1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00

121168 Commits

Author SHA1 Message Date
Ralph Boehme
1e2a967ff4 ctdb-tcp: rename ctdb_tcp_stop_connection() to ctdb_tcp_stop_outgoing()
No change in behaviour.  This makes the code self-documenting.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Ralph Boehme
ea37ecdcd5 ctdb-tcp: Remove redundant restart in ctdb_tcp_tnode_cb()
The node dead upcall has already restarted the outgoing connection.
There's no need to repeat it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Ralph Boehme
b83ef98c74 ctdb-tcp: always call node_dead() upcall in ctdb_tcp_tnode_cb()
ctdb_tcp_tnode_cb() is called when we receive data on the outgoing connection.

This can happen when we get an EOF on the connection because the other side as
closed. In this case data will be NULL.

It would also be called if we received data from the peer. In this case data
will not be NULL.

The latter case is a fatal error though and we already call
ctdb_tcp_stop_connection() for this case as well, which means even though the
node is not fully connected anymore, by not calling the node_dead() upcall
NODE_FLAGS_DISCONNECTED will not be set.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Noel Power
0ff1b78fc2 ctdb-tcp: move free of inbound queue to TCP restart
Since commit 77deaadca8e8dbc3c92ea16893099c72f6dc874e, a nodeA which
had previously accepted a connection from nodeB (where nodeB dies
e.g. as as result of fencing) when nodeB attempts to connect again
after restarting is always rejected with

 ctdb_listen_event: Incoming queue active, rejecting connection from w.x.y.z

messages.

Consolidate dead node handling in the TCP restart handling.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Martin Schwenke
15762a3455 ctdb-daemon: more logical whitespace, debug modernisation
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-12 03:47:30 +00:00
Ralph Boehme
6a4fa0785f ctdb-daemon: ensure restart() callback is called in half-connected state
If NODE_FLAGS_DISCONNECTED is set the node can be in half-connected state. With
this change we ensure to restart the transport for this case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Christof Schmitt
808d6c0c53 selftest: Add test for rpcclient LSA lookup calls
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar 11 09:52:44 UTC 2020 on sn-devel-184
2020-03-11 09:52:44 +00:00
Christof Schmitt
00ab6349e2 rpcclient: Ask for minimal permissions for SID and name lookups
The RPC calls to lookup SIDS and names only require the
POLICY_LOOKUP_NAMES permission. Only ask for that instead of the
MAXIMUM_ALLOWED flag. This allows these calls to work against a NetApp
that does not accept MAXIMUM_ALLOWED (see bugzilla 11105).

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-11 08:09:32 +00:00
Volker Lendecke
12596a3a8d libcli: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 10 23:08:20 UTC 2020 on sn-devel-184
2020-03-10 23:08:19 +00:00
Volker Lendecke
52b5bcb602 lib: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-10 21:25:33 +00:00
Volker Lendecke
c8d5195349 smbd: Fix a comment, "flags" expanded to 2 bytes
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-10 21:25:33 +00:00
Volker Lendecke
9653a10738 libsmbclient: Put it back to a known, well-working state
For adapting unix extensions in our client libraries, we need a fresh start
with additional APIs. We can't change existing application behaviour.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-10 21:25:33 +00:00
Isaac Boukris
0982980dc6 mit-kdc: Explicitly reject S4U requests
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Tue Mar 10 14:46:04 UTC 2020 on sn-devel-184
2020-03-10 14:46:04 +00:00
Andreas Schneider
8b0c796f53 selftest: Set KRB5RCACHETYPE to none for selftest
This is required that out tests work with MIT KRB5 1.18.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
2020-03-10 13:02:27 +00:00
Isaac Boukris
3434758637 Sign and verify PAC with ticket principal instead of canon principal
With MIT library 1.18 the KDC no longer set
KRB5_KDB_FLAG_CANONICALIZE for enterprise principals which allows
us to not canonicalize them (like in Windows / Heimdal).

However, it now breaks the PAC signature verification as it was
wrongly done using canonical client rather than ticket client name.

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2020-03-10 13:02:27 +00:00
Isaac Boukris
5d73cc408b Fix uxsuccess test with new MIT krb5 library 1.18
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14155

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2020-03-10 13:02:27 +00:00
Isaac Boukris
bebad45b29 Adapt sign_authdata in our KDB module for krb5 v1.18
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-10 13:02:27 +00:00
Martin Schwenke
9f9dcfb6c3 ctdb-tests: Use built-in hexdump() in system socket tests
Better compatibility, since od output isn't consistent on FreeBSD.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Mar 10 09:17:12 UTC 2020 on sn-devel-184
2020-03-10 09:17:12 +00:00
Martin Schwenke
602694522f ctdb-tests: Split system socket test
One test for each of types, TCP, ARP.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Martin Schwenke
b10e79f208 ctdb-tests: Skip "ctdb process-exists" tests when not on Linux
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Martin Schwenke
c5dd476715 ctdb-tests: Add function ctdb_test_check_supported_OS
Skips test if not on one of the supported OSes.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Martin Schwenke
8402dabf88 ctdb-tests: Use ctdb_test_skip() when initscript can not be found
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Martin Schwenke
30180ef6c2 ctdb-tests: Use ctdb_test_skip() when shellcheck is not installed
When the tests are run interactively this will make it more noticeable
that shellcheck is not installed because the test summary will
indicate missing tests.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Martin Schwenke
77f6977102 ctdb-tests: Skipped tests should not cause failure
Skipped tests return a status that indicates failure.  In combination
with the -e option this results in an exit with failure on the first
skipped test.

Convert skipped test status to success.  The skip has already been
counted.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Andreas Schneider
54f26cfcf2 autobuild: Run the none env in the samba-o3 build
This includes tests which should make sure that certain code is not
optimized away, like memset_s().

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar  9 23:42:26 UTC 2020 on sn-devel-184
2020-03-09 23:42:26 +00:00
Andrew Bartlett
609c990347 Require Python 3.6 for Samba 4.13
This allows Samba to use formatted string literals, which
are quite handy.

REF: https://docs.python.org/3/whatsnew/3.6.html#whatsnew36-pep498

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 22:03:26 +00:00
Andrew Bartlett
e9ce0f13e6 .gitlab-ci.yml: Do not build Samba for Ubuntu 16.04 or Debian 9 any longer
These only have Python 3.5 and we want to increase the minimum to Python 3.6.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 22:03:26 +00:00
Andrew Bartlett
d048d7e17d bootstrap: Remove long-unsupported OS versions
Samba has not built on these versions for quite some time due to
the need for Python 3.5 and GnuTLS 3.4.7

These were always marked as broken, but given the requirements
these are never likely to come back.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 22:03:26 +00:00
Ralph Boehme
0ae4f368c6 smbd: reuse close_free_pending_aio() in close_directory()
A directory fsp can have outstanding aio requests as well.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar  9 19:34:27 UTC 2020 on sn-devel-184
2020-03-09 19:34:27 +00:00
Ralph Boehme
f94cd10a21 smbd: call tevent_req_nterror() for directories when cleaning up pending aio
smbd_smb2_query_directory_recv() calls tevent_req_is_nterror() which requires a
NTSTATUS error code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-09 18:07:34 +00:00
Ralph Boehme
acb0b01761 smbd: move pending aio cleanup to a helper function
We'll be reusing this from close_directory() in the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-09 18:07:34 +00:00
Ralph Boehme
95cfcda13f vfs_default: Protect vfs_getxattrat_done() from accessing a freed req pointer
If the fsp is forced closed by a SHUTDOWN_CLOSE whilst the request is in
flight (share forced closed by smbcontrol), then we set state->req = NULL in the
state destructor.

The existing state destructor prevents the state memory from being freed, so
when the thread completes and calls vfs_getxattrat_done(), just throw away the result
if state->req == NULL.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-09 18:07:34 +00:00
Ralph Boehme
0e894f3e48 vfs_default: pass in state as the callback data to the subreq
Find the req we're finishing off by looking inside the state.  In a shutdown
close the caller calls talloc_free(req), so we can't access it directly as
callback data.

The next commit will NULL out the state->req pointer when a caller calls
talloc_free(req), and the request is still in flight.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-09 18:07:34 +00:00
Günther Deschner
54c21a99e6 winexe: add configure option to control whether to build it (default: auto)
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Mar  9 16:27:21 UTC 2020 on sn-devel-184
2020-03-09 16:27:21 +00:00
Günther Deschner
ebda529b59 librpc: fix IDL for svcctl_ChangeServiceConfigW
Found while trying to run winexe against Windows Server 2019.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 15:00:31 +00:00
Günther Deschner
c3fa0b2df9 s4-torture: add ndr svcctl testsuite
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 15:00:31 +00:00
Günther Deschner
0825324bc7 s4-torture: add rpc test for ChangeServiceConfigW
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 15:00:31 +00:00
Ralph Boehme
f92af66190 vfs_recycle: prevent flooding the log if we're called on non-existant paths
vfs_recycle is assuming that any path passed to unlink must exist, otherwise it
logs this error. Turn this into a DEBUG level message.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14316
See also: https://bugzilla.redhat.com/show_bug.cgi?id=1780802

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>

Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Mon Mar  9 14:15:06 UTC 2020 on sn-devel-184
2020-03-09 14:15:06 +00:00
Martin Schwenke
be90ab01bb ctdb-docs: Improve recovery lock documentation
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Christof Schmitt <cs@samba.org>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Mar  9 02:27:18 UTC 2020 on sn-devel-184
2020-03-09 02:27:18 +00:00
Jeremy Allison
bb22be08b0 s3: tests: Add samba3.blackbox.force-close-share
Checks server stays up whilst writing to a force closed share.
Uses existing aio_delay_inject share to delay writes while
we force close the share.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Mar  8 19:34:14 UTC 2020 on sn-devel-184
2020-03-08 19:34:14 +00:00
Jeremy Allison
6b567e0c13 s3: VFS: vfs_aio_pthread: Make aio opens safe against connection teardown.
Allocate state off fsp->conn, not NULL, and add a destructor
that catches deallocation of conn which happens
on connection shutdown or force close.

Note - We don't allocate off fsp as the passed in
fsp will get freed once we return EINPROGRESS/NT_STATUS_MORE_PROCESSING_REQUIRED.
A new fsp pointer gets allocated on every re-run of the
open code path.

The destructor allows us to NULL out the saved conn struct pointer
when conn is deallocated so we know not to access deallocated memory.
This matches the async teardown code changes for bug #14301
in pread/pwrite/fsync vfs_default.c and vfs_glusterfs.c

state is still correctly deallocated in all code
paths so no memory leaks.

This allows us to safely complete when the openat()
returns and then return the error NT_STATUS_NETWORK_NAME_DELETED
to the client open request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-03-08 18:07:44 +00:00
Jeremy Allison
e566066605 s3: VFS: vfs_aio_pthread: Add a talloc context parameter to create_private_open_data().
Pass in NULL for now so no behavior change.
We will be changing this from NULL to fsp->conn in a later commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-03-08 18:07:44 +00:00
Jeremy Allison
ddb9038fe7 s3: VFS: vfs_aio_pthread. Move xconn into state struct (opd).
We will need this in future to cause a pending open to
be rescheduled after the connection struct we're using
has been shut down with an aio open in flight. This will
allow a correct error reply to an awaiting client.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-03-08 18:07:44 +00:00
Jeremy Allison
8db831a318 s3: VFS: vfs_aio_pthread: Replace state destructor with explicitly called teardown function.
This will allow repurposing a real destructor to allow
connections structs to be freed whilst the aio open
request is in flight.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-03-08 18:07:44 +00:00
Jeremy Allison
a1e247c3ba s3: VFS: vfs_aio_pthread. Fix leak of state struct on error.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-03-08 18:07:44 +00:00
Jeremy Allison
410e7599bd s3: smbd: Make sure we correctly reply to outstanding aio requests with an error on SHUTDOWN_CLOSE.
SHUTDOWN_CLOSE can be called when smbcontrol close-share
is used to terminate active connections.

Previously we just called talloc_free()
on the outstanding request, but this
caused crashes (before the async callback
functions were fixed not to reference req
directly) and also leaves the SMB2 request
outstanding on the processing queue.

Using tevent_req_error() instead
causes the outstanding SMB1/2/3 request to
return with NT_STATUS_INVALID_HANDLE
and removes it from the processing queue.

The callback function called from this
calls talloc_free(req). The destructor will remove
itself from the fsp and the aio_requests array.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-03-08 18:07:44 +00:00
Jeremy Allison
9ecbda263f s3: VFS: vfs_glusterfs. Protect vfs_gluster_fsync_done() from accessing a freed req pointer.
If the fsp is forced closed by a SHUTDOWN_CLOSE whilst the
request is in flight (share forced closed by smbcontrol),
then we set state->req = NULL in the state destructor.

The existing state destructor prevents the state memory
from being freed, so when the thread completes and calls
vfs_gluster_fsync_done(), just throw away the result if
state->req == NULL.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-03-08 18:07:44 +00:00
Jeremy Allison
cdde55a69d s3: VFS: vfs_glusterfs. Pass in struct vfs_gluster_fsync_state as the callback data to the subreq.
Find the req we're finishing off by looking inside vfs_gluster_fsync_state.
In a shutdown close the caller calls talloc_free(req), so we can't
access it directly as callback data.

The next commit will NULL out the vfs_gluster_fsync_state->req pointer
when a caller calls talloc_free(req), and the request is still in
flight.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-03-08 18:07:44 +00:00
Jeremy Allison
c0c088b1b7 s3: VFS: vfs_glusterfs: Add tevent_req pointer to state struct in vfs_gluster_fsync_state.
We will need this to detect when this request is outstanding but
has been destroyed in a SHUTDOWN_CLOSE on this file.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-03-08 18:07:44 +00:00
Jeremy Allison
67910c751c s3: VFS: vfs_glusterfs. Protect vfs_gluster_pwrite_done() from accessing a freed req pointer.
If the fsp is forced closed by a SHUTDOWN_CLOSE whilst the
request is in flight (share forced closed by smbcontrol),
then we set state->req = NULL in the state destructor.

The existing state destructor prevents the state memory
from being freed, so when the thread completes and calls
vfs_gluster_pwrite_done(), just throw away the result if
state->req == NULL.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-03-08 18:07:44 +00:00