IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This is the behavior of filename_convert() and
we need to allow it for the legacy SMB1+POSIX libsmbclient
libraries already deployed out there.
When we add SMB2 POSIX we must disallow symlink
traversal over any symlinks, the client must
resolve symlinks locally.
Add a note to show this is where we need to add
an error for SMB2+POSIX names with UCF_POSIX_PATHNAMES
set.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
One less use of filename_convert().
This is the acid test of filename_convert_dirfsp() pathname error
handling.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jul 28 16:34:54 UTC 2022 on sn-devel-184
We need this in order to pass:
samba3.raw.samba3badpath
raw.chkpath
samba3.base.chkpath
Now we can convert all the SMB1 reply_openXXX functions,
and reply_checkpath().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is a subtle one. The dirfsp returned by openat_pathref_dirfsp_nosymlink()
can be used inside open.c and passed to check_parent_access_fsp() to
check if a delete_on_close flag has been set on an existing "real"
open fsp. So the file_id must be correctly set in order for this
to work. Without it, samba3.base.delete fails in deltest20 when
we convert reply_open_and_X() to use filename_convert_dirfsp().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
One less use of filename_convert().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 27 17:49:51 UTC 2022 on sn-devel-184
Without this, if we just return smb_fname_rel->fsp->fsp_name as the smb_fname
then we return something allocated off fsp (which itself is allocated off
the conn struct), not the passed in talloc_ctx.
Do this for both non-stream and stream returns.
This matters for two reasons.
1). If we error out after calling filename_convert_dirfsp()
but before getting to the code inside create_file_unixpath()
that takes ownership of the passed in smb_fname->fsp we will
leak the fsp as the destructor for smb_fname that closes the
fsp will never fire on return to the client, as smb_fname is
owned by smb_fname->fsp, not the talloc_tos() context.
2). Some uses of filename_convert() expect to be able
to TALLOC_FREE the returned smb_fname once they've successfully
called SMB_VFS_CREATE_FILE() as they consider the passed in smb_fname
no longer used. It would be nice to be able to just change
filename_convert() -> filename_convert_dirfsp() without
having to change the lifetime handling of smb_fname.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Instead of just assigning smb_fname->fsp = fsp.
This makes the logic match that of openat_pathref_fullname() and parent_pathref()
when returning smb_fnames with associated pathref fsp's.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Fixes the raw.write.bad-write test.
NB. We need the two (==0) changes in source3/smbd/smb2_reply.c
as the gcc optimizer now knows that the return from
smbreq_bufrem() can never be less than zero.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15085
Remove knownfail.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Jule Anger <janger@samba.org>
Autobuild-Date(master): Wed Jul 27 11:46:46 UTC 2022 on sn-devel-184
This will become important in the following commits when the
dbwrap_watch layer will only wake up one watcher at a time
and each woken watcher will wakeup the next one.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15125
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This makes sure we cleanup the locked record in all cases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15125
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This will become important in the following commits when the
dbwrap_watch layer will only wake up one watcher at a time
and each woken watcher will wakeup the next one.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15125
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The destructor triggered by dbwrap_watched_watch_recv() will
remove the watcher instance via a dedicated dbwrap_do_locked(),
just calling dbwrap_watched_watch_remove_instance() inside.
But the typical caller triggers a dbwrap_do_locked() again after
dbwrap_watched_watch_recv() returned. Which means we call
dbwrap_do_locked() twice.
We now allow dbwrap_watched_watch_recv() to return the existing
instance id (if it still exists) and removes the destructor.
That way the caller can pass the given instance id to
dbwrap_watched_watch_remove_instance() from within its own dbwrap_do_locked(),
when it decides to leave the queue, because it's happy with the new
state of the record. In order to get the best performance
dbwrap_watched_watch_remove_instance() should be called before any
dbwrap_record_storev() or dbwrap_record_delete(),
because that will only trigger a single low level storev/delete.
If the caller found out that the state of the record doesn't meet the
expectations and the callers wants to continue watching the
record (from its current position, most likely the first one),
dbwrap_watched_watch_remove_instance() can be skipped and the
instance id can be passed to dbwrap_watched_watch_send() again,
in order to resume waiting on the existing instance.
Currently the watcher instance were always removed (most likely from
the first position) and re-added (to the last position), which may
cause unfair latencies.
In order to improve the overhead of adding a new watcher instance
the caller can call dbwrap_watched_watch_add_instance() before
any dbwrap_record_storev() or dbwrap_record_delete(), which
will only result in a single low level storev/delete.
The returned instance id is then passed to dbwrap_watched_watch_send(),
within the same dbwrap_do_locked() run.
It also adds a way to avoid alerting any callers during
the current dbwrap_do_locked() run.
Layers above may only want to wake up watchers
during specific situations and while it's useless to wake
others in other situations.
This will soon be used to add more fairness to the g_lock code.
Note that this commit only prepares the api for the above to be useful,
the instance returned by dbwrap_watched_watch_recv() is most likely 0,
which means the watcher entry was already removed, but that will change
in the following commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15125
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
commit 8e3798dd22276bc1ac8e96004d0e5e974240a7b9 actually came with a
change in behavior..., as SMB_VFS_GET_NT_ACL_AT() (at the time) and
now SMB_VFS_FGET_NT_ACL() is always called even if it's not needed.
E.g. access by root.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 26 00:31:29 UTC 2022 on sn-devel-184
This converts filename_convert_dirfsp to do symlink evaluation in user
space. It uses openat_pathref_dirfsp_nosymlink() to open the dirpath
and looks at the proper NT_STATUS_STOPPED_ON_SYMLINK response. Using
this avoids filename_convert() and thus unix_convert() completely for
the SMB2_CREATE case.
The tests
samba3.blackbox.smbclient_s3.NT1.plain.Recursive ls across MS-DFS links
now correctly stop the symlink lookup recursion with
NT_STATUS_OBJECT_PATH_NOT_FOUND. Previously we did not correcly pass up the
ELOOP coming back from the stat-call.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Jul 25 12:56:08 UTC 2022 on sn-devel-184
Next we want to avoid filename_convert() to take care of this. The
SMB2 code has a proper TWRP token anyway, so let's push the
@GMT-handling to the SMB1 code that will be converted to
filename_convert_dirfsp().
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This does a step-by-step path resolution for a directory by splitting
up the path into individual components and does a loop like that
for component in components:
fd = openat(dirfd, component, O_NOFOLLOW);
close(dirfd);
dirfd = fd
and it will report any symlink it finds in a way that will be
indirectly consumable for the smb2 symlink error response.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We'll use this in files.c, which creates a bit of a cyclic
dependency. But files.c has all the lowlevel fsp handling, and we'll
add another routine there next which needs get_real_filename_at()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Before this patch we asserted that if we have a base_fsp then
smb_fname must have a stream name attached. Now we also assert that if
we don't have a base_fsp smb_fname is not a stream.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The main point of this function was to avoid fd_openat() and thus the
expensive non_widelink_open(). Now that fd_openat() has the direct
SMB_VFS_OPENAT() fast-path for streams, we can avoid duplicating the
logic in open_stream_pathref_fsp() again.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Rename it to openat_pathref_fullname(), it will be used for stream
open next
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Would not have hurt either, but this makes the next patch easier to
verify properly
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Remove the implicit recursion
openat_pathref_fsp->openat_pathref_base_fsp->openat_pathref_fsp
by introducing openat_pathref_nostream() and use
open_stream_pathref_fsp() where possible. openat_pathref_nostream()
will change its name in further refactoring patches, but for
understanding this patch I think this name is good :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Now that non_widelink_open() does not see streams opens, we don't need
to take care of fsp->base_fsp anymore.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The main optimization is to avoid non_widelink_open() for streams
opens based on the fact that all streams opens are relative to
fsp->base_fsp, which is a pathref fsp already.
Neither streams_xattr nor streams_depot referenced dirfsp for the
streams case. Make this more obvious in the callers by passing NULL
and asserting this: non-streams opens and streams opens are just
different things, streams-opens can and do reference a base fsp and
don't need the non_widelink_open logic.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
For the current callers this does not make a difference, they have
already allocated *_smb_fname as a talloc child of fsp, but the next
patches will add one where it does.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The type of a fsp should never change, but if this call to
vfs_stat_fsp() is the very first one on this fsp, we must update this
flag.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
All we need to do is to convert the @GMT-Token and move the
rest. Before this patch we did a lot of talloc to move the @GMT token
to the beginning of the path only to cut it off immediately
again. Merge that logic into a simple memmove()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
"::$DATA" is the main file, we don't need the overhead of base_fsp here.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We open "." fixed here, and fd_openat (or rather SMB_VFS_OPENAT) will
tell us if "dirfsp" does not point at a proper directory
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
During gpfs_connect for default share of IPC$ not setting the handle data but during the vfs_gpfs_capabilities
for the default share IPC$ the get handle data was called and observing error log failed to get vfs_handle->data!
so to bypass this error log the condition check if IS_IPC share is added in make_connection_snum while calling SMB_VFS_FS_CAPABILITIES
Signed-off-by:Dinesh <dinesh.kumar.reddy@ibm.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 22 05:27:53 UTC 2022 on sn-devel-184
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Björn Baumbach <bb@sernet.de>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Jul 9 09:04:46 UTC 2022 on sn-devel-184
Originally I added the assert here as we can't return the error being in a
talloc destructor. But OEMs prefer error log messages over crashes.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jul 8 09:04:28 UTC 2022 on sn-devel-184
Tree-wide spellcheck for some common misspellings.
source3/utils/status.c has misspelled local variable (unkown_dialect).
"missmatch" is a known historical misspelling, only the incorrect
misspellings are fixed.
source3/locale/net/de.po has the spelling error (unkown) in two msgids -
it probably should be updated with current source.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This partly reverts commit edda7a329e5bed442418de9782cec9f567092aae.
Revert the chunks related to netgroups and skip NIS support related ones.
Use getdomainname() from glibc instead of yp_get_default_domain() from
libnsl to get the NIS domain name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15087
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14443
Signed-off-by: Robert Sprowson <webpages@sprow.co.uk>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 8 19:50:08 UTC 2022 on sn-devel-184
