 19:29:53 +0000 (05:29 +1000)]
ctdb-tcp: Fix signed/unsigned comparisons by declaring as unsigned

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tests: Avoid warning about NULL dereference
Martin Schwenke [Fri, 21 Jun 2019 06:08:58 +0000 (16:08 +1000)]
ctdb-tests: Avoid warning about NULL dereference

Static analysis finds that earlier in the call path, ctdb_string_len()
checks for NULL, so complains that a NULL value can be passed to
strlen() here.  Avoid this by adding an assert().

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tests: Don't compare an unsigned value with -1
Martin Schwenke [Fri, 21 Jun 2019 04:41:38 +0000 (14:41 +1000)]
ctdb-tests: Don't compare an unsigned value with -1

The dummy reader should never be called, so contains an assert on the
buffer length that should always trigger.  Just abort() instead.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tests: Fix signed/unsigned comparisons by casting
Martin Schwenke [Fri, 21 Jun 2019 04:39:20 +0000 (14:39 +1000)]
ctdb-tests: Fix signed/unsigned comparisons by casting

These are all cases comparing a number of bytes written (int or
ssize_t) with a size_t, so casting to size_t is appropriate.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tests: Fix signed/unsigned comparisons by declaring as unsigned
Martin Schwenke [Fri, 21 Jun 2019 04:37:11 +0000 (14:37 +1000)]
ctdb-tests: Fix signed/unsigned comparisons by declaring as unsigned

Change declarations of variable and parameters, usually loop variables
and limits, from int to unsigned int, size_t or uint32_t.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tests: Fix signed/unsigned comparisons by casting
Martin Schwenke [Wed, 26 Jun 2019 05:59:10 +0000 (15:59 +1000)]
ctdb-tests: Fix signed/unsigned comparisons by casting

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tests: Add a local variable for repeated calculation
Martin Schwenke [Fri, 21 Jun 2019 11:16:18 +0000 (21:16 +1000)]
ctdb-tests: Add a local variable for repeated calculation

This improves readability.  Also, the asserts involving this
expression get more complicated in the next commit, so this will keep
those asserts within a single line.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tests: Declare variable for return value of write(2) as ssize_t
Martin Schwenke [Fri, 21 Jun 2019 11:47:06 +0000 (21:47 +1000)]
ctdb-tests: Declare variable for return value of write(2) as ssize_t

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tests: Fix signed/unsigned comparison by declaring as unsigned
Martin Schwenke [Wed, 26 Jun 2019 05:55:41 +0000 (15:55 +1000)]
ctdb-tests: Fix signed/unsigned comparison by declaring as unsigned

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-cluster-mutex: Ensure that the configured command is not empty
Martin Schwenke [Fri, 7 Jun 2019 20:56:00 +0000 (06:56 +1000)]
ctdb-cluster-mutex: Ensure that the configured command is not empty

... and does not just contain whitespace.

Otherwise NULL can be passed as the first argument to execv().

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-daemon: Drop unused values assigned to variable
Martin Schwenke [Fri, 7 Jun 2019 20:41:15 +0000 (06:41 +1000)]
ctdb-daemon: Drop unused values assigned to variable

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-daemon: Fix signed/unsigned comparisons by using constant
Martin Schwenke [Fri, 7 Jun 2019 20:40:40 +0000 (06:40 +1000)]
ctdb-daemon: Fix signed/unsigned comparisons by using constant

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-daemon: Fix signed/unsigned comparisons by casting
Martin Schwenke [Fri, 7 Jun 2019 20:40:12 +0000 (06:40 +1000)]
ctdb-daemon: Fix signed/unsigned comparisons by casting

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-daemon: Fix signed/unsigned comparisons by declaring as unsigned
Martin Schwenke [Fri, 7 Jun 2019 20:38:56 +0000 (06:38 +1000)]
ctdb-daemon: Fix signed/unsigned comparisons by declaring as unsigned

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-daemon: Make type of list_of_nodes() consistent with callers
Martin Schwenke [Fri, 7 Jun 2019 20:22:49 +0000 (06:22 +1000)]
ctdb-daemon: Make type of list_of_nodes() consistent with callers

Instead of taking exclude_pnn as a parameter, calculate it from an
include_self_parameter, which is passed through from the 2 calling
functions.

While doing this, fix a signed/unsigned comparison issue by declaring
the new exclude_pnn local variable as an unsigned type.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-daemon: Make old list_of_nodes() function static
Martin Schwenke [Fri, 7 Jun 2019 20:08:48 +0000 (06:08 +1000)]
ctdb-daemon: Make old list_of_nodes() function static

The next commit will change the type of this function, which is only
used in this file.  So, make it static to isolate the change.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tools: Drop separate parallel+verbose stdout/stderr filtering
Martin Schwenke [Fri, 28 Jun 2019 05:46:57 +0000 (15:46 +1000)]
ctdb-tools: Drop separate parallel+verbose stdout/stderr filtering

This has been broken for 10 years since commit
9616959bd6938e4c5c3713fe986c1e17cbdc574c, which introduced the
separate filtering.  This commit was missing a redirect of the output
of stderr_filter() to stderr.

Since nobody depends on the separate filtering (i.e. nobody reported a
bug), just return to combining stdout and stderr, and filtering them
together.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tools: Drop no-op stdout-filter from non-parallel case
Martin Schwenke [Fri, 28 Jun 2019 05:44:59 +0000 (15:44 +1000)]
ctdb-tools: Drop no-op stdout-filter from non-parallel case

This filter no longer does anything useful in this context.  By
default it adds a pipeline with trailing cat process.  In many
contexts, stdout of the process being run is still open so the cat
process will stay around and will stop onnode from exiting.

The filters should all go away because they are simply an example of
code that is trying to be too clever while causing unfortunate corner
cases.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agoctdb-tools: Drop onnode -o option
Martin Schwenke [Fri, 28 Jun 2019 05:43:27 +0000 (15:43 +1000)]
ctdb-tools: Drop onnode -o option

I don't think anyone uses this and it causes complications.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 months agos3:tests: Add test for manual smbtorture zero-data
Christof Schmitt [Wed, 22 May 2019 22:09:59 +0000 (15:09 -0700)]
s3:tests: Add test for manual smbtorture zero-data

Ensure that these tests keep working.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul  5 05:02:12 UTC 2019 on sn-devel-184

6 months agosmbtorture: Add smb2.ioctl.zero_data
Christof Schmitt [Fri, 28 Sep 2018 23:37:51 +0000 (16:37 -0700)]
smbtorture: Add smb2.ioctl.zero_data

Allow to manually issue the FSCTL_ZERO_DATA call and verify the
state of the file in the file system.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agosmbtorture: Add smb2.ioctl.sparse_set_sparse
Christof Schmitt [Fri, 28 Sep 2018 23:08:22 +0000 (16:08 -0700)]
smbtorture: Add smb2.ioctl.sparse_set_sparse

This allows for manual testing of changing the sparse setting on a file
and verifying the flag in the file system.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agowinexe: Add support for connecting to a host on an alternate port
Karl Lenz [Fri, 5 Jul 2019 00:28:33 +0000 (20:28 -0400)]
winexe: Add support for connecting to a host on an alternate port

This commit allows an optional port number to be specified after the
hostname on the winexe command line. If no port is given, it defaults
to port 445, just like it used before. Although this is probably a
pretty uncommon use-case, it allows port-forwarding the service through
a firewall to an alternate port, which can occassionally be helpful.

$ ./bin/winexe -U karl%password1 //127.0.0.1:5445 cmd.exe
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>

Signed-off-by: Karl Lenz <xorangekiller@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
6 months agos4 heimdal_build: Fix static heimdal builds with replacement closefrom()
Karl Lenz [Fri, 5 Jul 2019 00:27:46 +0000 (20:27 -0400)]
s4 heimdal_build: Fix static heimdal builds with replacement closefrom()

If Samba was configured with "--nonshared-binary=winexe" to build
winexe as a static binary, and the replacement closefrom() function
was used (which is default on most GNU/Linux systems without the libbsd
development package installed), then winexe would fail to link with the
error message shown below.

[2631/3059] Linking bin/default/examples/winexe/winexe
source4/heimdal/lib/roken/closefrom.c.1.o: In function `rep_closefrom':
closefrom.c:(.text+0x0): multiple definition of `rep_closefrom'
lib/replace/closefrom.c.2.o:closefrom.c:(.text+0x292): first defined here
collect2: error: ld returned 1 exit status

The real problem here was not with the winexe build itself - that was
merely the application that I was attempting to build statically when I
encountered it. As Andrew Bartlett very helpfully pointed out to me, this
regression was introduced when "lib/replace/closefrom.c" was added in
commit 55529d0f and, more to the point, when the heimdal build started
using it in commit 3a7ebd0e. From that point on, any time that Samba's
embedded copy of heimdal was statically linked into an application, it
would fail to link because heimdal's own rep_closefrom() function in its
"roken" library would conflict with the rep_closefrom() function in the
"replace" library used elsewhere in Samba - a library which the "roken"
library itself depends on. To further compound the problem, heimdal's
own "roken" library is also compiled for the host (a necessary
distinction for cross-compiled builds) and linked into a small number of
utility applications used during the heimdal build. However, they can't
link directly against the "replace" library, unlike the main "roken"
library build which carries that dependency, because the "replace"
library is _not_ built for the host.

I solved this problem by eliminating heimdal's version of rep_closefrom()
and making it use the one from "lib/replace" everywhere. That wasn't a
problem for the main heimdal library that is built for the target because
it was already linking in "lib/replace" (that's what caused this problem
in the first place!), but to solve the aforementioned issue with
"lib/replace" not being built for the host, I added
"lib/replace/closefrom.c" to the list of "source4/heimdal/lib/roken"
sources to be built for the host to satisfy heimdal's host utilities.
Everyone wins, I think.

Signed-off-by: Karl Lenz <xorangekiller@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
6 months agowinexe: Fix translation of the winexesvc binaries to C
Karl Lenz [Thu, 4 Jul 2019 22:30:44 +0000 (18:30 -0400)]
winexe: Fix translation of the winexesvc binaries to C

Two small Windows binaries that winexe uses to execute commands on a
remote system, winexesvc32.exe and winexesvc64.exe, are compiled then
translated into a C byte array as hex so that they can be embedded into
the winexe binary. Although the winexesvc binaries were built properly,
the Python method that does the translation to C tried to open them in
text mode, which would have worked in Python 2 before the concept of
bytearrays was introduced, but instead raises an exception in Python 3.
The exception was unfortunately suppressed, so the build didn't stop,
and the winexe binary that was produced was effectively useless because
it didn't contain either winexesvc binary as expected. After winexe
successfully authenticated with a Windows host, it showed the error
message below rather than executing the given command on the remote
system.

$ ./bin/winexe -U karl%password1 -d 2 //192.168.56.3 cmd
winexe_svc_install: dcerpc_svcctl_StartServiceW failed: WERR_BAD_EXE_FORMAT
main: winexe_svc_install failed: NT_STATUS_BAD_INITIAL_PC

This commit fixes that problem by opening the winexesvc binaries in
binary mode rather than text mode when the winexe build script reads
them to translate them to C. Furthermore it adds an additional
sanity check that will cause the winexesvc binary generator commands to
fail if the winexesvc binaries cannot be opened or read correctly to
guarantee that the build does not silently "succeed" if something like
this ever happens again.

Signed-off-by: Karl Lenz <xorangekiller@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
6 months agoutil: Fix off-by-one error in message about overflow
Martin Schwenke [Mon, 1 Jul 2019 11:42:56 +0000 (21:42 +1000)]
util: Fix off-by-one error in message about overflow

len includes space for the NUL character, so the calculation needs to
take the NUL character into account.

While touching this, drop unnecessary casts by updating format string
and update to modern debug macro.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul  5 02:24:52 UTC 2019 on sn-devel-184

6 months agoutil: Avoid localised underflow
Martin Schwenke [Mon, 1 Jul 2019 11:28:43 +0000 (21:28 +1000)]
util: Avoid localised underflow

Avoid parenthesising an unsigned subtraction that can be negative and,
therefore, underflow.  There is no need for the parentheses and
removing them results in an expression that is evaluated left-to-right
and can not underflow.

It isn't clear that the underflow matters.  lp <= ls, so if (li - lp)
underflows then ls + (li - lp) will always overflow.  This should
produce the correct answer.  However, depending on this seems wrong.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agos4/scripting/smbstatus: begone
Douglas Bagnall [Tue, 2 Jul 2019 00:30:26 +0000 (12:30 +1200)]
s4/scripting/smbstatus: begone

Untested and unused.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agos4/torture: remove autoidl
Douglas Bagnall [Tue, 2 Jul 2019 00:25:22 +0000 (12:25 +1200)]
s4/torture: remove autoidl

This has been turned off by default for 10 years
(since 26e114b83ce1de7515bfbf365), and is only interesting for
nostalgia purposes.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agos4/scripting/autoidl: remove it
Douglas Bagnall [Mon, 1 Jul 2019 23:55:46 +0000 (11:55 +1200)]
s4/scripting/autoidl: remove it

What does it even do? Possibly nothing, not least because nobody ever
runs it.

It was introduced as source4/scripting/bin/autoidl.py in
a2446e5f8550582c0d4353bb85874dea17cf1d98 ("initial work for script
that uses probing to figure out IDL"). Since then it has only had
superficial patches, generally aimed at Python 3.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agotests/usage: test for --help consistency
Douglas Bagnall [Thu, 27 Jun 2019 04:57:22 +0000 (16:57 +1200)]
tests/usage: test for --help consistency

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agotests/samba-tool: test --help consistency
Douglas Bagnall [Thu, 27 Jun 2019 04:57:22 +0000 (16:57 +1200)]
tests/samba-tool: test --help consistency

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agopython/tests: helper function for checking --help consistency
Douglas Bagnall [Thu, 27 Jun 2019 04:57:22 +0000 (16:57 +1200)]
python/tests: helper function for checking --help consistency

Check that --help output doesn't contradict itself by assigning the same
option string to different meanings (which *does* happen in the ldb tools).

This will be used in the samba-tool help tests and the usage tests.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agotests/usage: generalise to cover non-python scripts
Douglas Bagnall [Thu, 27 Jun 2019 04:57:22 +0000 (16:57 +1200)]
tests/usage: generalise to cover non-python scripts

It is not as simple as running everything executable, because for example
.so library files are marked as executable.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agotests/usage: python scripts --help should be helpful
Douglas Bagnall [Thu, 27 Jun 2019 04:57:22 +0000 (16:57 +1200)]
tests/usage: python scripts --help should be helpful

We want to be sure it says *something* and returns success.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agos4/scripting/samba_dnsupdate: print usage with no arguments
Douglas Bagnall [Thu, 27 Jun 2019 04:57:21 +0000 (16:57 +1200)]
s4/scripting/samba_dnsupdate: print usage with no arguments

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agos4/scripting/demodirsync: print usage if no host named
Douglas Bagnall [Thu, 27 Jun 2019 04:57:21 +0000 (16:57 +1200)]
s4/scripting/demodirsync: print usage if no host named

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agos4/scripting/mymachinepw: print usage with bad arguments
Douglas Bagnall [Thu, 27 Jun 2019 04:57:21 +0000 (16:57 +1200)]
s4/scripting/mymachinepw: print usage with bad arguments

Also, use sys.exit() function, not exit(), because sys.exit() reliably
exists.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agos4/scripting/get-descriptors: print usage with insufficient arguments
Douglas Bagnall [Thu, 27 Jun 2019 04:57:21 +0000 (16:57 +1200)]
s4/scripting/get-descriptors: print usage with insufficient arguments

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agoscript/compare_cc_results: print usage on too few args
Douglas Bagnall [Thu, 27 Jun 2019 04:57:20 +0000 (16:57 +1200)]
script/compare_cc_results: print usage on too few args

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agodns_hub: print usage with too few args
Douglas Bagnall [Thu, 27 Jun 2019 04:57:20 +0000 (16:57 +1200)]
dns_hub: print usage with too few args

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agotests: ensure that most python scripts have usage text
Douglas Bagnall [Sun, 17 Mar 2019 01:47:40 +0000 (14:47 +1300)]
tests: ensure that most python scripts have usage text

When a script is run with the wrong arguments, it should at least say
something like this:

    Usage: samba-foo [OPTIONS]

For many samba scripts, especially without a server environment, having
no arguments is the wrong arguments.

Here we look for every executable file with '#![...]python[3]' on the
first line, and exclude certain files and directories that have excuses
to fail the test. For example, many selftest scripts are stream-oriented
and will hang forever waiting for stdin, which is not an error. Some
test modules are designed so they can be optionally run from the command
line, but this option is typically only used by the developer who is
writing them.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agoWHATSNEW: entries for gnutls and samba-tool
Andrew Bartlett [Thu, 4 Jul 2019 19:19:53 +0000 (07:19 +1200)]
WHATSNEW: entries for gnutls and samba-tool

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul  5 00:05:15 UTC 2019 on sn-devel-184

6 months agos4/libnet: Fix joining a Windows pre-2008R2 DC
Tim Beale [Mon, 1 Jul 2019 05:06:31 +0000 (17:06 +1200)]
s4/libnet: Fix joining a Windows pre-2008R2 DC

From v4.8 onwards, Samba may not be able join a DC older than 2008R2
because the Windows DC doesn't support GET_TGT.

If the dsdb repl_md code can't resolve a link target it returns an
error, and the calling code (e.g. drs_util.py) should retry with
GET_TGT. However, GET_TGT is only supported on Windows 2008R2 and later,
so if you try to join an earlier Windows DC, the join will throw an
error that you can't work-around.

We can avoid this problem by setting the same DSDB flag that GET_TGT
sets to indicate that the link targets are as up-to-date as possible,
and so there's no point retrying. Missing targets are still logged, so
this at least allows the admin to fix up any problems after the join
completed.

I've only done this for the join case (problems during periodic
replication are probably still worth escalating to an error).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14021
RN: From Samba v4.8 onwards, joining a Windows 2003 or 2008 (non-R2) AD
DC may not have worked. When this problem occurred, the following
message would be displayed:
 'Failed to commit objects: DOS code 0x000021bf'
This particular issue has now been resolved. Note that there may still
be other potential problems that occur when joining an older Windows DC.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 months agos3: smbd: SMB1 add range checks to reply_fclose().
Jeremy Allison [Wed, 3 Jul 2019 19:15:56 +0000 (12:15 -0700)]
s3: smbd: SMB1 add range checks to reply_fclose().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Jul  4 15:40:31 UTC 2019 on sn-devel-184

6 months agos3: smbd: SMB1 add range checks to reply_search().
Jeremy Allison [Wed, 3 Jul 2019 19:13:59 +0000 (12:13 -0700)]
s3: smbd: SMB1 add range checks to reply_search().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agovfs_nfs4acl_xattr: fix setting of permissions via NFS
Bjoern Jacke [Fri, 28 Jun 2019 14:36:43 +0000 (16:36 +0200)]
vfs_nfs4acl_xattr: fix setting of permissions via NFS

via NFS root may not be priviledged user, so we should not call become_root()
here. The normal NFS4 permissions already handle permission modify right, no
need to do more magic things for Samba here.

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agosmbd: Don't store num_read_oplocks in brlock.tdb
Volker Lendecke [Sun, 30 Jun 2019 17:51:13 +0000 (19:51 +0200)]
smbd: Don't store num_read_oplocks in brlock.tdb

This removes a kludgy implementation that worked around a locking
hierarchy problem: Setting a byte range lock had to contend the level2
oplocks, which are stored in locking.tdb/leases.tdb. We could not
access locking.tdb in the brlock.tdb code, as brlock.tdb might have
been locked first without locking.tdb, violating the locking hierarchy
locking.tdb->brlock.tdb. Now that that problem is gone (see the commit
wrapping do_lock() in share_mode_do_locked()), we can remove this
kludge.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agosmbd: Use share_mode's flags in contend_level2_oplocks
Volker Lendecke [Sun, 30 Jun 2019 07:50:46 +0000 (09:50 +0200)]
smbd: Use share_mode's flags in contend_level2_oplocks

Here we traverse the oplocks and leases when breaking read leases. We
find out here whether any of those are still left.

As it's the receivers of the messages that downgrade the database
entries, we might do that more than once. Possible future
optimization?

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agosmbd: Set SHARE_MODE_HAS_READ_LEASE when downgrading an oplock
Volker Lendecke [Sun, 30 Jun 2019 17:57:39 +0000 (19:57 +0200)]
smbd: Set SHARE_MODE_HAS_READ_LEASE when downgrading an oplock

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agosmbd: Set SHARE_MODE_HAS_READ_LEASE when granting a read lease
Volker Lendecke [Sun, 30 Jun 2019 07:15:48 +0000 (09:15 +0200)]
smbd: Set SHARE_MODE_HAS_READ_LEASE when granting a read lease

Lazy update of the flag: Whenever we add a read lease, we have to set
the flag. Nobody except contend_level2_oplocks_begin will remove that
flag again, as this would mean a full lease traverse when removing
one. And contend_level2_oplocks_begin traverses the leases anyway

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agosmbd: Add file_has_read_lease()
Volker Lendecke [Sun, 30 Jun 2019 06:54:20 +0000 (08:54 +0200)]
smbd: Add file_has_read_lease()

This caches share_mode_data->flags in the fsp, cache flush happening
on tdb_seqnum change.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agosmbd: Add flags to the beginning of share_mode_data
Volker Lendecke [Fri, 28 Jun 2019 05:48:45 +0000 (07:48 +0200)]
smbd: Add flags to the beginning of share_mode_data

They are put at the beginning for easy parsing without reading the
full struct. First step to remove the number of read oplocks/leases
from brlock.tdb, where it does not belong.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
6 months agosmbd: Send do_lock() through share_mode_do_locked()
Volker Lendecke [Mon, 1 Jul 2019 13:56:27 +0000 (15:56 +0200)]
smbd: Send do_lock() through share_mode_do_locked()

We need to maintain the locking hierarchy locking.tdb->brlock.tdb at
all times. vfs_fruit directly calls do_lock(), which might fail to
maintain the locking hierarchy: In brlock.c we call
contend_level2_oplocks_begin(), which will soon look at the
locking.tdb record.

For the SMB1 and SMB2 callers we already have the share mode locked,
we might want to watch that record for unlocks. For those callers
share_mode_do_locked() is practically free to call, we share the
underlying db_record.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>