IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
format_debug_text() still splits up lines with separate write-calls, but
DEBUGADD is something that I would like to get rid of.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Print the faulty character for easier finding it.
I did not find out how to split the format string into two lines such
that self.fail would properly print the whole thing in its exception,
so we have a long line here.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
running samba-fuzz CI job on latest tumbleweed docker image results in;
../../librpc/ndr/ndr_orpc.c: In function ‘ndr_print_DUALSTRINGARRAY’:
../../librpc/ndr/ndr_orpc.c:97:49: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
97 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^
../../librpc/ndr/ndr_orpc.c:97:17: note: ‘snprintf’ output between 4 and 14 bytes into a destination of size 13
97 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../librpc/ndr/ndr_orpc.c:105:49: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
105 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^
../../librpc/ndr/ndr_orpc.c:105:17: note: ‘snprintf’ output between 4 and 14 bytes into a destination of size 13
105 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../librpc/ndr/ndr_orpc.c: In function ‘ndr_print_STRINGARRAY’:
../../librpc/ndr/ndr_orpc.c:159:49: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
159 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^
../../librpc/ndr/ndr_orpc.c:159:17: note: ‘snprintf’ output between 4 and 14 bytes into a destination of size 13
159 | snprintf(idx, sizeof(idx), "[%d]", i);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Tue Sep 10 01:22:28 UTC 2024 on atb-devel-224
Fix typo in "samba-tool user add" error message when adding a user with
NIS features : the argument for the uid number is --uid-number and not
--uidNumber.
RN: Fix typo in samba-tool error message.
Signed-off-by: Lyanis Souidi <lyanis.souidi@u-pec.fr>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
We only need the stack temporarily, no reason to put it in the struct
Signed-off-by: Volker Lendecke <vl@samba.org>
Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Sep 6 14:23:58 UTC 2024 on atb-devel-224
reinit_after_fork() may panic or return an error on failure. When smbd
is started in interactive mode, it ignores the reinit_after_fork()
return status and unconditionally proceeds to smbd_process().
Similarly, if messaging_reinit() fails within reinit_after_fork() then
it will subsequently call ctdb_async_ctx_reinit() if clustering is
enabled.
There's no reason why these errors shouldn't be handled immediately, so
add appropriate error handling.
Found by code inspection; not seen in the wild.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Sep 4 09:53:01 UTC 2024 on atb-devel-224
When inherting permissions on the created stream, we call into the VFS to fetch
the streams security descriptor via inherit_access_posix_acl() ->
copy_access_posix_acl() -> SMB_VFS_SYS_ACL_SET_FD() passing the stream fsp which
triggers the assert SMB_ASSERT(!fsp_is_alternate_stream(fsp)) in
vfswrap_sys_acl_set_fd() in vfs_default.
Just passing the base fsp to the VFS fixes this.
vfs_streams_depot which *does use* distinct backend filesystem files for the
streams, currently does not apply permissions to the stream files at all, so the
incomplete behaviour of vfs_streams_depot is not affected by this change.
If in the future someone want to fix this defficiency in vfs_streams_depot, the
module code can use fsp->stream_fsp to base decisions in VFS ops whether the
module should carry out some action.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep 2 08:55:28 UTC 2024 on atb-devel-224
Commit 53c9269b (vfs_ceph_new: use low-level APIs for symlink/readlink)
introduced readlinkat using libcephfs low-level APIs. However, it does
not handle properly the case where readlinkat operates on empty name
string (see man readlinkat(2)), such as:
fd = openat(dirfd, symname, O_PATH | O_NOFOLLOW, 0);
readlinkat(fd, "", buf, bufsiz);
Handle this special case of readlinkat with empty name string by using
a reference to the symlink inode itself.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Aug 30 10:42:27 UTC 2024 on atb-devel-224
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Aug 30 00:08:41 UTC 2024 on atb-devel-224
This was passed to CTDB's old smnotify. This has been replaced by use
of nfs-utils' sm-notify, which doesn't need this.
In test, a fake NFS_HOSTNAME is still needed. Real sm-notify will get
it from a reverse host lookup of the IP address.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
CTDB's smnotify does not support IPv6 and is difficult to maintain.
So, create directories of files and pass them to NFS util's sm-notify.
There is an implied change here, because NFS utils sm-notify stopped
sending IP addresses as mon_name back in 2010:
http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commitdiff;h=900df0e7c0b9006d72d8459b30dc2cd69ce495a5
This will change advice given in the wiki to use a hostname for the
cluster with round-robin DNS, since this is what is best supported.
Another behavioural change is that sm-notify only sends "up"
notifications with an odd state.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
statd callout will shortly be updated to use NFS utils' sm-notify.
This tiny helper will be used to create on-disk state files used by
sm-notify. These state files contain endian-specific fields, so
better to write a simple C implementation than to do crazy things in a
shell script (or call out to Python).
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Rename the public function to ndr_token_peek_cmp_fn, the only user
does not remove the token. Factor out ndr_token_find to move the
token-removing logic to ndr_token_retrieve, the only caller that does
remove the token.
Keep libndr at 6.0.0, this has not been released yet.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug 29 08:40:52 UTC 2024 on atb-devel-224
Avoid an if-statement inside by passing a pointer-comparing function
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
On tumbleweed at least the definition in py_reparse_put of 'reserved' as
'unsigned' causes the tag value to be overwritten. Note: ParseTuple is
given a format of 'Kk' where
K = unsigned long long (for tag)
k = unsigned long (for reserved)
The problem is 'reserved' is defined as 'unsigned' which on a
64 bit linux system has size 4. The size however of the 'unsigned long' type
on the same 64 bit system is 8. This causes 'tag' to be overwritten by
the value of 'reserved' because it's destination size is smaller than
expected.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15702
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Aug 28 18:38:01 UTC 2024 on atb-devel-224
As per MS-FSA 2.1.5.10.22 FSCTL_QUERY_ALLOCATED_RANGES, if response
range entries exceed in_max_output, then we should respond with
STATUS_BUFFER_OVERFLOW and a truncated output buffer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15699
Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Aug 28 08:54:11 UTC 2024 on atb-devel-224
FSCTL_QUERY_ALLOCATED_RANGES responses with more than one range should
be truncated to account for a ioctl.smb2.in.max_output_response limit.
Add a test for this.
Flag the new test knownfail; fix in subsequent commit.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Aug 28 05:39:36 UTC 2024 on atb-devel-224
I think this may be a root cause of some Coverity false positives.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
A Coverity false positive (we check for error) but it is worth
doing per README.Coding
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
Coverity points out that if the string is longer than INT_MAX, the int
will overflow and the cast to uint8_t will discard bits.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
The point of this realloc is that we are not using this array, but
keeping it around to remain a node the talloc tree. We'd prefer to
reduce it to nothing.
Coverity rightly spotted that it was reallocing an array of `struct
ldb_val` to an array of `struct ldb_val *`, which has a different size
and all. But it doesn't matter in this case, because we will never use
it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15590
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
These tests are not affected by the reserved_usn change, so there is
no need to run them twice.
The test_repl_get_tgt_multivalued_links fails with or without
reserved_usn set to zero, but it fails differently in either case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
We don't need a timeout failure any more, since replication should
always work. Leaving the timeout in might sometimes cause a flapping
test if replication is being slow for some reason.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
Azure AD will set reserved_usn to zero when we expect it to be
the number we gave them.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
The next commit will indent this more, so it's a bit squished up.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
This emulates the behaviour of Azure AD.
As this is quite slow we will later reduce the test load in this case,
but for now we want to run all the getncchanges tests this way.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
In the next commit we are going to add tests in which the client
modifies the highwatermark in a way that resets replication (on Samba
only). After that we'll fix it.
If we leave the test in an eternal loop, the commit history will not
be bisectable, so we are temporarily going to turn long waits into
failures.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
For us to reach the statement ‘if (0 < len1)’, ‘len1’ must be equal to
‘len2’, and they must not both be equal to zero. That cannot be the case
if ‘len1’ is equal to zero, and therefore the ‘else’ branch cannot be
reached.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Suppose that ‘slen’ is equal to (size_t)-1. A few lines up, we had:
if (lastp != 0) goto slow_path;
Therefore, ‘lastp’ must evaluate to false.
Now suppose that ‘slen’ is not equal to (size_t)-1. In that case, we
would have executed:
if (slen != 0) goto slow_path;
Therefore, ‘slen’ must evaluate to false.
Consequently, this code can be seen to be unreachable.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This is faster than calling snprintf().
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This is much faster than calling sprintf() for every byte of data, and
improves the performance of functions outputting binary DNs.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
