Douglas Bagnall [Tue, 14 Jul 2020 10:31:02 +0000 (22:31 +1200)]
s4/torture/smb2/oplock: fix compilation by initialising variable
With gcc (Ubuntu 9.3.0-10ubuntu2) 9.3.0:
../../source4/torture/smb2/oplock.c:2709:2: error: variable 'h2' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized]
torture_assert_ntstatus_ok_goto(tctx, status, ret, done, "Incorrect status");
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../lib/torture/torture.h:734:3: note: expanded from macro 'torture_assert_ntstatus_ok_goto'
torture_assert_ntstatus_equal_goto(torture_ctx,expr,NT_STATUS_OK,ret,label,cmt)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../lib/torture/torture.h:302:6: note: expanded from macro 'torture_assert_ntstatus_equal_goto'
if (!NT_STATUS_EQUAL(__got, __expected)) { \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../source4/torture/smb2/oplock.c:2730:25: note: uninitialized use occurs here
smb2_util_close(tree1, h2);
^~
../../source4/torture/smb2/oplock.c:2709:2: note: remove the 'if' if its condition is always false
torture_assert_ntstatus_ok_goto(tctx, status, ret, done, "Incorrect status");
^
../../lib/torture/torture.h:734:3: note: expanded from macro 'torture_assert_ntstatus_ok_goto'
torture_assert_ntstatus_equal_goto(torture_ctx,expr,NT_STATUS_OK,ret,label,cmt)
^
../../lib/torture/torture.h:302:2: note: expanded from macro 'torture_assert_ntstatus_equal_goto'
if (!NT_STATUS_EQUAL(__got, __expected)) { \
^
../../source4/torture/smb2/oplock.c:2652:2: note: variable 'h2' is declared here
struct smb2_handle h, h1, h2;
^
1 error generated.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Thu, 16 Jul 2020 22:47:04 +0000 (15:47 -0700)]
s3: libsmb: Namecache. Fix bug missed by me in previous cleanup.
In ipstr_list_make() we need to look at the correct array entry
to determine the ss_family for the sockaddr_storage.
Otherwise we are always storing the type of the first entry.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jul 17 05:54:31 UTC 2020 on sn-devel-184
Isaac Boukris [Tue, 14 Jul 2020 20:38:06 +0000 (22:38 +0200)]
s3-libads: Pass timeout to open_socket_out in ms
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13124
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 16 10:41:40 UTC 2020 on sn-devel-184
Jeremy Allison [Wed, 15 Jul 2020 22:02:02 +0000 (15:02 -0700)]
s3: libsmb: Cleanup - Make ipstr_list_make() talloc rather than malloc.
Remove the excessive and unneeded ipstr_list_add() function,
fold it into ipstr_list_make() to make it much clearer what
we're doing.
The only use of MALLOC now is in ipstr_list_parse() returned
by namecache_fetch(). We need to fix the caller before
we can move that to talloc. As that is used inside internal_resolve_name()
which is designed to return a MALLOC'ed ip list from all
name resolution mechanisms leave that fix for another day.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jul 16 08:16:31 UTC 2020 on sn-devel-184
Jeremy Allison [Wed, 15 Jul 2020 21:41:45 +0000 (14:41 -0700)]
s3: libsmb: Cleanup - Move DEBUG -> DBG_XXX() macros.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 15 Jul 2020 21:38:23 +0000 (14:38 -0700)]
s3: libsmb: Cleanup - make namecache_status_record_key() use talloc.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 15 Jul 2020 20:37:59 +0000 (13:37 -0700)]
s3: libsmb: Cleanup - make namecache_key() use talloc.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 15 Jul 2020 20:33:27 +0000 (13:33 -0700)]
s3: libsmb: Cleanup - namecache_store() - use common out.
Prepare for moving malloc values to talloc.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 15 Jul 2020 20:31:38 +0000 (13:31 -0700)]
s3: libsmb: Cleanup - namecache_store() initialize stack variables.
Preparing for common out: exit.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 15 Jul 2020 20:28:33 +0000 (13:28 -0700)]
s3: libsmb: Cleanup - move talloc frame out of inner scope.
Make it available thoughout the function. Prepare to use
talloc for namecache_key().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 15 Jul 2020 19:12:23 +0000 (12:12 -0700)]
s3: libsmb: Cleanup modern coding standards. 'True/False' -> 'true/false'.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 15 Jul 2020 18:58:45 +0000 (11:58 -0700)]
s3: lib: Cleanup - make ipstr_list_make() and ipstr_list_parse() private to the only user.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 15 Jul 2020 18:48:30 +0000 (11:48 -0700)]
s3: lib: Cleanup - nothing uses ipstr_list_free(). Remove it.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 15 Jul 2020 18:43:03 +0000 (11:43 -0700)]
s3: lib: Cleanup - all the ipstr_XXX() functions are only used in namecache.c.
Move them there. Will remove from the global namespace next.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Martin Schwenke [Wed, 3 Jun 2020 23:59:59 +0000 (09:59 +1000)]
ctdb-tools: Improve onnode's ShellCheck credibility
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Jul 16 06:51:47 UTC 2020 on sn-devel-184
Martin Schwenke [Wed, 3 Jun 2020 23:58:41 +0000 (09:58 +1000)]
ctdb-tools: Allow onnode -P to respect ONNODE_SSH
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 3 Jun 2020 23:48:03 +0000 (09:48 +1000)]
ctdb-tools: Whitespace fixups
Drop some unnecessary whitespace and re-indent push().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 3 Jun 2020 23:45:26 +0000 (09:45 +1000)]
ctdb-tools: Drop undocumented ONNODE_SSH_OPTS variable
Options can be set in ONNODE_SSH, so this variable is unnecessary.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 7 May 2020 07:14:34 +0000 (17:14 +1000)]
util: Fix a signed/unsigned comparison
[107/390] Compiling lib/util/time.c
../../../lib/util/time.c: In function ‘timespec_string_buf’:
../../../lib/util/time.c:416:10: warning: comparison of integer expressions of different signedness: ‘size_t’ {aka ‘long unsigned int’} and ‘int’ [-Wsign-compare]
416 | if (len == -1) {
| ^~
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jul 16 04:00:52 UTC 2020 on sn-devel-184
Martin Schwenke [Thu, 7 May 2020 06:57:07 +0000 (16:57 +1000)]
tdb: Fix some signed/unsigned comparisons
[207/389] Compiling lib/tdb/tools/tdbdump.c
../../../lib/tdb/tools/tdbrestore.c: In function ‘read_linehead’:
../../../lib/tdb/tools/tdbrestore.c:43:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare]
43 | for (i=0; i<sizeof(prefix); i++) {
| ^
../../../lib/tdb/tools/tdbrestore.c: In function ‘read_data’:
../../../lib/tdb/tools/tdbrestore.c:95:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘size_t’ {aka ‘long unsigned int’} [-Wsign-compare]
95 | for (i=0; i<size; i++) {
| ^
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Christof Schmitt [Tue, 23 Jun 2020 18:55:05 +0000 (11:55 -0700)]
smbd: Remove code inside #ifdef HAVE_BROKEN_READDIR_NAME
This is dead code, the define is never set.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Christof Schmitt [Tue, 23 Jun 2020 18:51:41 +0000 (11:51 -0700)]
lib/util: Remove code inside #ifdef HAVE_BROKEN_READDIR_NAME
This is dead code, the define is never set.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Christof Schmitt [Tue, 23 Jun 2020 18:49:46 +0000 (11:49 -0700)]
lib/util: Remove code inside #ifdef NEXT2
This is dead code, the define is never set.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Christof Schmitt [Tue, 23 Jun 2020 18:48:53 +0000 (11:48 -0700)]
s4:client: Remove code inside #ifdef NEXT2
This is dead code, the define is never set.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Christof Schmitt [Tue, 23 Jun 2020 18:46:38 +0000 (11:46 -0700)]
smbd: Remove code inside #ifdef NEXT2
This is dead code, the define is never set.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Mon, 6 Jul 2020 14:51:05 +0000 (16:51 +0200)]
s3:smbd: stop accepting multichannel connections early in exit_server_common()
This is just a step in the correct direction, but there's still a
possible race...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14433
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jul 14 14:59:19 UTC 2020 on sn-devel-184
Stefan Metzmacher [Mon, 6 Jul 2020 14:42:46 +0000 (16:42 +0200)]
s3:smbd: move exit_firsttime checking to the start of exit_server_common()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14433
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Sat, 4 Jul 2020 09:50:14 +0000 (11:50 +0200)]
s4:torture/smb2: make smb2.durable-v2-delay tests more robust
We should not crash when the test fails, so we use a 2nd independent
connection to unlink the file at the end.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 3 Jul 2020 08:09:16 +0000 (10:09 +0200)]
s4:torture/smb2: split replay_smb3_specification into durable handle and multichannel
It's better to have durable handles and multichannel tested separate:
1. we test both cases in the server
2. it makes it easier to deal with knownfail entries if only one
of these features is active on the server.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Jeremy Allison [Mon, 13 Jul 2020 17:08:47 +0000 (10:08 -0700)]
s3: lib: Fix missing TALLOC_FREE in error code path.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14441
Reported by Alexander Pyhalov <apyhalov@gmail.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul 14 07:42:54 UTC 2020 on sn-devel-184
Isaac Boukris [Sat, 11 Jul 2020 03:04:59 +0000 (05:04 +0200)]
net: ignore possible SIGPIPE upon ldap_unbind when over TLS
From local tests with strace:
socket(AF_UNIX, SOCK_STREAM, 0) = 12
write(2, "Connecting to 10.53.57.21 at por"..., 38) = 38
...
write(2, "ads_domain_func_level: 3\n", 25) = 25
write(12, "\27\3\3\0\37\0\0\0\0\0\0\0\16nl[\374\375i\325\334\25\227kxG@\326\311R\225x"..., 36) = 36
write(12, "\25\3\3\0\32\0\0\0\0\0\0\0\17Hh\304\254\244\17\342<\334\210L&\20_\177\307\232P", 31) = -1 EPIPE (Broken pipe)
--- SIGPIPE {si_signo=SIGPIPE, si_code=SI_USER, si_pid=12089, si_uid=1000} ---
+++ killed by SIGPIPE +++
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Mon Jul 13 12:06:07 UTC 2020 on sn-devel-184
Isaac Boukris [Thu, 2 Jul 2020 07:33:12 +0000 (09:33 +0200)]
ads: set sasl-wrapping to plain when over TLS
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Isaac Boukris [Thu, 2 Jul 2020 08:59:18 +0000 (10:59 +0200)]
Fix ads_set_sasl_wrap_flags to only change sasl flags
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Isaac Boukris [Wed, 24 Jun 2020 12:28:45 +0000 (15:28 +0300)]
Decouple ldap-ssl-ads from ldap-ssl option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Isaac Boukris [Mon, 29 Jun 2020 13:55:33 +0000 (16:55 +0300)]
selftest: add tests for net-ads over TLS
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Thu, 9 Jul 2020 09:48:26 +0000 (11:48 +0200)]
docs: Fix documentation for require_membership_of of pam_winbind
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14358
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jul 10 09:40:37 UTC 2020 on sn-devel-184
Volker Lendecke [Wed, 8 Jul 2020 13:09:45 +0000 (15:09 +0200)]
winbind: Fix lookuprids cache problem
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jul 9 21:40:52 UTC 2020 on sn-devel-184
Volker Lendecke [Wed, 8 Jul 2020 13:00:49 +0000 (15:00 +0200)]
winbind: Add test for lookuprids cache problem
When reading entries from gencache, wb_cache_rids_to_names() can
return STATUS_SOME_UNMAPPED, which _wbint_LookupRids() does not handle
correctly.
This test enforces this situation by filling gencache with one wbinfo
-R and then erasing the winbindd_cache.tdb. This forces winbind to
enter the domain helper process, which will then read from gencache
filled with the previous wbinfo -R.
Without having the entries cached this does not happen because
wb_cache_rids_to_names() via the do_query: path calls deep inside
calls dcerpc_lsa_lookup_sids_noalloc(), which hides the
STATUS_SOME_UNMAPPED that came in as lsa_LookupSids result value.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 7 Jul 2020 06:50:31 +0000 (08:50 +0200)]
torture3: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 7 Jul 2020 06:48:58 +0000 (08:48 +0200)]
torture3: Silence two signed/unsigned warnings
A longer fix would be to change the callbacks to use "int" instead of
"unsigned". Arguably that might be cleaner, but as this is torture
code I opted for the minimum necessary change.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 23 Jun 2020 17:09:28 +0000 (19:09 +0200)]
libcli/ldap: Fix decoding struct ldap_ExtendedResponse
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 23 Jun 2020 17:14:37 +0000 (19:14 +0200)]
libcli/ldap: Test decoding an exop response
ldap-starttls-response.dat is a reply to a starttls extended
operation. Right now ldap_decode() does not handle this correctly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Thu, 9 Jul 2020 04:48:47 +0000 (06:48 +0200)]
WHATSNEW: Start release notes for Samba 4.14.0pre1.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Jul 9 08:43:25 UTC 2020 on sn-devel-184
Karolin Seeger [Thu, 9 Jul 2020 04:46:58 +0000 (06:46 +0200)]
VERSION: Bump version to 4.14.0pre1...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 9 Jul 2020 04:44:53 +0000 (06:44 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.13.0rc1 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Wed, 8 Jul 2020 11:36:43 +0000 (13:36 +0200)]
WHATSNEW: Add release notes for Samba 4.13.0rc1.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Stefan Metzmacher [Thu, 25 Jun 2020 13:32:11 +0000 (15:32 +0200)]
s3:smbd: skip ctdb public ips in fsctl_network_iface_info()
Multi-Channel clients should not connect to ctdb public ip addresses
(which move between nodes).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 8 17:16:40 UTC 2020 on sn-devel-184
Stefan Metzmacher [Thu, 25 Jun 2020 13:59:42 +0000 (15:59 +0200)]
s3:smbd: disconnect the all client connections if a ctdb public ip dropped
For now we keep it simple and any disconnect on a connection that
used a ctdb public address, will disconnect all other remaining
connections.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 3 Jul 2020 08:08:08 +0000 (10:08 +0200)]
s3:smbd: make smbXsrv_client_connection_pass_loop() more robust
Don't leak fds in the error paths.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 3 Jul 2020 07:55:57 +0000 (09:55 +0200)]
s3:smbd: make sure smbXsrv_connection_disconnect_transport() closes the socket fd
I assumed that TALLOC_FREE(xconn->transport.fde) would close the socket,
but until now we didn't use tevent_fd_set_auto_close().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 1 Jul 2020 16:02:16 +0000 (18:02 +0200)]
s3:smbd: make sure we detect stale smbXsrv_connection pointers in smbXsrv_session_auth0
Pointer values can be reused (yes, I hit that during my testing!).
Introduce a channel_id to identify connections and also add
some timestamps to make debugging easier.
This makes smbXsrv_session_find_auth() much more robust.
This is a similar change as
0cec96526bf4d3209caf36c4a19632ff5d5dd112:
"smb2_server: make sure we detect stale smbXsrv_connection pointers in smbXsrv_channel_global"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 25 Jun 2020 20:45:07 +0000 (22:45 +0200)]
s3:smbd: fill in xconn->client early in smbd_add_connection()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 25 Jun 2020 20:43:47 +0000 (22:43 +0200)]
s3:smbd: handle NETWORK_ACCESS_DENIED in smbXsrv_client_connection_pass_loop()
smbd_add_connection() may return a valid connection together with
NT_STATUS_NETWORK_ACCESS_DENIED.
We need additional cleanup for that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 25 Jun 2020 20:42:18 +0000 (22:42 +0200)]
s3:smbd: consistently use DLIST_ADD* to fill client->connections in smbd_add_connection()
We should not just overwrite the client->connections pointer if we
reject the connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 25 Jun 2020 13:14:04 +0000 (15:14 +0200)]
s3:ctdbd_conn: add ctdbd_control_get_public_ips() and ctdbd_find_in_public_ips()
These will be used in the multi channel code in order to handle
public ip addresses, which can move arround ctdb nodes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 25 Jun 2020 13:11:44 +0000 (15:11 +0200)]
s3:ctdbd_conn: make use of samba_sockaddr in ctdbd_connect()
This avoids compiler warnings like this:
dereferencing type-punned pointer might break strict-aliasing rules [-Wstrict-aliasing]
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 25 Jun 2020 12:00:27 +0000 (14:00 +0200)]
s3:ctdbd_conn: make use of ctdbd_control_local() in ctdbd_register_ips()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 23 Jun 2020 13:56:34 +0000 (15:56 +0200)]
selftest/Samba3: make use of 'smbd:FSCTL_SMBTORTURE = yes'
This makes sure the lease/oplock break retry logic based on
missing TCP acks is tested.
We're still not able to run multichannel tests automatically,
as socket wrapper doesn't support fd-passing yet.
But this testing this with single channels is a good start.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 8 Jun 2020 14:33:45 +0000 (16:33 +0200)]
s3:smbd: implement FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
This will be used by smbtorture in order to simulate channel failures
without relying on iptables.
'smbd:FSCTL_SMBTORTURE = yes' is required in order to active this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 5 Jun 2020 20:11:26 +0000 (22:11 +0200)]
s3:smbd: make use of the new ack infrastructure for oplock/lease breaks
This finally implements the retry of failed oplock/lease breaks.
Before smbd_smb2_break_send/recv completed directly after
sendmsg() passed the pdu to the kernel.
Now the completion is (at least) deferred until the
the next smbXsrv_connection_ack_checker() run happens
and smbd_smb2_send_queue_ack_bytes() found that
all bytes of the break notification left the kernel
send queue (and were TCP acked).
If the connection is disconnected all pending break
notifications are completed with an error, which is
then returned by smbd_smb2_break_recv().
smbXsrv_pending_break_submit() will then submit
another break notification via the next available
connection/channel.
The smbXsrv_connection_ack_checker() runs each
rto_usecs (between 0.2s and 1.0s). smbd_smb2_break_send()
will set a timeout of 6*rto_usecs (between 1.2s and 6s).
If smbXsrv_connection_ack_checker() detects via
smbd_smb2_send_queue_ack_bytes() that a pending break
notification is pending for more than its timeout
we'll disconnect the connection with NT_STATUS_IO_TIMEOUT.
This will be handled as any other disconnect and
will in turn also trigger the retry on the next channel.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 8 Jun 2020 10:23:47 +0000 (12:23 +0200)]
s3:smbd: force multi-channel to be turned off without FreeBSD/Linux support
For now it's safer to disable multi-channel without having support
for TIOCOUTQ/FIONWRITE on tcp sockets.
Using a fixed retransmission timeout (rto) of 1 second would be ok,
but we better require kernel support for requesting for unacked bytes
in the kernel send queue.
"force:server multi channel support = yes" can be used to overwrite
the compile time restriction (mainly for testing).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 3 Jun 2020 08:57:59 +0000 (10:57 +0200)]
s3:smbd: add infrastructure to wait for TCP acks
This will be the core of the logic that allows
us to retry break notifications.
When we start the "pending break cycle" we ask for
the current retransmission timemout (rto) on the TCP connection
and remember how many unacked bytes are in the kernel's
send queue. Each time we send bytes into the kernel
we add them to the unacked bytes.
We use a timer using the rto interval in order
to check the amount of unacked bytes again.
The provides send_queu_entry.ack.req will be completed
with tevent_req_done() when everything is completely acked,
tevent_req_nterror(NT_STATUS_IO_TIMEOUT) when
send_queu_entry.ack.timeout is expired or
tevent_req_nterror(connection_error) when the connection
gets disconnected.
It works with support from the FreeBSD and Linux kernels.
For other platforms we just have a fixed rto of 1 second.
And pretend all bytes are acked when we recheck after 1 second.
So only a connection error could trigger tevent_req_nterror(),
but there's no timeout. A follow up commit will most likely
disable support for multi-channel if we don't have kernel support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 2 Jun 2020 16:05:39 +0000 (18:05 +0200)]
s3:smbd: add logic to retry break notifications on all available channels
For leases we need to use any available connection with the same
client_guid. That means all connections in the client->connections list.
We try the oldest connection first, as that's what windows is doing.
For oplocks we implement the same as that's what the specification
says. Windows behaves different and we have
'smb2 disable oplock break retry = yes' in order to behave like Windows.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 23 Jun 2020 15:39:10 +0000 (17:39 +0200)]
docs-xml/smbdotconf: add "smb2 disable oplock break retry"
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 2 Jun 2020 16:05:39 +0000 (18:05 +0200)]
s3:smbd: convert smbd_smb2_send_break() into async smbd_smb2_break_send/recv()
This will make it possible to detect errors in order to retry sending
the break on another connection.
For now we always report NT_STATUS_OK, when we delivered the break
notification to the kernel send queue. But that will change in
the following commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 5 Jun 2020 18:14:10 +0000 (20:14 +0200)]
s3:smbd: add smbd_smb2_send_queue.sendfile_body_size
The following patches require the size of the full sendfile() pdu.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 2 Jun 2020 15:13:22 +0000 (17:13 +0200)]
s3:smbd: introduce smbXsrv_pending_break infrastructure
This prepares support for oplock/lease break replay from
the server to the client.
We need some state in order to do replays later.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 8 Jul 2020 08:15:56 +0000 (10:15 +0200)]
s3:smbd: avoid dereferencing client->connections
There're typically better ways to get the same information.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 8 Jul 2020 11:59:26 +0000 (13:59 +0200)]
s3:smbd: setup client->global->client_guid even without multichannel support
It's too confusing if client->global->client_guid and
client->connections->smb2.client.guid don't have the same value.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 2 Jun 2020 14:50:22 +0000 (16:50 +0200)]
s3:smbd: pass down smbXsrv_client to smbd_smb2_send_{oplock,lease}_break()
Which connection is actually used should not matter to the main logic.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 2 Jun 2020 14:33:23 +0000 (16:33 +0200)]
s3:smbd: pass smbXsrv_client to downgrade_lease()
This prepares for multichannel support, where breaks are not bound
to a single connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 2 Jun 2020 14:43:43 +0000 (16:43 +0200)]
s3:smbd: add smbd_server_disconnect_client[_ex]()
With multichannel things may not happen only on one connection.
We may need to disconnect all connections of a client, when something
bad happens.
The first users of this will be the lease/oplock break code,
if they are not able allocate memory or something similar
we need to bail out.
Having a special smbXsrv_client based function is better than
calling exit_server*() directly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 19 May 2020 12:10:21 +0000 (14:10 +0200)]
s3:smbd: remove unused session,tcon parameters from smbd_smb2_send_oplock_break()
They are no longer used. However we'll make use of
op->compat->vuid in the next commits, as the session id should be part
of oplock breaks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 5 Jun 2020 18:12:57 +0000 (20:12 +0200)]
s3:smbd: pass down session_id to smbd_smb2_send_break()
Oplock break should contain a valid session id of the open file handle,
as file handles are relative to a session.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 19 May 2020 11:33:27 +0000 (13:33 +0200)]
s3:smbd: remove dead code from smbd_smb2_send_break()
Starting with commit
0a924d13cf4bb570cce3955cf0de9d8678b37dbe
("smbd: Send SMB2 oplock breaks unencrypted") we always passed in
session=NULL and tcon=NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 8 Jun 2020 13:03:30 +0000 (15:03 +0200)]
s4:torture/smb2: add smb2.multichannel.oplocks.test3{_windows,specification}
This is similar to the smb2.multichannel.leases.test5,
but it tests the oplock case instead of leases.
With Oplocks Windows only sends a single break on the latest channel,
this is not what the spec says...
Maybe we should have a similar test that would expect the
behavior from the [MS-SMB2] (3/4/2020 rev 60.0)
"3.3.4.6 Object Store Indicates an Oplock Break":
...
If the server implements the SMB 3.x dialect family, SMB2 Oplock Break
Notification MUST be sent to the client using the first available
connection in Open.Session.ChannelList where Channel.Connection is not
NULL. If the server fails to send the notification to the client, the
server MUST retry the send using an alternate connection, if available,
in Open.Session.ChannelList.
...
Here I add one test that demonstrates the Windows behavior:
smb2.multichannel.oplocks.test3_windows
and a 2nd test that demonstrates the behavior from MS-SMB2.
smb2.multichannel.oplocks.test3_specification
Note that Windows 10 seems to behave differently and it's not
possible to open all 32 channel used by this test.
Against remote servers it's required to run iptables as root:
#> smbtorture //server/torture -Uu%p \
--option="torture:use_iptables=yes" \
--option="torture:iptables_command=sudo /sbin/iptables" \
smb2.multichannel.oplocks.test3_windows
#> smbtorture //server/torture -Uu%p \
--option="torture:use_iptables=yes" \
--option="torture:iptables_command=sudo /sbin/iptables" \
smb2.multichannel.oplocks.test3_specification
The test will also work against a Samba server
with 'smbd:FSCTL_SMBTORTURE = yes', and won't require iptables
in that case.
Samba will get a "smb2 disable oplock break retry" configuration
option to switch between both behaviors, as it's much more common with Samba
that leases are not supported and clients will fallback to
oplocks together with multichannel.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 8 Jun 2020 13:03:30 +0000 (15:03 +0200)]
s4:torture/smb2: (re-)add smb2.multichannel.leases.test4
This tests 32 channels, which is the maximum Windows Server
versions support. (Note that Windows 10 (a Client OS as SMB server,
seems to support only 20 channels and may differ in other aspects,
so we ignore that for now).
This works at least against Windows Server 2019
and we see lease break notification retries every ~ 1.3 seconds
with ~ 5 TCP retransmissions. At that rate we see the remaining
5 retries after the conflicting SMB2 Create already returned.
Older Windows Server versions use much longer timeouts in the TCP-stack,
they send lease break notification retries less often and only 4 in
total, all other channels get TCP-RST packets because of missing
TCP keepalive packets before they're used.
The intervals between lease break notification retries are
~19 seconds for 2012[_R2] and ~25 seconds for 2016.
It means that only ~2 lease break notifications arrive before
the open returns after ~35 seconds.
Note that Windows 10 seems to behave differently and it's not
possible to open all 32 channel used by this test.
Against remote servers it's required to run iptables as root:
#> smbtorture //server/torture -Uu%p \
--option="torture:use_iptables=yes" \
--option="torture:iptables_command=sudo /sbin/iptables" \
smb2.multichannel.leases.test4
The test will also work against a Samba server
with 'smbd:FSCTL_SMBTORTURE = yes', and won't require iptables
in that case.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 23 Jun 2020 14:01:54 +0000 (16:01 +0200)]
s4:torture/smb2: remove useless 'smb2.multichannel.leases.test4'
Having a test that would only pass against Samba makes things way
to complex, they're already complex and we should try to behave
like windows as much as possible.
The next commit will add a better test that will work against Windows
Servers and the future Samba servers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 23 Jun 2020 10:38:49 +0000 (12:38 +0200)]
s4:torture/smb2: fix smb2.multichannel.leases.test2 against windows
We still receive the break on the blocked channel,
it's only the response ACKs, which we are blocking (or simulate to
block).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 22 Jun 2020 22:09:38 +0000 (00:09 +0200)]
s4:torture/smb2: split smb2.oplock.batch22 into a and b
batch22a tests the timeout on a valid connection
and batch22b tests the timeout on a broken/blocked connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 22 Jun 2020 15:30:28 +0000 (17:30 +0200)]
s4:torture/smb2: move smb2_transport blocking to the generic block.[ch]
We may want to use this in other places too, not only multichannel.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 8 Jun 2020 14:33:45 +0000 (16:33 +0200)]
s4:torture/smb2: make use of FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
This is a way to test without being able to use iptables.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 29 May 2020 16:18:12 +0000 (09:18 -0700)]
s4:torture/smb2: refactor block.c to block the OUTPUT path
In order to create useful tests, we should block the outgoing
tcp packets only. That means we're able to see incoming
break notifications, but prevent outgoing TCP ACKs to be delivered
to the server.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 2 Jun 2020 12:52:07 +0000 (14:52 +0200)]
s4:torture/smb2: add break_info.oplock_skip_ack
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Günther Deschner [Thu, 26 Sep 2019 08:18:04 +0000 (10:18 +0200)]
s4:torture/smb2: move interface_info test to smb2.multichannel.generic
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 1 Jul 2020 16:37:44 +0000 (18:37 +0200)]
s4:torture/smb2: make use of transport_options.only_negprot for multichannel connections
This avoid useless session setups and tree connects on the wire.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Günther Deschner [Thu, 26 Sep 2019 08:18:33 +0000 (10:18 +0200)]
s4:torture/smb2: simplify code to generate list of smb2 channels
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 3 Jul 2020 09:56:19 +0000 (11:56 +0200)]
s4:torture/smb2: add const to options for test_multichannel_create_channel()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 3 Jul 2020 09:54:42 +0000 (11:54 +0200)]
s4:libcli/smb2: add const to struct smbcli_options *options for smb2_connect()
It will just be passed to smb2_connect_ext(), which already takes a
const pointer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 1 Jul 2020 16:27:40 +0000 (18:27 +0200)]
s4:libcli/smb2: allow smb2_connect*() to fake session and tcon
For multichannel connection we want a way to have just a connection
with a negprot finished.
For now we just fake a tcon and session in order to avoid changes in the
caller. We can clean that up later if needed.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 2 Jul 2020 11:25:43 +0000 (13:25 +0200)]
s4:param: use struct initializer in lpcfg_smbcli_session_options()
We should zero all fields not initialiazed explicitly.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 2 Jul 2020 11:25:43 +0000 (13:25 +0200)]
s4:param: use struct initializer in lpcfg_smbcli_options()
We should zero all fields not initialiazed explicitly.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 8 Jun 2020 14:33:45 +0000 (16:33 +0200)]
libcli/smb: define FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
This will be used by smbtorture in order to simulate channel failures
without relying on iptables.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 3 Jun 2020 12:41:12 +0000 (14:41 +0200)]
s3:includes: change OPLOCK_BREAK_TIMEOUT from 30 to 35 seconds
This is what windows is using for normal oplock and lease breaks.
Note that windows uses higher values for persistent handles,
they use 60 seconds for oplocks and 180 seconds for leases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Günther Deschner [Wed, 20 Sep 2017 18:21:49 +0000 (20:21 +0200)]
lib/util: allow to set TCP_USER_TIMEOUT socket option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 14 May 2020 11:32:47 +0000 (13:32 +0200)]
s3:dbwrap_watch: avoid recursion into dbwrap_do_locked() from dbwrap_watched_do_locked_{storev,delete}()
This avoids a lot of overhead!
Using smbtorture3 //foo/bar -U% local-g-lock-ping-pong -o 500000
under valgrind --tool=callgrind...
This change replaces this:
6,877,542,529 PROGRAM TOTALS
590,000,773 lib/tdb/common/lock.c:tdb_lock_list
479,000,608 lib/tdb/common/lock.c:tdb_unlock
446,500,532 lib/tdb/common/io.c:tdb_read
364,000,824 lib/tdb/common/hash.c:tdb_jenkins_hash
285,000,532 lib/tdb/common/io.c:tdb_write
262,054,669 /x86_64/multiarch/memmove-vec-unaligned-erms.S:__memcpy_avx_unaligned_erms
206,500,496 lib/tdb/common/mutex.c:tdb_mutex_lock
193,000,176 lib/tdb/common/tdb.c:tdb_find
160,000,256 lib/talloc/talloc.c:_talloc_get_type_abort
148,500,297 lib/tdb/common/tdb.c:tdb_storev
140,000,196 lib/tdb/common/lock.c:tdb_lock
130,000,858 lib/util/debug.c:debuglevel_get_class
128,003,722 lib/talloc/talloc.c:_talloc_free
128,000,118 lib/tdb/common/tdb.c:tdb_parse_record
126,000,576 lib/tdb/common/lock.c:tdb_brlock.part.3
121,000,272 lib/tdb/common/mutex.c:tdb_mutex_unlock
118,000,225 /nptl/pthread_mutex_lock.c:__pthread_mutex_lock_full
112,750,222 lib/tdb/common/freelist.c:tdb_allocate_from_freelist
108,500,168 lib/tdb/common/io.c:tdb_ofs_read
102,500,000 lib/tdb/common/io.c:tdb_parse_data
by this:
5,706,522,398 PROGRAM TOTALS
434,000,617 lib/tdb/common/lock.c:tdb_lock_list
389,500,494 lib/tdb/common/io.c:tdb_read
359,000,488 lib/tdb/common/lock.c:tdb_unlock
285,000,532 lib/tdb/common/io.c:tdb_write
237,554,655 /x86_64/multiarch/memmove-vec-unaligned-erms.S:__memcpy_avx_unaligned_erms
208,000,668 lib/tdb/common/hash.c:tdb_jenkins_hash
206,500,496 lib/tdb/common/mutex.c:tdb_mutex_lock
160,000,256 lib/talloc/talloc.c:_talloc_get_type_abort
148,500,297 lib/tdb/common/tdb.c:tdb_storev
136,000,132 lib/tdb/common/tdb.c:tdb_find
130,000,858 lib/util/debug.c:debuglevel_get_class
126,000,576 lib/tdb/common/lock.c:tdb_brlock.part.3
121,000,272 lib/tdb/common/mutex.c:tdb_mutex_unlock
118,000,225 /nptl/pthread_mutex_lock.c:__pthread_mutex_lock_full
112,750,222 lib/tdb/common/freelist.c:tdb_allocate_from_freelist
112,000,168 lib/tdb/common/lock.c:tdb_lock
94,500,154 lib/tdb/common/io.c:tdb_ofs_read
94,000,188 /nptl/pthread_mutex_unlock.c:__pthread_mutex_unlock_full
86,000,086 lib/dbwrap/dbwrap.c:dbwrap_lock_order_lock
83,000,083 lib/dbwrap/dbwrap_tdb.c:db_tdb_do_locked
time smbtorture3 //foo/bar -U% local-g-lock-ping-pong -o
5000000
gives:
902834 locks/sec
real 0m11,103s
user 0m8,233s
sys 0m2,868s
vs.
1037262 locks/sec
real 0m9,685s
user 0m6,788s
sys 0m2,896s
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jul 8 11:02:39 UTC 2020 on sn-devel-184
Stefan Metzmacher [Tue, 7 Jul 2020 09:49:27 +0000 (11:49 +0200)]
s3:locking: convert share_mode_lock.c to generate_unique_u64()
Instead of a sequence number that gets incremented we just
need a value that's not reused.
The is a similar change like the commit before at the g_lock.c
layer.
I expect a similar performance improvement here, but
I don't know a specific benchmark test to check.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Tue, 19 May 2020 00:58:23 +0000 (02:58 +0200)]
s3:g_lock: avoid very expensive generate_random_buffer() in g_lock_parse()
We don't require a sequence number that is incremented,
we just need a value that's not reused.
We use the new generate_unique_u64(), which is much cheaper!
Using smbtorture3 //foo/bar -U% local-g-lock-ping-pong -o 500000
under valgrind --tool=callgrind...
This change replaces this:
13,129,925,659 PROGRAM TOTALS
4,125,752,958 ???:_nettle_sha256_compress [/usr/lib/x86_64-linux-gnu/libnettle.so.6.4]
1,257,005,866 ???:_nettle_aes_encrypt [/usr/lib/x86_64-linux-gnu/libnettle.so.6.4]
590,000,773 bin/default/../../lib/tdb/common/lock.c:tdb_lock_list
571,503,429 ???:_nettle_aes_set_key [/usr/lib/x86_64-linux-gnu/libnettle.so.6.4]
479,000,608 bin/default/../../lib/tdb/common/lock.c:tdb_unlock
...
by this:
6,877,826,377 PROGRAM TOTALS
590,000,773 bin/default/../../lib/tdb/common/lock.c:tdb_lock_list
479,000,608 bin/default/../../lib/tdb/common/lock.c:tdb_unlock
...
12,500,033 bin/default/../../lib/util/genrand_util.c:generate_unique_u64
...
8,996,970 ???:_nettle_sha256_compress [/usr/lib/x86_64-linux-gnu/libnettle.so.6.4]
time smbtorture3 //foo/bar -U% local-g-lock-ping-pong -o
5000000
gives:
537426 locks/sec
real 0m19,071s
user 0m15,061s
sys 0m3,999s
vs.
900956 locks/sec
real 0m11,155s
user 0m8,293s
sys 0m2,860s
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Tue, 9 Jun 2020 14:19:50 +0000 (16:19 +0200)]
lib/util: add generate_unique_u64() helper function
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Anubhav Rakshit [Sun, 7 Jun 2020 19:09:59 +0000 (00:39 +0530)]
s3:smbcacls: Add support for DFS path
smbcacls does not handle DFS paths correctly. This is beacuse once the
command encounters a path which returns STATUS_PATH_NOT_COVERED, it does
not attempt a GET REFERRAL.
We use cli_resolve_path API to perform a DFS path resolution to solve
the above problem.
Additionally this removes the known fail against smbcacls tests
Signed-off-by: Anubhav Rakshit <anubhav.rakshit@gmail.com>
Reviewed-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 7 23:03:00 UTC 2020 on sn-devel-184