IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
To test the CRC32 I reverted the unkeyed-checksum fix (43958af1)
and the weak-crypto fix (389d1b97). Note that the unkeyed-md5
still worked even with weak-crypto disabled, and that the
unkeyed-sha1 never worked but I left it anyway.
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 15 12:25:40 UTC 2020 on sn-devel-184
This reverts commit 5639e973c1.
This is no longer needed as the next commit includes a Python
test for this, without the complexity of being inside krb5.kdc.canon.
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This reverts commit 151f8c0f31.
This allows a clean revert (and so removal) of the test.
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This reverts commit a53fa8ffe3.
This allows a clean revert (and so removal) of the test.
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We have wait until all pending requests are done before we can
TALLOC_FREE() the connection structure.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri May 15 10:26:29 UTC 2020 on sn-devel-184
This removes the connection references from the session channel
array for each session that's used on the connection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
It's good to remember the first error we got and makes sure we don't try
any further io on the connection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This is useful for debugging, but also simplies the following changes,
where client->connections may hold disconnected connections until
all pending requests are finished.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
If the connection is broken mark it as invalid and close
the socket.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
It's good to have an isolated function that just disconnects the
lower layer transport and remembers the first error status.
This will be used in more placed in the following commits.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Pointer values can be reused (yes, I hit that during my testing!).
Introduce a channel_id to identify connections and also add
some timestamps to make debugging easier.
This makes smbXsrv_session_find_channel() much more robust.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This fixes a regression introduced by
14182350f8
("librpc ndr: ndr_pull_advance check for unsigned overflow.")
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14236
ndr_push_smbXsrv_client_global0() is happy with
pushing NULL pointers for r->{local_address,remote_address,remote_name},
while the IDL doesn't allow it.
In turn ndr_pull_smbXsrv_client_global0() no longer ignores the error.
This means multi-channel connections were broken,
and we paniced on a NULL pointer.
It's really sad that we still don't have automated tests for it.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
On (eg) the
DC=_msdcs.X.Y,CN=MicrosoftDNS,DC=ForestDnsZones,DC=X,DC=Y
record, in domains that have had a Microsoft Windows DC an attribute:
dNSProperty:: AAAAAAAAAAAAAAAAAQAAAJIAAAAAAAAA
000000 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 >................<
000010 92 00 00 00 00 00 00 00 >........<
000018
We, until samba 4.12, would parse this as:
pull returned Success
dnsp_DnsProperty: struct dnsp_DnsProperty
wDataLength : 0x00000000 (0)
namelength : 0x00000000 (0)
flag : 0x00000000 (0)
version : 0x00000001 (1)
id : DSPROPERTY_ZONE_NS_SERVERS_DA (146)
data : union dnsPropertyData(case 0)
name : 0x00000000 (0)
dump OK
However, the wDataLength is 0. There is not anything in
[MS-DNSP] 2.3.2.1 dnsProperty to describe any special behaviour
for when the id suggests that there is a value, but wDataLength is 0.
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dnsp/445c7843-e4a1-4222-8c0f-630c230a4c80
We now fail to parse it, because we expect an entry with id DSPROPERTY_ZONE_NS_SERVERS_DA
to therefore have a valid DNS_ADDR_ARRAY (section 2.2.3.2.3).
As context we changed it in our commit fee5c6a424
because of bug https://bugzilla.samba.org/show_bug.cgi?id=14206
which was due to the artificial environment of the fuzzer.
Microsoft advises that Windows also fails to parse this, but
instead of failing the operation, the value is ignored.
Reported by Alex MacCuish. Many thanks for your assistance in
tracking down the issue.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 15 07:29:17 UTC 2020 on sn-devel-184
These have been known to be given by Windows DCs that share the same domain
as while invalid, they are not format-checked inbound when set by the DNS
Manager MMC applet over the dnsserver pipe to Windows.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This will be used by a test and the DNS server code to parse short dnsProperty
records which come from Windows servers.
This example is from the value that caused Samba to fail as it
can not be parsed as a normal dnsp_DnsProperty
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This job is already quite long and these tests are unlikely
to vary between hosts or under the -O3 compile
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
The "base on g_lock" patch is a slowdown because we do more tdb
operations. Getting share_entries.tdb back into locking.tdb tries to
speed things up again.
Now that we're based on g_lock we'll most likely use a different
method in order to spread the entries across multiple records.
It still maintains the sorted array of share modes within locking.tdb,
but not as part of the expensive ndr marshalling of the complete
array.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 15 02:27:49 UTC 2020 on sn-devel-184
This means we don't hold locking.tdb mutexes anymore while we do
filesystem-level operations. This has hurt ctdb quite a bit: A smbd hanging in
an unlink() syscall prevents ctdb from recovering locking.tdb.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Optionally allow a database with g_lock format to participate in the dbwarp
lock order check. Will be used once locking.tdb is based upon g_lock.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Same concept as dbwrap_watched_watch_send/recv: Get informed if the
underlying data of a record changes. This utilizes the watched
database that g_lock is based upon anyway. To avoid spurious wakeups
by pure g_lock operations this patch adds a sequence number for the
data that is stored in the g_lock data field.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
locking.tdb will not have a LOCK_ORDER anymore, this will be done by
the code in g_lock.c. We need to allow opening a database with dbwrap
without having a lock order.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Directly pass the database name and lock order to the core functions,
avoid passing struct db_context.
In the next steps these functions will become public: locking.tdb will
be based on g_lock.c to avoid holding a tdb-level locking.tdb mutex
while doing complex file system operations like unlink() which can
take ages on FAT for example.
This means that g_lock.c will participate in the dbwrap lock order
protection and needs access to dbwrap_lock_order_[un]lock() without
providing a direct db_context.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
With share_infos.tdb this is a locking order violation:
share_infos.tdb is level 4, brlock.tdb is level 2. Avoid this by first
walking the share_infos.tdb and then fetching all the brlock entries.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu May 14 22:06:32 UTC 2020 on sn-devel-184
Needed for the next commit testing netfileenum
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
To me this was not very transparent, and now that we have "ctr3" a
single indirect looks okay
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 14 19:43:27 UTC 2020 on sn-devel-184
The only two callers that pass a root_dir_fid != 0 are reply_ntcreate_and_X()
and call_nt_transact_create(). By moving root_dir_fid processing outside of
SMB_VFS_CREATE_FILE() we can avoid rewriting get_relative_fid_filename() to work
with *AT semantics and dirfsps.
Bonus points: the previous code in both functions passed fname to
filename_convert() which can't really have worked as it is relative to
root_dir_fid so filename_convert() will not be able to stat() the relative path
and it's components.
The only test I can find that uses a root dir_fid is raw.samba3rootdirfid and
that uses a handle on the share root which will work.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14380
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
raw.samba3rootdirfid tests with the share root directory as root_dir_fid handle,
that doesn't cover the case where the relative name has more then one path
component. It only works because in unix_convert() we run into the creating file
optimasation.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14380
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: awalker <awalker@ixsystems.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed May 13 17:34:43 UTC 2020 on sn-devel-184
On bad name conversion, exit the directory listing with an error, but leave the
connection intact. We were already checking for finfo->name == NULL here,
but were ignoring it and not reporting an error.
Remove the knownfail.d/bad_iconv file as we now
behave the same across CORE/NT1/SMB2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14374
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 12 21:32:44 UTC 2020 on sn-devel-184
