IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This means we can test the lock sequence checking via the
'samba3.smb2.lock aio(nt4_dc)' test.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
even if the tgt session key uses different hmac.
Per [MS-SFU] 2.2.1 PA-FOR-USER the checksum is
always HMAC_MD5, and that's what windows 7 client
and MIT client send.
In heimdal both the client and kdc use the checksum of
the tgt key instead and therefore work with each other
but windows and MIT clients fail against heimdal KDC.
Windows KDC allows either checksum (HMAC_MD5 or from
tgt) so we should do the same to support all clients.
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 11 02:48:58 UTC 2020 on sn-devel-184
To test the CRC32 I reverted the unkeyed-checksum fix (43958af1)
and the weak-crypto fix (389d1b97). Note that the unkeyed-md5
still worked even with weak-crypto disabled, and that the
unkeyed-sha1 never worked but I left it anyway.
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 15 12:25:40 UTC 2020 on sn-devel-184
Lists the two existing subtests indidivually in preparation of adding a third
that is going to pass against ad_dc_ntvfs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14375
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit d9edfeea668362269d812f82b1957ed16ff56dd4)
Test was using smbclient4 but this fails when used in environments that
don't support SMB1. We use smbclient(s3) instead. There remains one
failure due to behaviour differences between the smbclients.
The behavioural changes are related not to SMB1/SMB2 but
commits d4ea637eb8 &
fce66b22ea
Perhaps we need to modify s3 smbclient in a similar way? This is however
something that deserves further discussion.
Move this failing part to a knownfail for the moment.
Also the corrosponding entry in skip_smb1_fail has been removed
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move tests raw.samba3hide, raw.samba3checkfsp & raw.samba3closeerr from
ad_dc to ad_dc_smb1. Also update flapping and knownfail entries to cater
for the new env.
no entries in skip files to be removed as flapping & knownfail negate
the need for this.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move tests raw.samba3hide, raw.samba3checkfsp & raw.samba3closeerr from
simpleserver to fileserver. Also need a knownfail for raw.samba3closeerr
which fails in envs that NT ACLs enabled. We will get extra coverage
from ad_dc_smb1 when the same tests are moved there.
Remove the associated entries from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move samba3.smbtorture_s3.crypt_client.* tests which fail against
environments that don't support SMB1.
The following tests have been moved from nt4_dc -> nt4_dc_smb1
samba3.smbtorture_s3.crypt_client.ATTR
samba3.smbtorture_s3.crypt_client.BROWSE
samba3.smbtorture_s3.crypt_client.CASE-INSENSITIVE-CREATE
samba3.smbtorture_s3.crypt_client.CHAIN1
samba3.smbtorture_s3.crypt_client.CHAIN2
samba3.smbtorture_s3.crypt_client.CHAIN3
samba3.smbtorture_s3.crypt_client.CHKPATH
samba3.smbtorture_s3.crypt_client.CLEANUP1
samba3.smbtorture_s3.crypt_client.CLEANUP2
samba3.smbtorture_s3.crypt_client.CLEANUP4
samba3.smbtorture_s3.crypt_client.CLI_SPLICE
samba3.smbtorture_s3.crypt_client.DELETE
samba3.smbtorture_s3.crypt_client.DELETE-LN
samba3.smbtorture_s3.crypt_client.DELETE-STREAM
samba3.smbtorture_s3.crypt_client.DIR
samba3.smbtorture_s3.crypt_client.DIR-CREATETIME
samba3.smbtorture_s3.crypt_client.FDPASS
samba3.smbtorture_s3.crypt_client.FDSESS
samba3.smbtorture_s3.crypt_client.IOCTL
samba3.smbtorture_s3.crypt_client.LARGE_READX
samba3.smbtorture_s3.crypt_client.LOCK1
samba3.smbtorture_s3.crypt_client.LOCK10
samba3.smbtorture_s3.crypt_client.LOCK11
samba3.smbtorture_s3.crypt_client.LOCK13
samba3.smbtorture_s3.crypt_client.LOCK2
samba3.smbtorture_s3.crypt_client.LOCK3
samba3.smbtorture_s3.crypt_client.LOCK4
samba3.smbtorture_s3.crypt_client.LOCK5
samba3.smbtorture_s3.crypt_client.LOCK6
samba3.smbtorture_s3.crypt_client.LOCK7
samba3.smbtorture_s3.crypt_client.LOCK9A
samba3.smbtorture_s3.crypt_client.LOCK9B
samba3.smbtorture_s3.crypt_client.NTTRANS-FSCTL
samba3.smbtorture_s3.crypt_client.OPEN
samba3.smbtorture_s3.crypt_client.OPLOCK1
samba3.smbtorture_s3.crypt_client.OPLOCK2
samba3.smbtorture_s3.crypt_client.OWNER-RIGHTS
samba3.smbtorture_s3.crypt_client.PIDHIGH
samba3.smbtorture_s3.crypt_client.PROPERTIES
samba3.smbtorture_s3.crypt_client.RENAME
samba3.smbtorture_s3.crypt_client.RENAME-ACCESS
samba3.smbtorture_s3.crypt_client.RW1
samba3.smbtorture_s3.crypt_client.RW2
samba3.smbtorture_s3.crypt_client.RW3
samba3.smbtorture_s3.crypt_client.RW-SIGNING
samba3.smbtorture_s3.crypt_client.SHORTNAME-TEST
samba3.smbtorture_s3.crypt_client.STREAMERROR
samba3.smbtorture_s3.crypt_client.TCON
samba3.smbtorture_s3.crypt_client.TCON2
samba3.smbtorture_s3.crypt_client.TCONDEV
samba3.smbtorture_s3.crypt_client.TORTURE
samba3.smbtorture_s3.crypt_client.TRANS2
samba3.smbtorture_s3.crypt_client.UID-REGRESSION-TEST
samba3.smbtorture_s3.crypt_client.UNLINK
samba3.smbtorture_s3.crypt_client.W2K
samba3.smbtorture_s3.crypt_client.WILDDELETE
samba3.smbtorture_s3.crypt_client.XCOPY
and have been removed from skip_smb1_fail
list of tests modified has been verified with
python3 source3/selftest/tests.py | grep "^samba3.smbtorture_s3." | grep nt4_dc_smb1 | cut -f1 -d\( | sort -u
addionally any knownfail entries have been updated as appropriate.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Tests samba3.raw.samba3checkfsp, samba3.raw.samba3hide &
samba3.raw.samba3closeerr fail in test environments that don't support
SMB1 so move to nt4_dc_smb1. Additionally samba3.raw.samba3closeer was
a known fail in nt4_dc so this also needs to be adjusted for the new
env.
Remove the remaining entries from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Tests samba3.raw.acls* don't succeed in environments that don't
support SMB1 so move them to nt4_dc_smb1
Also need to adjust knownfail for samba3.raw.acls nfs4acl_xattr*
Additionally remove the entries for test from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
The following tests which fail in environments that dont support
SMB1 have been moved to ad_dc_smb1
samba3.unix.whoami
samba3.unix.whoami kerberos connection
samba3.unix.whoami anonymous connection
samba3.unix.whoami ntlm user@realm
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Tests:
samba3.rap.basic
samba3.rap.rpc
have been moved to ad_dc_smb1, nt4_dc_smb1
verified by
python3 source3/selftest/tests.py | grep ad_dc_smb1 | grep "^samba3.rap"
these tests have been removed from skip_smb1_fails
Additionally
samba3.rap.basic.netsessiongetinfo was already marked as knownfail
in ad_dc so in ad_dc_smb1 also true
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit finally switches the RPC server implementation.
At the same we have to do other related changes to keep code compiling
and test environments running.
First avoid moving the session_info into the allocated pipes_struct memory
context as it is owned now by the core RPC server, and the s3compat pidl
compiler will update the pipes_struct session_info before dispatching
the call with dcesrv_call->auth_state->session_info.
Also, fix a segfault in the endpoint mapper daemon when it tries to delete
the endpoints previously registered over a NCALRPC connection.
If we have:
rpc_server : epmapper = external
rpc_server : lsarpc = external
rpc_daemon : epmd = fork
rpc_daemon : lsasd = fork
The sequence is:
* The endpoint mapper starts (start_epmd in source3/smbd/server.c)
* The lsarpc daemon starts (start_lsasd in source3/smbd/server.c)
* The lsarpc daemon creates the sockets and registers its endpoints
(rpc_ep_register in source3/rpc_server/lsasd.c)
* The endpoint registration code opens a NCALRPC connection to the
endpoint mapper daemon (ep_register in source3/librpc/rpc/dcerpc_ep.c)
and keeps it open to re-register if the endpoint mapper daemon dies
(rpc_ep_register_loop in source3/rpc_server/rpc_ep_register.c)
* When the endpoint mapper daemon accepts a NCALRPC connection it sets a
termination function (srv_epmapper_delete_endpoints)
* Suppose the lsarpc daemon exits. The NCALRPC connection termination
function is called.
* The termination function tries to delete all endpoints registered by that
connection by calling _epm_Delete
* _epm_Delete calls is_privileged_pipe which access to
pipes_struct->session_info.
As the call to _epm_Delete occurs outside of the PIDL generated code,
the pipes_stuct->session_info is NULL. This commit also sets
pipes_struct->session_info from the dcerpc_connection before calling
_epm_Delete. As the core rpc server supports security context multiplexing we
need to pass the dcesrv_connection to the termination function and let the
implementation pick a auth context. In the case of the endpoint mapper
the termination function has to pick one of type NCALRPC_AS_SYSTEM to
check if the connection is privileged and delete the endpoints
registered by the connection being closed.
Finally, the samba.tests.dcerpc.raw_protocol testsuite passes against
the ad_member environment.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Keep the s3 server behaviour for now and return always the same
association group ID, 0x53F0.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The goal is to pass the raw protocol testsuite against s3 RPC server.
To do so we need to enable epmd and lsasd daemons, as the testsuite
connects to the endpoint mapper and lsa endpoints using NCACN_IP_TCP
and NCACN_NP transports.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
For adapting unix extensions in our client libraries, we need a fresh start
with additional APIs. We can't change existing application behaviour.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Found while trying to run winexe against Windows Server 2019.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
The libsmbclient readdir tests are broken just for the unix extension
case. For example they assume our "map archive" behaviour. This will
have to be parameterized once unix extensions become better
implemented in libsmbclient
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 27 19:34:36 UTC 2020 on sn-devel-184
The partial surrogate test is known to fail (in
both smb1 and smb2).
Signed-off-by: David Mulder <dmulder@suse.com>
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Thu Jan 30 12:05:13 UTC 2020 on sn-devel-184
The rpc.netlogon testsuite has a test that verifies LSA over netlogon which is
only enabled in the ad_dc_ntvfs env.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Dec 9 11:57:52 UTC 2019 on sn-devel-184
net_rpc_check was hardcoded to check for rpc using SMB1 only. We
should negotiate protocols based on the client max|min protocol settings
this commit also removes the entry for
samba3.blackbox.net.misc.lookup share list
from knownfails as this test should now pass following this change.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Adding a test for the net share list command. Currently this
command will fail because of a bug in the net command when it tries
to see if rpc is supported. This change adds a known fail to swallow
this error. A future commit will fix the net command and remove the
known fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
This can lead to very confusing bugs, and the code right now does not
deal with it well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
"wrec->num_watchers" changes in dbwrap_watch_rec_del_watcher(). In
32d6cc84c I forgot to update the copy of that variable.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 18 22:28:07 UTC 2019 on sn-devel-184
Workaround bug present in gnutls 3.6.8:
gnutls_cipher_decrypt() uses an optimization
internally that breaks decryption when processing
buffers with their length not being a multiple
of the blocksize.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
[MS-FSA] 2.1.5.1 Server Requests an Open of a File
Windows pathname specific processing.
Always disallow trailing /, and also \\ on FILE_NON_DIRECTORY_FILE.
We need to check this before the generic pathname parser
as the generic pathname parser removes any trailing '/' and '\\'.
Currently this is SMB2 only, but we could also add this
check to the SMB1 NTCreateX calls if ultimately neded.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Oct 2 09:31:40 UTC 2019 on sn-devel-184
[MS-FSA] 2.1.5.1 Server Requests an Open of a File.
Checks how to behave on both files and directories.
Tested against Windows 10 server - passes. Currently smbd fails this.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This is similar to multilock3, but uses a read-only
(LOCKING_ANDX_SHARED_LOCK) locks for the 2nd lock
request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This now removed comment describes the bug correctly:
/*
* As this timer event is owned by req, it will
* disappear if req it talloc_freed.
*/
In smb1, "req" disappears once the reply_whatever routine is done. Thus
the timer goes away and we never look at "req" again.
This change moves the valid data (xconn and mid) to
deferred_open_record, and changes the talloc hierarchy such that the
timer is now a child of open_rec, which is a child of the deferred
message.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14060
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 31 00:12:34 UTC 2019 on sn-devel-184
Show that the current smb1 server does not properly retry a nonblocking
open of a kernel-oplocked file
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14060
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Samba aborts the read&x after a blocked, but eventually successful
locking&x call. Both Windows and source4/ntvfs do the read properly,
source3/smbd does not. With later code, this will become possible much
easier. Lets see if it's worth it given that we've got away with this
forever.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Right now we fail this with smbd, we return LOCK_NOT_GRANTED instead
of FILE_LOCK_CONFLICT. This will change with later commits.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
samba-tool ntacl get testfile --xattr-backend=tdb --use-ntvfs
Fixes: Unknown parameter encountered: "state dir"
Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
get_share (called from 'net conf showshare') does a lookup of the share
name case-insensitively. As the registry stores the share name in the
correct case and 'net conf list' prints the correct case, also lookup
the correct case for get_share.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Add a test to verify that 'net [rpc] conf showshare' returns the correct
upper/lower case.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Opening a file with a stale (smbd died) LEVEL_II oplock makes
vfs_set_filelen-> ... ->contend_level2_oplocks_begin_default
trigger the immediate leading to do_break_to_none. This goes through
because fsp->oplock_type is not initialized yet, thus 0. Also,
file_has_read_oplocks is still valid, because the smbd that has died
could not clean up the brlock.tdb entry.
Later in the code the exclusive oplock is granted, which is then found
by do_break_to_none, making it panic.
This patch just runs the direct FTRUNCATE instead of vfs_set_filelen.
This means the contend_level2_oplock code is skipped.
The relevant break (LEVEL_II to NONE) is now done in delay_for_oplock()
with the nice effect of removing a comment that was very confusing to
me.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13957
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed May 22 20:09:29 UTC 2019 on sn-devel-184
Also Skip MC tests for s4 ntvfs fileserver, it's not supported at all.
Use knownfail for s3 fileserver for the time being (until socketwrapper
supports fd-passing).
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
When winbindd is asked to map a name like realm.com\name to a SID ,that
is sucessfully resolved through the lsa lookup name call. The same call
also returns the short domain name (netbios name of the domain). Use
that short domain name for the sid_to_name cache entry, so that
subsequent sid_to_name queries return the expected netbiosname\name
result and not realm.com\name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13831
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
The username should always be returned in the DOMAISHORTNAME/USERNAME
format.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13831
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
The max_buffer value is only evaluated on the first notify
request on a directory handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13864
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 29 00:35:39 UTC 2019 on sn-devel-144
This seems to match Windows Server 2016.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13863
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The same tests as for the other modes xdr and ndr are marked as
knownfail.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The auth-logging tests are an odd combination of server and client
behaviour. On the one hand we want a IRPC connection to see the auth
events being logged on the server. On the other hand, we want the auth
events to appear to be happening on a client. Currently we hardcode in
the use of a SOCKET_WRAPPER interface to make this happen.
We can avoid this explicit socket wrapper usage by using the server
smb.conf instead in the one place we actually want to act like the
server (creating the IRPC connection). Then we can switch from using
the 'ad_dc*:local' testenvs to use 'ad_dc*', in order to act like a
client by default. The SERVERCONFFILE environment variable has already
been added for the few cases where a test needs explicit access to the
server's smb.conf.
However, for samba.tests.auth_log, the samlogon test cases are still
reliant on being run on the :local testenv, and so we can't switch them
over just yet. This is because the samlogon is using the DC's machine
creds underneath, which will fail on the non-local testenv. We could
create separate machine creds for the client and use those, but this is
a non-trivial rework of the test code.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Previous regression test ensures we still return the correct
error code for POSIX pathname operations.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Feb 25 09:33:27 CET 2019 on sn-devel-144
Ensure that if POSIX_foo exists as a file
we return the correct error code NT_STATUS_OBJECT_PATH_NOT_FOUND
if we try and traverse it as a directory.
Also ensure creation/deletion of POSIX_foo/foo fails
for directories and files with NT_STATUS_OBJECT_PATH_NOT_FOUND
if the directory POSIX_foo/ doesn't exist.
knownfail is back :-).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
For posix_pathnames don't blunder into the name_has_wildcard OR
get_real_filename() codepaths as they may be doing case insensitive lookups.
So when creating a new POSIX directory 'Foo' they might
match on name 'foo'.
Remove POSIX-MKDIR from knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Feb 24 14:04:14 CET 2019 on sn-devel-144
Test does:
mkdir POSIX_foo
mkdir POSIX_Foo
mkdir POSIX_foo/Foo
mkdir POSIX_foo/foo
mkdir POSIX_Foo/Foo
mkdir POSIX_Foo/foo
Which should pass a SMB1 POSIX extensions server
as posix mkdir should always be case sensitive
no matter what the share is set to.
Mark as knownfail for now.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13803
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
smbd could crash if "force group" is added to a
share definition whilst an existing connection
to that share exists. In that case, don't change
the existing credentials for force group, only
do so for new connections.
Remove knownfail from regression test.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13690
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jan 25 16:31:27 CET 2019 on sn-devel-144
While 'es' format works great for unicode (in python2) and
str (in python3) The behaviour with str (in python2) is unexpected.
In python2 the str type is (re-encoded) with the specified encoding.
In python2 the 'et' type would be a better match, that ensures 'str'
type is treated like it was with 's' (no reencoding) and unicode is
encoded with the specified encoding. However in python3 'et' allows
byte (or bytearray) params to be accepted (with no reencoding), we
don't want this. This patch adds a new PYARG_STR_UNI format code which
is a hybrid, in python2 it evaluates to 'et' and in python3 'es' and
so gives the desired behaviour for each python version.
Additionally remove the associated known fail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13616
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Sun Jan 13 03:53:00 CET 2019 on sn-devel-144
This test should demonstrate an error with the 'es' format in python
where a 'str' byte-string is passed (containing utf8 encoded bytes)
with some characters that cannot be decoded as ascii. The same
code if run in python3 should generate an error (needs string not
bytes)
Also Add knownfail for ldb.Dn passed utf8 encoded byte string
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Post build & test running under python3 we now run with
'--extra-python=/usr/bin/python2', these tests will get
python2 appended to the test name so we need also to create
new knownfails for these. We will keep the python3 versions
in case we create (and we probably should) some CI job(s)
with
PYTHON=python configure.developer --extra-python=/usr/bin/python3
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
MS-FSA states that a CREATE with FILE_DELETE_ON_CLOSE on an existing
file with READ_ONLY attribute has to return STATUS_CANNOT_DELETE. This
was missing in smbd as the check used the DOS attributes from the CREATE
instead of the DOS attributes on the existing file.
We need to handle the new file and existing file cases separately.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13673
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The env name will be appended. There is no need to have it twice. Can't
we remove the tests againa ad_dc_ntvfs completely?
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Additionally remove the associated known fail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13616
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
object dn format should be a utf8 encoded string
Note: Currently this fails in python2 as the c python binding for
the dn string param uses PyArg_ParseTupleAndKeywords() with 's'
format, this will accept str *or* unicode in the default encoding.
The default encoding in python2 is... ascii.
Also adding here a knownfail to squash the error produced by the test.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 5 21:56:11 CEST 2018 on sn-devel-144
This fixes a regression that came in via 00db3aba6c.
Found by Vivek Das <vdas@redhat.com> (Red Hat QE).
In order to demonstrate simply run:
smbclient //server/share -U user%password -mNT1 -c quit \
--option="client ntlmv2 auth"=no \
--option="client use spnego"=no
against a server that uses "ntlm auth = ntlmv2-only" (our default
setting).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
We were always asking for SPLICE_BLOCK_SIZE even when the
remaining bytes we wanted were smaller than that. This works
when using cli_splice() on a complete file, as the cli_read()
terminated the read at the right place. We always have the
space to read SPLICE_BLOCK_SIZE bytes so this isn't an overflow.
Found by Bailey Berro <baileyberro@google.com>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13527
Signed-off-by: Bailey Berro <baileyberro@google.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Jul 13 14:57:14 CEST 2018 on sn-devel-144
When deleting a file, all leases granting handle caching lease to the
file should be recalled.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13458
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 1 02:57:46 CEST 2018 on sn-devel-144
The tests are currently only run against streams_depot, where stream IO
is handle based, compared to streams_xattr which is path
based. vfs_streams_xattr is also used much more in real world setups, so
we should run our tests against it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Sub directories in a SMB share can have different free space information
(e.g. when a different file system is mounted there). Caching the dfree
information per SMB share will return invalid data. Address this by
switching to memcache and store the cached data based on the query path.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We now pass samba3hide(nt4_dc), so remove it from knownfail.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 25 21:29:32 CEST 2018 on sn-devel-144
Tests against a directory handle on the root of a share,
and a directory handle on a sub-directory in a share.
Check SEC_DIR_ADD_FILE and SEC_DIR_ADD_SUBDIR separately,
either allows flush to succeed.
Passes against Windows.
Regression test for:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13428
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 18 02:38:50 CEST 2018 on sn-devel-144
A LOOKUPNAME request with a domain and a name containing a winbind
separator character would return the result for the joined domain,
instead of the specified domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Apr 6 21:03:31 CEST 2018 on sn-devel-144
This demonstrates that wbinfo -n / --name-to-sid returns information
instead of failing the request. More specifically the query for
INVALIDDOMAIN//user returns the user SID for the joined domain, instead
of failing the request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This simplifies selecting a specific test to run.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Sat Mar 3 05:19:38 CET 2018 on sn-devel-144
server_exit does an internal tree disconnect which requires a chdir to
the share directory. In case the file system encountered a problem and
the chdir call returns an error, this triggers a SERVER_EXIT_ABNORMAL
which in turn results in a panic and a coredump. As the log already
indicates the problem (chdir returned an error), avoid the
SERVER_EXIT_ABNORMAL in this case and not trigger a coredump.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13189
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Dec 16 01:56:06 CET 2017 on sn-devel-144
This is marked as knownfail for quite some time.
I don't think such a test is a reason to the 'auth methods' option.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
