1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00

119789 Commits

Author SHA1 Message Date
Jeremy Allison
abbbbbff37 s3: libsmb: Added new API smbc_readdirplus2()
Returns the same as smbc_readdirplus() but also
can return a struct stat if passed in by the caller.

struct stat is synthesized from the data
returned by the SMB server.

Signed-off-by: Puran Chand <pchand@vmware.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-30 20:44:31 +00:00
Jeremy Allison
e26487aab0 s3: libsmb: Add missing ino field to internal struct smbc_dirplus_list.
This should have been added to struct libsmb_file_info, but
this is user-visible so I don't want to change this now. Adding
it to the containing struct allows us to synthesise a struct stat
to return from smbc_readdirplus2() to return all the info from
the server to callers.

Signed-off-by: Puran Chand <pchand@vmware.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-30 20:44:31 +00:00
Jeremy Allison
1f0715c0e5 s3: libsmb: Move setting all struct stat fields into setup_stat().
That way we only have one place where a struct stat is synthesised
for libsmbclient callers.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-30 20:44:31 +00:00
Jeremy Allison
7d3b4f47be s3: libsmb: Move setting st->st_ino into setup_stat.
Signed-off-by: Puran Chand <pchand@vmware.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-30 20:44:31 +00:00
Jeremy Allison
d44a84295b s3: libsmb: Change generate_inode()/setup_stat() to modern coding standards.
Change setup_stat() to be void. It doesn't return anything. Export
so it can be used by upcoming smbc_readdirplus2() call.

Remove unused SMBCCTX *context parameters.
Remove unused talloc_stackframe().

Signed-off-by: Puran Chand <pchand@vmware.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-10-30 20:44:31 +00:00
Jeremy Allison
f30b8b3aa1 s3: utils: smbtree. Ensure we don't call cli_RNetShareEnum() on an SMB1 connection.
Last unprotected call of cli_RNetShareEnum(). Not a libsmbclient
bug here but might as well fix the last caller as part of the
fix for the bug.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14174

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-10-30 20:44:31 +00:00
Jeremy Allison
1cfcad6283 s3: libsmb: Ensure we don't call cli_RNetShareEnum() on an SMB1 connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14174

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-10-30 20:44:31 +00:00
Ralph Boehme
41edeff416 s3:smb2_server: add message mid to SMB2 request done log message
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 30 18:42:35 UTC 2019 on sn-devel-184
2019-10-30 18:42:35 +00:00
Ralph Boehme
dcf51b5aa5 s3:smb2_server: modernize a debug statement
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-10-30 17:20:30 +00:00
Ralph Boehme
f3df83a2c3 lib/adouble: pass filesize to ad_unpack()
ad_unpack() needs the filesize, not the capped IO size we're using in the caller
to read up to "size" bystem from the ._ AppleDouble file.

This fixes a regression introduced by bdc257a1cbac7e8c73a084b618ba642476807483
for bug 13968.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
RN: vfs_fruit returns capped resource fork length

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Oct 30 14:52:34 UTC 2019 on sn-devel-184
2019-10-30 14:52:33 +00:00
Ralph Boehme
9a3da6bebc lib/adouble: drop ad_data reallocate logic
Simply set the buffer size to AD_XATTR_MAX_HDR_SIZE. When reading the
AppleDouble file, read up to AD_XATTR_MAX_HDR_SIZE from the file.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-10-30 13:23:42 +00:00
Ralph Boehme
baaaf59e94 lib/adouble: README.Coding fix: multi-line if expression
Also remove a TAB.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-10-30 13:23:42 +00:00
Ralph Boehme
f0c8ac47a4 lib/adouble: fix a long line
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-10-30 13:23:42 +00:00
Ralph Boehme
b63069db9f torture: expand test "vfs.fruit.resource fork IO" to check size
Reveals a bug where the resource fork size is capped at 65454 bytes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-10-30 13:23:42 +00:00
Björn Baumbach
ef58222616 CVE-2019-14833 dsdb: send full password to check password script
utf8_len represents the number of characters (not bytes) of the
password. If the password includes multi-byte characters it is required
to write the total number of bytes to the check password script.
Otherwise the last bytes of the password string would be ignored.

Therefore we rename utf8_len to be clear what it does and does
not represent.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438

Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Tue Oct 29 11:58:45 UTC 2019 on sn-devel-184
2019-10-29 11:58:45 +00:00
Andrew Bartlett
d524c7ddee CVE-2019-14833: Use utf8 characters in the unacceptable password
This shows that the "check password script" handling has a bug.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2019-10-29 10:04:45 +00:00
Jeremy Allison
7ccc302b4b CVE-2019-10218 - s3: libsmb: Protect SMB2 client code from evil server returned names.
Disconnect with NT_STATUS_INVALID_NETWORK_RESPONSE if so.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14071

Signed-off-by: Jeremy Allison <jra@samba.org>
2019-10-29 10:04:45 +00:00
Jeremy Allison
9f7a622b2b CVE-2019-10218 - s3: libsmb: Protect SMB1 client code from evil server returned names.
Disconnect with NT_STATUS_INVALID_NETWORK_RESPONSE if so.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14071

Signed-off-by: Jeremy Allison <jra@samba.org>
2019-10-29 10:04:44 +00:00
Isaac Boukris
2669cecc51 libnet_join: add SPNs for additional-dns-hostnames entries
and set msDS-AdditionalDnsHostName to the specified list.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Oct 25 10:43:08 UTC 2019 on sn-devel-184
2019-10-25 10:43:08 +00:00
Isaac Boukris
db7560ff0f docs-xml: add "additional dns hostnames" smb.conf option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2019-10-25 09:21:44 +00:00
Isaac Boukris
3e65f72b14 libnet_join_set_machine_spn: simplify adding uniq spn to array
and do not skip adding a fully qualified spn to netbios-aliases
in case a short spn already existed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2019-10-25 09:21:44 +00:00
Isaac Boukris
b8e1264ece libnet_join_set_machine_spn: simplify memory handling
and avoid a possible memory leak when passing null to
add_string_to_array() as mem_ctx.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2019-10-25 09:21:44 +00:00
Isaac Boukris
4cbad1eb46 libnet_join_set_machine_spn: improve style and make a bit room for indentation
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2019-10-25 09:21:44 +00:00
Isaac Boukris
05f7e9a72a libnet_join: build dnsHostName from netbios name and lp_dnsdomain()
This make the join process much more reliable, and avoids "Constraint
violation" error when the fqdn returned from getaddrinfo has already
got assigned an SPN.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2019-10-25 09:21:44 +00:00
Stefan Metzmacher
d0f566c4ad s4:dirsync: fix interaction of dirsync and extended_dn controls
Azure AD connect reports discovery errors:
  reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153
RN: Prevent azure ad connect from reporting discovery errors:
reference-value-not-ldap-conformant

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 24 11:06:58 UTC 2019 on sn-devel-184
2019-10-24 11:06:58 +00:00
Stefan Metzmacher
6d43d82b49 s4:tests/dirsync: add tests for dirsync with extended_dn
This demonstrates a problems that the extended_dn returned
by the dirsync module always uses the SDDL format for GUID/SID
components.

Azure AD connect reports discovery errors:
  reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-10-24 09:46:28 +00:00
Ralph Boehme
9471508391 s3: remove now unneeded call to cmdline_messaging_context()
This was only needed as dbwrap_open() had a bug where it asked for the ctdb
connection before initializing messaging. The previous commit fixed that so we
can now safely remove the calls to cmdline_messaging_context() from all tools
that don't use messaging.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13925

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 24 09:33:47 UTC 2019 on sn-devel-184
2019-10-24 09:33:47 +00:00
Ralph Boehme
ca95d7f41b s3:dbwrap: initialize messaging before getting the ctdb connection
This is a better fix for bug #13465.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13925

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-10-24 08:12:27 +00:00
Andreas Schneider
ab71d72138 waf: Symlink the compile database to the source dir for clangd
https://github.com/ycm-core/YouCompleteMe
https://github.com/abingham/emacs-ycmd

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Oct 24 08:11:19 UTC 2019 on sn-devel-184
2019-10-24 08:11:19 +00:00
Andreas Schneider
b28d06be7a waf: Create clang compilation database
http://clang.llvm.org/docs/JSONCompilationDatabase.html

This can be used by ymcd or clangd.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-10-24 06:48:08 +00:00
Martin Schwenke
6de5706b4d ctdb-tests: Add vacuuming tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Oct 24 05:28:21 UTC 2019 on sn-devel-184
2019-10-24 05:28:21 +00:00
Martin Schwenke
49262a6bc4 ctdb-tests: Add handling of process clean-up on a cluster node
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2019-10-24 04:06:44 +00:00
Martin Schwenke
b9654085f5 ctdb-tests: Factor out function check_cattdb_num_records()
This can be use in multiple vacuuming tests.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2019-10-24 04:06:44 +00:00
Martin Schwenke
5a6d319eea ctdb-tests: Add ctdb-db-test tool
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2019-10-24 04:06:44 +00:00
Martin Schwenke
439ef65d29 ctdb-client: Factor out function client_db_tdb()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2019-10-24 04:06:44 +00:00
Martin Schwenke
41a41d5f3e ctdb-daemon: Implement DB_VACUUM control
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2019-10-24 04:06:43 +00:00
Martin Schwenke
d462d64cdf ctdb-vacuum: Only schedule next vacuum event if vacuuuming is scheduled
At the moment vacuuming is always scheduled.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2019-10-24 04:06:43 +00:00
Martin Schwenke
13cedaf019 ctdb-daemon: Factor out code to create vacuuming child
This changes the behaviour for some failures from exiting to simply
attempting to schedule the next run.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2019-10-24 04:06:43 +00:00
Martin Schwenke
5539edfdbe ctdb-vacuum: Simplify recording of in-progress vacuuming child
There can only be one, so simplify the logic.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2019-10-24 04:06:43 +00:00
Martin Schwenke
496204feb0 ctdb-protocol: Add marshalling for control DB_VACUUM
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2019-10-24 04:06:43 +00:00
Martin Schwenke
a896486b62 ctdb-protocol: Add marshalling for struct ctdb_db_vacuum
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2019-10-24 04:06:43 +00:00
Martin Schwenke
b314835341 ctdb-protocol: Add new control CTDB_CONTROL_DB_VACUUM
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2019-10-24 04:06:43 +00:00
Amitay Isaacs
d0cc9edc05 ctdb-vacuum: Avoid processing any more packets
All the vacuum operations if required have an event loop to ensure
completion of pending operations.  Once all the steps are complete,
there is no reason to process any more packets.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2019-10-24 04:06:43 +00:00
Amitay Isaacs
680df07630 ctdb-daemon: Avoid memory leak when packet is deferred
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2019-10-24 04:06:43 +00:00
Amitay Isaacs
c6427dddf5 ctdb-recoverd: No need for database detach handler
The only reason for recoverd attaching to databases was to migrate
records to the local node as part of vacuuming.  Recovery daemon does
not take part in database vacuuming any more.

The actual database recovery is handled via the recovery_helper and
recovery daemon should not need to attach to the databases any more.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2019-10-24 04:06:43 +00:00
Amitay Isaacs
fc81729dd2 ctdb-recoverd: Drop VACUUM_FETCH message handling
This is now implemented in the ctdb daemon using VACUMM_FETCH control.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2019-10-24 04:06:43 +00:00
Amitay Isaacs
498932c0e8 ctdb-vacuum: Replace VACUUM_FETCH message with control
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2019-10-24 04:06:42 +00:00
Amitay Isaacs
86521837b6 ctdb-vacuum: Add processing of fetch queue
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2019-10-24 04:06:42 +00:00
Amitay Isaacs
da617f90d9 ctdb-daemon: Add implementation of VACUUM_FETCH control
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2019-10-24 04:06:42 +00:00
Amitay Isaacs
36f9b4953a ctdb-tests: Add marshalling tests for new control
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2019-10-24 04:06:42 +00:00