Andreas Schneider [Mon, 12 Aug 2019 14:10:20 +0000 (16:10 +0200)]
lib:util: Fix documentation for random number functions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Alexander Bokovoy [Sat, 10 Aug 2019 08:53:12 +0000 (11:53 +0300)]
smbtorture: extend rpc.lsa to lookup machine over forest-wide LookupNames
Add a simple test to resolve DOMAIN\MACHINE$ via LSA LookupNames3
using LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 level. This level would pass
zero lookup flags to lookup_name().
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Wed Aug 14 13:07:42 UTC 2019 on sn-devel-184
Alexander Bokovoy [Thu, 1 Aug 2019 12:48:58 +0000 (15:48 +0300)]
lookup_name: allow own domain lookup when flags == 0
In 2007, we've added support for multiple lookup levels for LSA
LookupNames family of calls. However, forest-wide lookups, as described
in MS-LSAT 2.2.16, never worked because flags passed to lookup_name()
were always set to zero, expecting at least default lookup on a DC to
apply. lookup_name() was instead treating zero flags as 'skip all
checks'.
Allow at least own domain lookup in case domain name is the same.
This should allow FreeIPA DC to respond to LSA LookupNames3 calls from a
trusted AD DC side.
For the reference, below is a request Windows Server 2016 domain
controller sends to FreeIPA domain controller when attempting to look up
a user from a trusted forest root domain that attemps to login to the
domain controller. Notice the level in the lsa_LookupNames3 call and
resulting flags in lookup_name().
[2019/08/03 07:14:24.156065, 1, pid=23639, effective(
967001000,
967001000), real(
967001000, 0), class=rpc_parse] ../../librpc/ndr/ndr.c:471(ndr_print_function_debug)
lsa_LookupNames3: struct lsa_LookupNames3
in: struct lsa_LookupNames3
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
0000004c-0000-0000-455d-
3018575c0000
num_names : 0x00000001 (1)
names: ARRAY(1)
names: struct lsa_String
length : 0x000a (10)
size : 0x000c (12)
string : *
string : 'XS\ab'
sids : *
sids: struct lsa_TransSidArray3
count : 0x00000000 (0)
sids : NULL
level : LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 (6)
count : *
count : 0x00000000 (0)
lookup_options : LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES (0)
client_revision : LSA_CLIENT_REVISION_2 (2)
[2019/08/03 07:14:24.156189, 6, pid=23639, effective(
967001000,
967001000), real(
967001000, 0), class=rpc_srv] ../../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
Found policy hnd[0] [0000] 00 00 00 00 4C 00 00 00 00 00 00 00 45 5D 30 18 ....L... ....E]0.
[0010] 57 5C 00 00 W\..
[2019/08/03 07:14:24.156228, 4, pid=23639, effective(
967001000,
967001000), real(
967001000, 0)] ../../source3/smbd/sec_ctx.c:215(push_sec_ctx)
push_sec_ctx(
967001000,
967001000) : sec_ctx_stack_ndx = 2
[2019/08/03 07:14:24.156246, 4, pid=23639, effective(
967001000,
967001000), real(
967001000, 0)] ../../source3/smbd/uid.c:552(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2019/08/03 07:14:24.156259, 4, pid=23639, effective(
967001000,
967001000), real(
967001000, 0)] ../../source3/smbd/sec_ctx.c:319(set_sec_ctx_internal)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2019/08/03 07:14:24.156273, 5, pid=23639, effective(
967001000,
967001000), real(
967001000, 0)] ../../libcli/security/security_token.c:53(security_token_debug)
Security token: (NULL)
[2019/08/03 07:14:24.156285, 5, pid=23639, effective(
967001000,
967001000), real(
967001000, 0)] ../../source3/auth/token_util.c:865(debug_unix_user_token)
UNIX token of user 0
Primary group is 0 and contains 0 supplementary groups
[2019/08/03 07:14:24.156311, 5, pid=23639, effective(0, 0), real(0, 0), class=rpc_srv] ../../source3/rpc_server/lsa/srv_lsa_nt.c:244(lookup_lsa_sids)
lookup_lsa_sids: looking up name XS\ab
[2019/08/03 07:14:24.156327, 10, pid=23639, effective(0, 0), real(0, 0)] ../../source3/passdb/lookup_sid.c:112(lookup_name)
lookup_name: XS\ab => domain=[XS], name=[ab]
[2019/08/03 07:14:24.156340, 10, pid=23639, effective(0, 0), real(0, 0)] ../../source3/passdb/lookup_sid.c:114(lookup_name)
lookup_name: flags = 0x00
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Alexander Bokovoy [Thu, 1 Aug 2019 18:08:52 +0000 (21:08 +0300)]
torture/rpc/lsa: allow testing different lookup levels
Convert torture/rpc/lsa LookupNames/LookupSids code to allow testing
different LSA_LOOKUP_NAMES_* levels. Keep existing level 1
(LSA_LOOKUP_NAMES_ALL) for the current set of tests.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Wed, 14 Aug 2019 08:26:59 +0000 (10:26 +0200)]
smbd: Fix CID
1452293 Incorrect expression (NO_EFFECT)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 14 11:48:42 UTC 2019 on sn-devel-184
Martin Schwenke [Thu, 1 Aug 2019 00:58:42 +0000 (10:58 +1000)]
ctdb-daemon: Avoid signed/unsigned comparison by casting
Compiling with -Wsign-compare complains:
1047 | && (call->call_id == CTDB_FETCH_WITH_HEADER_FUNC)) {
| ^~
struct ctdb_call is a protocol element, so we can't simply change it.
Found by csbuild.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Aug 14 10:29:59 UTC 2019 on sn-devel-184
Martin Schwenke [Thu, 1 Aug 2019 00:55:39 +0000 (10:55 +1000)]
ctdb-daemon: Avoid signed/unsigned comparison by declaring as unsigned
Compiling with -Wsign-compare complains:
ctdb/server/ctdb_call.c:831:12: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Wsign-compare]
831 | if (count <= ctdb_db->statistics.hot_keys[0].count) {
| ^~
and
ctdb/server/ctdb_call.c:844:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Wsign-compare]
844 | if (count <= ctdb_db->statistics.hot_keys[i].count) {
| ^~
Found by cs-build.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 1 Aug 2019 00:46:36 +0000 (10:46 +1000)]
ctdb-common: Return value of ctdb_queue_length() should be unsigned
Compiling with -Wsign-compare complains:
ctdb/server/ctdb_daemon.c: scope_hint: In function ‘daemon_queue_send’
ctdb/server/ctdb_daemon.c:259:40: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Wsign-compare]
...
The struct ctdb_queue member out_queue_length is actually uint32_t, so
just return that type.
Found by csbuild.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 26 Jul 2019 01:15:50 +0000 (11:15 +1000)]
ctdb-tests: Use select_test_node() in ctdb setdebug simple test
There is no requirement for IP addresses here.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 26 Jul 2019 01:15:05 +0000 (11:15 +1000)]
ctdb-tests: Add function select_test_node()
Should be used when public IP addresses are not assigned.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 1 Aug 2019 06:16:31 +0000 (16:16 +1000)]
ctdb-tools: Fix usage for "ctdb cattdb"
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 01:52:16 +0000 (11:52 +1000)]
ctdb-tests: Don't print summary on failure if -e option is specified
If there is a failure it will always be the last test run. Don't
obscure this by following it with a summary.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 01:50:21 +0000 (11:50 +1000)]
ctdb-tests: Drop mention of non-existent -s option
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 01:48:13 +0000 (11:48 +1000)]
ctdb-tests: Add -I <count> option for iterating tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 01:19:30 +0000 (11:19 +1000)]
ctdb-tests: Factor out main test loop into run_tests()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 12 Aug 2019 05:13:47 +0000 (15:13 +1000)]
ctdb-tests: Add shellcheck test for some test scripts and includes
These files now pass, so we might as well keep them in good shape.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 13 Aug 2019 00:57:47 +0000 (10:57 +1000)]
ctdb-tests: New variable CTDB_SCRIPTS_TESTS_BIN_DIR
This can be used to find ctdb_run_tests and ctdb_local_daemons.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 13 Aug 2019 00:53:48 +0000 (10:53 +1000)]
ctdb-tests: Rename CTDB_SCRIPTS_TESTS_BINDIR to CTDB_SCRIPTS_TESTS_LIBEXEC_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 12 Aug 2019 12:10:41 +0000 (22:10 +1000)]
ctdb-tests: Simplify test_wrap script
Given other improvements, this is now needlessly complex.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 00:28:52 +0000 (10:28 +1000)]
ctdb-tests: Avoid shellcheck warning SC2045
SC2045 Iterating over ls output is fragile. Use globs.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 00:22:36 +0000 (10:22 +1000)]
ctdb-tests: Avoid shellcheck warning SC2034
SC2034 summary appears unused. Verify use (or export if used externally)
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 00:21:16 +0000 (10:21 +1000)]
ctdb-tests: Avoid shellcheck warning SC2230
SC2230 which is non-standard...
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 00:19:13 +0000 (10:19 +1000)]
ctdb-tests: Avoid shellcheck warning SC2188
SC2188 This redirection doesn't have a command...
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 00:18:08 +0000 (10:18 +1000)]
ctdb-tests: Avoid shellcheck warning SC2155
SC2155 Declare and assign separately to avoid masking return values
The wscript changes require an identical change in local_daemons.sh.
While touching the lines in wscript, escape the backslashes to make
them literal backslashes.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 00:14:22 +0000 (10:14 +1000)]
ctdb-tests: Avoid shellcheck warning SC2004
SC2004 $/${} is unnecessary on arithmetic variables
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 00:12:23 +0000 (10:12 +1000)]
ctdb-tests: Avoid shellcheck warning SC2164
SC2164 Use 'cd ... || exit' or 'cd ... || return' in case cd fails
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 5 Aug 2019 00:09:34 +0000 (10:09 +1000)]
ctdb-tests: Avoid shellcheck warning SC2086
SC2086 Double quote to prevent globbing and word splitting
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 12 Aug 2019 06:11:13 +0000 (16:11 +1000)]
ctdb-tools: Drop 'o' option from getopts command
Commit
90de5e0594b9180226b9a13293afe31f18576b3d remove the processing
for this option but forgot to remove it from the getopts command.
Versions of ShellCheck >= 0.4.7 warn on this, so it is worth fixing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14086
RN: Fix onnode test failure with ShellCheck >= 0.4.7
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Volker Lendecke [Wed, 14 Aug 2019 06:41:03 +0000 (08:41 +0200)]
torture: Fix CID
1452288 Null pointer dereferences (NULL_RETURNS)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 14 08:59:23 UTC 2019 on sn-devel-184
Volker Lendecke [Wed, 14 Aug 2019 06:39:10 +0000 (08:39 +0200)]
lib: CID
1452289: API usage errors (USE_AFTER_FREE)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 14 Aug 2019 06:37:00 +0000 (08:37 +0200)]
smbd: Fix CID
1452290 Null pointer dereferences (REVERSE_INULL)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 14 Aug 2019 06:36:00 +0000 (08:36 +0200)]
smbd: Fix CID
1452291 Null pointer dereferences (NULL_RETURNS)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 14 Aug 2019 06:34:18 +0000 (08:34 +0200)]
librpc: Fix CID
1452292 Null pointer dereferences (REVERSE_INULL)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
David Disseldorp [Mon, 12 Aug 2019 12:35:37 +0000 (14:35 +0200)]
s3/pdb: fix debug message typos
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 13 00:42:09 UTC 2019 on sn-devel-184
David Disseldorp [Mon, 12 Aug 2019 12:32:47 +0000 (14:32 +0200)]
ctdb/doc: fix some double-word typos
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Wed, 31 Jul 2019 13:44:24 +0000 (15:44 +0200)]
libcli:auth: Use generate_secret_buffer() for netlogon challenge
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Aug 12 10:42:35 UTC 2019 on sn-devel-184
Andreas Schneider [Wed, 31 Jul 2019 13:42:26 +0000 (15:42 +0200)]
s4:rpc_server: Use generate_secret_buffer() for netlogon challange
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 31 Jul 2019 13:41:29 +0000 (15:41 +0200)]
s4:rpc_server: Use generate_secret_buffer() for backupkey wap_key
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 31 Jul 2019 13:40:12 +0000 (15:40 +0200)]
s4:rpc_server: Use generate_secret_buffer() to create a session key
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 31 Jul 2019 13:38:50 +0000 (15:38 +0200)]
lib:util: Add better documentation for generate_secret_buffer()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 31 Jul 2019 13:28:34 +0000 (15:28 +0200)]
s3:smbd: Use generate_nonce_buffer() for AES-CCM and AES-GCM nonce
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 31 Jul 2019 13:25:35 +0000 (15:25 +0200)]
libcli:smb: Use generate_nonce_buffer() for AES-CCM and AES-GCM nonce
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 31 Jul 2019 13:16:37 +0000 (15:16 +0200)]
lib:util: Add generate_nonce_buffer()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Fri, 9 Aug 2019 17:32:41 +0000 (10:32 -0700)]
s3: VFS: vfs_snapper: Make setxattr return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Aug 12 01:18:45 UTC 2019 on sn-devel-184
Jeremy Allison [Fri, 9 Aug 2019 17:31:38 +0000 (10:31 -0700)]
s3: VFS: vfs_snapper: Make removexattr return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Fri, 9 Aug 2019 17:30:19 +0000 (10:30 -0700)]
s3: VFS: vfs_snapper: Make chflags return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Fri, 9 Aug 2019 17:29:23 +0000 (10:29 -0700)]
s3: VFS: vfs_snapper: Make rmdir return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Fri, 9 Aug 2019 17:27:25 +0000 (10:27 -0700)]
s3: VFS: vfs_snapper: Make mkdir return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Fri, 9 Aug 2019 17:26:20 +0000 (10:26 -0700)]
s3: VFS: vfs_snapper: Make mknod return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Fri, 9 Aug 2019 17:25:14 +0000 (10:25 -0700)]
s3: VFS: vfs_snapper: Make ntimes return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Fri, 9 Aug 2019 17:24:11 +0000 (10:24 -0700)]
s3: VFS: vfs_snapper: Make chown return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Fri, 9 Aug 2019 17:19:31 +0000 (10:19 -0700)]
s3: VFS: vfs_snapper: Make chmod return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Fri, 9 Aug 2019 17:07:04 +0000 (10:07 -0700)]
s3: VFS: vfs_snapper: Make unlink return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Swen Schillig [Mon, 5 Aug 2019 08:58:53 +0000 (10:58 +0200)]
loadparm: fix mem leak found by ASAN
==24948==ERROR: LeakSanitizer: detected memory leaks
Indirect leak of 232 byte(s) in 1 object(s) allocated from:
#0 0x7fc44b971c08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
#1 0x7fc44a2fe7b0 in __talloc_with_prefix ../../lib/talloc/talloc.c:782
#2 0x7fc44a2fe7b0 in __talloc ../../lib/talloc/talloc.c:824
#3 0x7fc44a2fe7b0 in _talloc_named_const ../../lib/talloc/talloc.c:981
#4 0x7fc44a2fe7b0 in _talloc_array ../../lib/talloc/talloc.c:2764
#5 0x7fc44a1239bc in str_list_make_v3 ../../lib/util/util_strlist_v3.c:58
#6 0x7fc44a123e3b in str_list_make_v3_const ../../lib/util/util_strlist_v3.c:127
#7 0x7fc44b14cc1a in init_globals ../../source3/param/loadparm.c:547
#8 0x7fc44b14deef in lp_load_ex ../../source3/param/loadparm.c:3876
#9 0x7fc44b14f97c in lp_load_initial_only ../../source3/param/loadparm.c:4025
#10 0x7fc44b479235 in cmdline_messaging_context ../../source3/lib/cmdline_contexts.c:34
#11 0x557cf59d642c in process_options ../../source3/utils/smbpasswd.c:200
#12 0x557cf59d642c in main ../../source3/utils/smbpasswd.c:633
#13 0x7fc4419f5412 in __libc_start_main (/lib64/libc.so.6+0x24412)
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Aug 10 20:42:39 UTC 2019 on sn-devel-184
Swen Schillig [Mon, 5 Aug 2019 09:15:59 +0000 (11:15 +0200)]
torture: fix mem leak found by ASAN (smb2_scan)
Direct leak of 96 byte(s) in 1 object(s) allocated from:
#0 0x7f63e6938c08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
#1 0x7f63e615fa5c in __talloc_with_prefix ../../lib/talloc/talloc.c:782
#2 0x7f63e615fa5c in __talloc ../../lib/talloc/talloc.c:824
#3 0x7f63e615fa5c in _talloc_named_const ../../lib/talloc/talloc.c:981
#4 0x7f63e615fa5c in talloc_named_const ../../lib/talloc/talloc.c:1748
#5 0x55609e7530cf in torture_smb2_scan ../../source4/torture/smb2/scan.c:203
#6 0x7f63e2a37772 in wrap_simple_test ../../lib/torture/torture.c:633
#7 0x7f63e2a3b75e in internal_torture_run_test ../../lib/torture/torture.c:442
#8 0x7f63e2a3c543 in torture_run_tcase_restricted ../../lib/torture/torture.c:507
#9 0x7f63e2a3cdd5 in torture_run_suite_restricted ../../lib/torture/torture.c:357
#10 0x7f63e2a3cf25 in torture_run_suite_restricted ../../lib/torture/torture.c:362
#11 0x7f63e2a3d434 in torture_run_suite ../../lib/torture/torture.c:339
#12 0x55609e3a154a in run_matching ../../source4/torture/smbtorture.c:93
#13 0x55609e3a2f56 in torture_run_named_tests ../../source4/torture/smbtorture.c:143
#14 0x55609e3a699d in main ../../source4/torture/smbtorture.c:691
#15 0x7f63dad59412 in __libc_start_main (/lib64/libc.so.6+0x24412)
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Swen Schillig [Mon, 5 Aug 2019 09:07:53 +0000 (11:07 +0200)]
torture: fix mem leak found by ASAN
==14507==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 112 byte(s) in 1 object(s) allocated from:
#0 0x7f3c76fe5c08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
#1 0x7f3c7680df33 in __talloc_with_prefix ../../lib/talloc/talloc.c:782
#2 0x7f3c7680df33 in __talloc ../../lib/talloc/talloc.c:824
#3 0x7f3c7680df33 in _talloc_named_const ../../lib/talloc/talloc.c:981
#4 0x7f3c7680df33 in _talloc_zero ../../lib/talloc/talloc.c:2422
#5 0x7f3c7680e2a5 in _talloc_zero_array ../../lib/talloc/talloc.c:2775
#6 0x557a50d4a09f in torture_bench_treeconnect ../../source4/torture/raw/tconrate.c:165
#7 0x7f3c730e4772 in wrap_simple_test ../../lib/torture/torture.c:633
#8 0x7f3c730e875e in internal_torture_run_test ../../lib/torture/torture.c:442
#9 0x7f3c730e9543 in torture_run_tcase_restricted ../../lib/torture/torture.c:507
#10 0x7f3c730e9dd5 in torture_run_suite_restricted ../../lib/torture/torture.c:357
#11 0x7f3c730ea434 in torture_run_suite ../../lib/torture/torture.c:339
#12 0x557a50c1b54a in run_matching ../../source4/torture/smbtorture.c:93
#13 0x557a50c1cf56 in torture_run_named_tests ../../source4/torture/smbtorture.c:143
#14 0x557a50c2099d in main ../../source4/torture/smbtorture.c:691
#15 0x7f3c6b406412 in __libc_start_main (/lib64/libc.so.6+0x24412)
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Swen Schillig [Wed, 31 Jul 2019 08:27:37 +0000 (10:27 +0200)]
ldb: Fix mem-leak if talloc_realloc fails
In case of a failing talloc_realloc(), the only reference
to the originally allocated memory is overwritten.
Instead use a temp var until success is verified.
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 8 Aug 2019 06:18:55 +0000 (08:18 +0200)]
gitlab-ci: Install compat-gnutls34 on CentOS7
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 8 Aug 2019 11:14:45 +0000 (13:14 +0200)]
s3:modules: Link vfs_acl_common against gnutls
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 8 Aug 2019 09:57:02 +0000 (11:57 +0200)]
libcli:smb: Add forward declaration for gnutls_hmac_hd_t
This file is basically included everywhere. So use a forward declaration
for gnutls_hmac_hd_t. This way we don't have to link everthing against
gnutls to get access to the header path.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Wed, 24 Jul 2019 15:39:59 +0000 (17:39 +0200)]
smbd: Simplify fd_open_atomic()
* Assign *file_created on every exit.
* Directly assign curr_flags without &= / |=
Both of these changes make the routine easier to understand for me,
less jumping around in the code to see where the values came from.
* Do the retry in a "positive" if-clause
Normally I'm a big fan of early returns, but this single retry is so
simple that to me it's easier to understand this way.
Overall, 13 lines less code. YMMV :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 10 00:07:28 UTC 2019 on sn-devel-184
Volker Lendecke [Wed, 24 Jul 2019 13:48:50 +0000 (15:48 +0200)]
smbd: FTRUNCATE regular files only
I don't really have a test case, but to me a positive test for a
regular file makes more sense here than just ruling out FIFOs. While
we probably only ever hit regular files (or FIFOs), there might be
more that we catch and don't properly handle.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Aug 2019 20:00:11 +0000 (22:00 +0200)]
smbd: Make "lease" const in SMB_VFS_CREATE_FILE()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Aug 2019 19:41:22 +0000 (21:41 +0200)]
smbd: Make "lease" const in create_file_default()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Aug 2019 19:37:31 +0000 (21:37 +0200)]
smbd: Make "lease" const in create_file_unixpath()
This is the one place where *lease actually got modified. We can
easily make a copy, "struct smb2_lease" is not too large, and this
case is pretty rare anyway.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Aug 2019 19:36:25 +0000 (21:36 +0200)]
smbd: Make "lease_key" const in lease_match()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Aug 2019 19:30:56 +0000 (21:30 +0200)]
smbd: Make "lease" const in open_file_ntcreate()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Aug 2019 19:29:14 +0000 (21:29 +0200)]
smbd: Make "lease" const in grant_fsp_oplock_type()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Aug 2019 19:27:42 +0000 (21:27 +0200)]
smbd: Nobody uses the changed "lease" from grant_fsp_oplock_type
.. except for the DEBUG message
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 8 Aug 2019 22:59:15 +0000 (15:59 -0700)]
s3: VFS: vfs_ceph_snapshots: Make setxattr return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 9 18:08:03 UTC 2019 on sn-devel-184
Jeremy Allison [Thu, 8 Aug 2019 22:58:10 +0000 (15:58 -0700)]
s3: VFS: vfs_ceph_snapshots: Make removexattr return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Thu, 8 Aug 2019 22:56:59 +0000 (15:56 -0700)]
s3: VFS: vfs_ceph_snapshots: Make chflags return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Thu, 8 Aug 2019 22:56:01 +0000 (15:56 -0700)]
s3: VFS: vfs_ceph_snapshots: Make rmdir return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Thu, 8 Aug 2019 22:55:04 +0000 (15:55 -0700)]
s3: VFS: vfs_ceph_snapshots: Make mkdir return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Thu, 8 Aug 2019 22:53:51 +0000 (15:53 -0700)]
s3: VFS: vfs_ceph_snapshots: Make mknod return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Thu, 8 Aug 2019 22:52:14 +0000 (15:52 -0700)]
s3: VFS: vfs_ceph_snapshots: Make ntimes return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Thu, 8 Aug 2019 22:48:54 +0000 (15:48 -0700)]
s3: VFS: vfs_ceph_snapshots: Make chown return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Thu, 8 Aug 2019 22:47:44 +0000 (15:47 -0700)]
s3: VFS: vfs_ceph_snapshots: Make chmod return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jeremy Allison [Thu, 8 Aug 2019 22:45:10 +0000 (15:45 -0700)]
s3: VFS: vfs_ceph_snapshots: Make unlink return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Volker Lendecke [Fri, 9 Aug 2019 06:02:41 +0000 (08:02 +0200)]
mdssvc: Fix the clang build
clang complains about "%lu" not to match size_t on 32-bit FreeBSD
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Aug 9 07:34:05 UTC 2019 on sn-devel-184
Ralph Boehme [Mon, 6 May 2019 12:19:31 +0000 (14:19 +0200)]
s3:mdssvc: fix slrpc_fetch_attributes() when CNID is not known
Samba currenlty fails the whole RPC request, macOS returns returns a nil entry
for the requested CNID:
DALLOC_CTX(#1): {
sl_array_t(#3): {
uint64_t: 0x0000
CNIDs: unkn1: 0xfec, unkn2: 0x6b000020
DALLOC_CTX(#1): {
uint64_t: 0xe4bbf314c03b1e
}
sl_filemeta_t(#1): {
sl_array_t(#2): {
nil
nil
}
}
}
}
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 8 21:43:14 UTC 2019 on sn-devel-184
Ralph Boehme [Mon, 6 May 2019 12:18:27 +0000 (14:18 +0200)]
s3:mdssvc: close mdssvc rpc command must return in handle
Checked against macOS mdssvc.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 6 May 2019 12:14:26 +0000 (14:14 +0200)]
s3:mdssvc: failing the RPC request if the mdssvc policy handle is not found
Turns out macOS mdssvc doesn't fail the RPC request if the policy handle is all
zero. Also, if it fails with a non-all-zero handle, it returns a different RPC
error, namely DCERPC_NCA_S_PROTO_ERROR, not DCERPC_FAULT_CONTEXT_MISMATCH (or
rather their mapped NT_STATUS codes).
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 6 May 2019 12:11:31 +0000 (14:11 +0200)]
s3:mdssvc: the open command must work on shares with Spotlight disabled
Move the implementation of this setting down to the actual search query
processing. macOS has no notion of "spotlight = false" at the DCERPC layer and
the open request will always succeed even on all shares.
When later the client issues search requests on such shares, we ensure we use
the noindex backend.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 16 Apr 2019 17:32:52 +0000 (19:32 +0200)]
s3:mdssvc: use an early return if spotlight is not enabled.
No change in behaviour, best viewed with git show -w.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 17 Apr 2019 05:38:53 +0000 (07:38 +0200)]
s3:mdssvc: update a few debug macros to modern style
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 6 May 2019 12:07:53 +0000 (14:07 +0200)]
s3:mdssvv: don't fail the RPC request if the share name is unknown
Taken from macOS. We have to return an empty share_path and an empty policy
handle, but not fail the RPC request.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 16 Apr 2019 17:25:09 +0000 (19:25 +0200)]
s3:mdssvc: initialize the returned share_path with the empty string
macOS returns the empty path for an unknown share. This paves the way for that
change. Currently we still fail the RPC request if the share is not known with
DCERPC_FAULT_CANT_PERFORM, but this is wrong and is going to be changed in the
next commit.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 16 Apr 2019 17:23:25 +0000 (19:23 +0200)]
s3:mdssvc: macOS returns the client values in the open command
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 16 Apr 2019 17:14:39 +0000 (19:14 +0200)]
s3:mdssvc: macOS returns UINT64_MAX, not 0 for closeQueryForContext mdscmd
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 16 Apr 2019 12:17:11 +0000 (14:17 +0200)]
s3:mdssvc: fix error handling of mdssvc RPC requests
It seems for certain error cases macOS just sends an empty response
blob. So if our mdssvc request processing fails, we should just return an empty
response blob, but not fail the mdssvc request at the DCERPC layer.
Example, passing "xxx" as sharename which does not exist at the server:
$ bin/rpcclient -U slow%pass macmini -c "fetch_attributes xxx /foo/bar 123" -d 10
....
Got pdu len 56, data_len 32
rpc_api_pipe: got frag len of 56 at offset 0: NT_STATUS_OK
rpc_api_pipe: host macmini returned 32 bytes.
mdssvc_cmd: struct mdssvc_cmd
out: struct mdssvc_cmd
fragment : *
fragment : 0x00000000 (0)
response_blob : *
response_blob: struct mdssvc_blob
length : 0x00000000 (0)
size : 0x00010000 (65536)
spotlight_blob : *
spotlight_blob: ARRAY(0)
unkn9 : *
unkn9 : 0x00000000 (0)
...
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 16 Apr 2019 14:54:21 +0000 (16:54 +0200)]
torture: beginning of a mdssvc RPC service test-suite
Yikes! Most tests fail atm.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 8 Mar 2015 06:57:57 +0000 (07:57 +0100)]
rpcclient: add some simple commands for Spotlight RPC
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 16 Nov 2018 15:07:13 +0000 (16:07 +0100)]
rpcclient: domain_sid is only needed for SAMR
This allows using rpcclient commands with servers that don't implement LSA
QueryInfoPolicy.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 16 Apr 2019 14:46:43 +0000 (16:46 +0200)]
lib:torture: add torture_assert_u32_[not_]equal[_goto] macros
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 7 Aug 2019 12:02:12 +0000 (14:02 +0200)]
s3:mdssvc: fix unmarshalling of empty CNID array
len=0 is invalid, len=8 is an empty array, len>8 is an array with members, so
for the len=8 case we must add the empty cnid array.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 3 May 2019 20:52:33 +0000 (22:52 +0200)]
s3:mdssvc: marshalling: fix unpacking empty CNID structure
Pass the correct tag member tag.size to sl_unpack_CNID(), not
tag.length. tag.size is the size actually used in a buffer of size tag.length.
Cf other users of tag.size that already do this correctly, this was only wrong
in this place.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 3 May 2019 20:52:56 +0000 (22:52 +0200)]
s3:mdssvc: marshalling: fix unpacking empty filemeta structure
This is how a correct dump of an empty sl_filemeta_t container should look like:
DALLOC_CTX(#1): {
sl_array_t(#3): {
uint64_t: 0x0023
CNIDs: unkn1: 0x0, unkn2: 0x0
DALLOC_CTX(#0): {
}
sl_filemeta_t(#0): {
}
}
}
This is basically the response from macOS mdssvc for a query that yields no
results: sl_filemeta_t is empty, the CNIDs array as well.
Looking at the raw packet data, the empty sl_filemeta_t container as a size of 8
bytes which fails the following check in sl_unpack_cpx():
case SQ_CPX_TYPE_FILEMETA:
...
if (tag.size < 16) {
*boom*
}
Only tag.size=0 is invalid, tag.size=8 denotes an empty container and tag.size>=16
denotes a sl_filemeta_t container with actual content must be unpacked by
calling sl_unpack(). Note that size is always a muliple of 8.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sat, 4 May 2019 09:10:37 +0000 (11:10 +0200)]
s3:mdssvc: marshalling: add a newline to a DEBUG message
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sat, 4 May 2019 06:53:48 +0000 (08:53 +0200)]
torture: start of a mdssvc packet (un)marshalling testsuite
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>