1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-14 19:24:43 +03:00

7803 Commits

Author SHA1 Message Date
Volker Lendecke
fa9d4570b8 lib: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-22 19:54:38 +00:00
Ralph Boehme
894caca794 winbind: move "winbind:ignore domain" logic to a seperate function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14602

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-21 21:48:30 +00:00
Stefan Metzmacher
d62c670c3d s3:adouble: add adouble_open_from_base_fsp()
For now we only support ADOUBLE_RSRC, but that might change in future.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-01-21 13:35:33 +00:00
Stefan Metzmacher
c45a8d753d s3:adouble: allow ad_fget/ad_get_internal to be used with a backend fsp
Up to now we only passed in stream fsp, but that will change shortly.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-01-21 13:35:33 +00:00
Stefan Metzmacher
1052314dcd s3:adouble: rewrite ad_open_rsrc() as adouble_open_rsrc_fsp() using create_internal_fsp()
"._" AppleDouble files are hidden by vfs_fruit by default, so there's no
need to go through a full SMB_VFS_CREATE_FILE() for them.

They don't need an smbXsrv_open_global.tdb entry nor a locking.tdb
entry, so we just open them with fd_openat().

This avoids a recursion deadlock in get_share_mode_lock() when closing
the ':AFP_Resource' stream.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-01-21 13:35:33 +00:00
Ralph Boehme
f84bc4b021 libadouble: assert valid stat in ad_unconvert_get_streams()
All callers already stat the path, just add a check that asserts this.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-14 17:55:33 +00:00
Ralph Boehme
93f4cb9786 libadouble: call vfs_stat() in ad_convert_finderinfo()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-14 17:55:33 +00:00
Ralph Boehme
c77140fd65 libadouble: call vfs_stat() in ad_convert_xattr()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-14 17:55:33 +00:00
Volker Lendecke
cc9ade9b0a lib: Initialize variables in prefork_listen_accept_handler()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
2021-01-14 13:29:35 +00:00
Volker Lendecke
834f9e152e lib: Fix typos
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
2021-01-14 13:29:35 +00:00
Volker Lendecke
56737df462 lib: Initialize pointers in server_prefork.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-08 20:31:33 +00:00
Volker Lendecke
ef7afeb3a3 lib: Fix error path memleaks in prefork_create_pool()
A few return statements missed the "TALLOC_FREE(pfp);"

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-08 20:31:33 +00:00
Volker Lendecke
e7a6dba21c lib: Make pfh_daemon_config take a const default config
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-08 20:31:33 +00:00
Volker Lendecke
d82acf7685 lib: give global_contexts.c its own header file
It's a bit shocking how many references we have to global
contexts. Make this a bit more obvious.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-08 20:31:33 +00:00
Andreas Schneider
38c989fab7 s3:lib: Create the cache path of user gencache recursively
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14601

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan  6 23:59:58 UTC 2021 on sn-devel-184
2021-01-06 23:59:58 +00:00
Dimitry Andric
3e96c95d41 lib: Avoid declaring zero-length VLAs in various messaging functions
In messaging_rec_create(), messaging_recv_cb() and
messaging_dispatch_rec(), variable length arrays of file descriptors are
declared using an incoming num_fds parameter.

However, there are several scenarios where num_fds can be zero, and
declaring a zero-length VLA is undefined behavior. This can lead to
segmentation faults and/or other crashes when compiling with recent
versions of clang at high optimization levels.

To avoid ever using zero as the length for these declarations, use
MAX(1, length) instead.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14605

Signed-off-by: Dimitry Andric <dimitry@andric.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Jan  4 10:50:07 UTC 2021 on sn-devel-184
2021-01-04 10:50:07 +00:00
Ralph Boehme
8d0ea8bafa vfs: add acl type arg to SMB_VFS_SYS_ACL_SET_FD()
No change in behaviour, the new arg is not yet used in any module.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-17 18:56:28 +00:00
Ralph Boehme
368b8158cb s3/libadouble: use openat_pathref_fsp() in ad_open_rsrc()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().

As the create_disposition is FILE_OPEN we just return the error if
openat_pathref_fsp() fails

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:31 +00:00
Ralph Boehme
e4bb359a53 s3/libadouble: use openat_pathref_fsp() in ad_collect_one_stream()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:31 +00:00
Ralph Boehme
349c573773 s3/libadouble: use openat_pathref_fsp() in ad_unconvert_get_streams()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:31 +00:00
Ralph Boehme
e70c61874a s3/libadouble: use openat_pathref_fsp() in ad_unconvert_open_ad()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:31 +00:00
Ralph Boehme
be4a4b5116 s3/libadouble: use openat_pathref_fsp() in ad_convert_finderinfo()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:31 +00:00
Ralph Boehme
67a7354814 s3/libadouble: use openat_pathref_fsp() in ad_convert_xattr()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:31 +00:00
Ralph Boehme
c39940d81b s3/lib: add proc fds infrastructure
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:30 +00:00
Ralph Boehme
9db3ff2573 smbd: use fsp_get_io_fd() when accessing a file or it's associated metadata
In all places where we access or modify a file or it's associated metadata, we
use fsp_get_io_fd() to fetch the low-level fd from the fsp. This ensures we
don't accidentally use a pathref fsp where the fd would be opened as root on
systems lacking O_PATH.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:30 +00:00
Volker Lendecke
441fdc1280 lib: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-04 21:08:38 +00:00
Volker Lendecke
05f7558b4c lib: Change make_file_id_from_itime() prototype
SMB_STRUCT_STAT is defined in includes.h. This way including file_id.h
is possible without including includes.h

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-30 22:24:38 +00:00
Andreas Schneider
5ef3b6deba s3:lib: Check return code of set_blocking()
Found by covscan.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-11-26 06:52:41 +00:00
Volker Lendecke
76043ccb7f lib: Slightly optimize smb_fname_str_dbg()
Don't leak "fname"

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-10 19:49:33 +00:00
Volker Lendecke
30c917c215 lib: Fix a theoretical out-of-bounds write
This routine looked fishy: We do cap_vals[num_cap_vals++] = XXX based
on #ifdefs and capabilities. Then later on we did a check that we did
not overwrite the stack. The change I did is to just count the number
of num_cap_vals++, right now it's 5. I know it is in different switch
branches, but with the #ifdefs it's a bit clumsy to read the exact
number of actual num_cap_vals++ that can happen in one run. On debian
buster, cap_val_t is an int, so this is not really wasting too much.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-10 19:49:33 +00:00
Volker Lendecke
1af086d23c lib: Fix a signed/unsigned warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-10 19:49:33 +00:00
Andreas Schneider
1298280a22 auth:creds: Rename CRED_USE_KERBEROS values
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2020-11-03 15:25:37 +00:00
Ralph Boehme
c2f0fd40da smb: rename NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to NTCREATEX_FLAG_DENY_FCB
Just a shorter name, no change in behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-23 17:44:33 +00:00
Ralph Boehme
6da16727e1 smb: rename NTCREATEX_OPTIONS_PRIVATE_DENY_DOS to NTCREATEX_FLAG_DENY_DOS
Just a shorter name, no change in behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-23 17:44:33 +00:00
Volker Lendecke
a01dfc29c1 lib: Add tevent_req_received() to messaging_filtered_read_recv()
Early talloc_free() for the msg_rec if it's not picked up

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 21 20:27:57 UTC 2020 on sn-devel-184
2020-10-21 20:27:57 +00:00
David Disseldorp
6b9564c108 s3:ctdbd_conn: simplify get_public_ips() / find_in_public_ips() API
These calls are used to check whether an IP address is static to the
host, or whether it could be migrated by ctdb.

Combine the calls into a simple ctdbd_public_ip_foreach(cb) function,
which avoids the need to expose struct ctdb_public_ip_list_old.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 14 12:29:56 UTC 2020 on sn-devel-184
2020-10-14 12:29:55 +00:00
Jones Syue
b78ff57176 interface: fix if_index is not parsed correctly
Replace probed_ifaces[i] with ifs.

In SDC 2020 SMB3 Virtual IO Lab,
run Windows Protocol Test Suite to test FileServer multichannel test cases.
Samba server has 2 virtual interfaces for VPN connection:
> name=tun2001, ip/mask=192.168.144.9/22
> name=tun2002, ip/mask=192.168.144.10/22
test suite client can ping these 2 ip addresses and browse shares.
Then client try to use IOCTL FSCTL_QUERY_NETWORK_INTERFACE_INFO to get the
virtual ip addresses of samba server, but samba server responded it
without the virtual ip addresses. My VPN setup is point-to-point and the
virtual interfaces 'tun2001' & 'tun2002' are without flag IFF_BROADCAST.
So edit smb.conf and add
"interfaces = ${virtual_ip}/${mask_length};if_index=${id}", like this:
> interfaces = eth4 eth8 eth11 eth10 qvs0 "192.168.144.9/22;if_index=50" "192.168.144.10/22;if_index=51"
then samba server IOCTL response could return the virtual ip addresses,
but found a issue:
the interface index of virtual ip addresses is always 4294967295
(0xFFFFFFFF, -1).

Quote Metze: 6cadb55d97 (note_419181789)
This looks good, I think that also explains
the possible memory corruption/crash I mentioned in the bug report.
As 'i' is most likely the same as 'total_probed' and
probed_ifaces[i] is not valid, so we overwrite unrelated memory.
Later I see 'realloc(): invalid pointer' and this backtrace:
  BACKTRACE:
    log_stack_trace + 0x29 [ip=0x7f2f1b6fffa9] [sp=0x7ffcd0ab53e0]
    smb_panic + 0x11 [ip=0x7f2f1b700301] [sp=0x7ffcd0ab5d10]
    sig_fault + 0x54 [ip=0x7f2f1b7004f4] [sp=0x7ffcd0ab5e20]
    funlockfile + 0x50 [ip=0x7f2f17ce6dd0] [sp=0x7ffcd0ab5ec0]
    gsignal + 0x10f [ip=0x7f2f1794970f] [sp=0x7ffcd0ab6b90]
    abort + 0x127 [ip=0x7f2f17933b25] [sp=0x7ffcd0ab6cb0]
    __libc_message + 0x297 [ip=0x7f2f1798c897] [sp=0x7ffcd0ab6de0]
    malloc_printerr + 0x1c [ip=0x7f2f17992fdc] [sp=0x7ffcd0ab6ef0]
    realloc + 0x23a [ip=0x7f2f17997f6a] [sp=0x7ffcd0ab6f00]
    _talloc_realloc + 0xee [ip=0x7f2f1a365d2e] [sp=0x7ffcd0ab6f50]
    messaging_filtered_read_send + 0x18c [ip=0x7f2f1a10f54c] [sp=0x7ffcd0ab6fb0]
    messaging_read_send + 0x55 [ip=0x7f2f1a10f705] [sp=0x7ffcd0ab7000]
    smb2srv_session_table_init + 0x83 [ip=0x7f2f1b3a6cd3] [sp=0x7ffcd0ab7040]
    smbXsrv_connection_init_tables + 0x2d [ip=0x7f2f1b373f4d] [sp=0x7ffcd0ab7060]
    smbd_smb2_request_process_negprot + 0x827 [ip=0x7f2f1b38cb47] [sp=0x7ffcd0ab7080]
    smbd_smb2_request_dispatch + 0x19db [ip=0x7f2f1b38921b] [sp=0x7ffcd0ab71d0]
    smbd_smb2_process_negprot + 0x298 [ip=0x7f2f1b38bb38] [sp=0x7ffcd0ab7260]
    process_smb + 0x2ca [ip=0x7f2f1b37537a] [sp=0x7ffcd0ab72b0]
    smbd_server_connection_read_handler + 0xd0 [ip=0x7f2f1b376420] [sp=0x7ffcd0ab7350]

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14514

Signed-off-by: Jones Syue <jonessyue@qnap.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-10-14 11:07:36 +00:00
Andreas Schneider
925cc9aafb s3:lib: Move interface prototypes to own header file
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct  9 20:36:13 UTC 2020 on sn-devel-184
2020-10-09 20:36:12 +00:00
Andreas Schneider
4aac9daf09 s3:libsmb: Remove max_protocol from cli_cm_open()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-09 19:16:46 +00:00
Andreas Schneider
df1623abd7 s3:libsmb: Pass cli_credentials to cli_cm_open()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-09 19:16:46 +00:00
Andreas Schneider
a9fbc8dae8 s3:libsmb: Remove force_encrypt from cli_cm_open()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-09 19:16:45 +00:00
Ralph Boehme
322574834f vfs: remove dirfsp arg from SMB_VFS_CREATE_FILE()
This was supposed to be a shortcut to avoid passing dirfsp around as an explicit
function argument throughout the whole codebase when the new VFS design idea was
based on using *AT functions throughout the VFS.

Now that we've opted for basing the VFS on handles and *AT functions will only
be used in a much more limitted extent, it makes sense to remove this internal
dirfsp reference, otherwise the combination of internal fsp->dirfsp and
smb_fname->fsp is going to be a tough to wrap your head around.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct  2 21:00:05 UTC 2020 on sn-devel-184
2020-10-02 21:00:05 +00:00
Ralph Boehme
1c444f9c37 smbd: remove fsp->dirfsp
This was supposed to be a shortcut to avoid passing dirfsp around as an explicit
function argument throughout the whole codebase when the new VFS design idea was
based on using *AT functions throughout the VFS.

Now that we've opted for basing the VFS on handles and *AT functions will only
be used in a much more limitted extent, it makes sense to remove this internal
dirfsp reference, otherwise the combination of internal fsp->dirfsp and
smb_fname->fsp is going to be a tough to wrap your head around.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 19:39:44 +00:00
Jeremy Allison
af6aaf6243 s3: libsmb: Convert the WINS and broadcast name functions to return size_t * num addresses.
Have to do both at once as they are intimately related.
The uglyness inside internal_resolve_name() will go away
once all the resove_XXX() functions return size_t values.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2020-09-15 10:09:36 +00:00
Christof Schmitt
8d34b6735f lib: Make get_share_security_default static
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-09-12 06:29:37 +00:00
Matthew DeVore
c2ac923c6a s3: safe_string: do not include string_wrappers.h
Rather than have safe_string.h #include string_wrappers.h, make users of
string_wrappers.h include it explicitly.

includes.h now no longer includes string_wrappers.h transitively. Still
allow includes.h to #include safe_string.h for now so that as many
modules as possible get the safety checks in it.

Signed-off-by: Matthew DeVore <matvore@google.com>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-08-28 00:56:34 +00:00
Volker Lendecke
ccaf661f7c tldap: Receiving "msgid == 0" means the connection is dead
We never use msgid=0, see tldap_next_msgid(). RFC4511 section 4.4.1
says that the unsolicited disconnect response uses msgid 0. We don't
parse this message, which supposedly is an extended response: Windows
up to 2019 sends an extended response in an ASN.1 encoding that does
not match RFC4511.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Aug 21 20:37:25 UTC 2020 on sn-devel-184
2020-08-21 20:37:24 +00:00
Volker Lendecke
a2b281bed0 tldap: Add PRINTF_ATTRIBUTE declaration to tldap_debug()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-08-21 19:14:33 +00:00
Volker Lendecke
2a2a6b27cc tldap: Make sure all requests are cancelled on rundown
Put messages into the ld->pending array before sending them out, not
after they have been sent.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-08-21 19:14:33 +00:00
Volker Lendecke
f745f5b125 tldap: Centralize connection rundown on error
Whenever send or recv return -1, we have to cancel all pending
requests and our transport stream is no longer usable: Discard it upon
such an error.

To avoid duplicate state, tldap_connection_ok() now looks at whether
we have a tstream_context around.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-08-21 19:14:33 +00:00