IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
share_mode_data->fresh was very similar, but only set
and never used.
Now we remember 'not_stored' instead, the 'not_' is easier
as ndr_pull sets [skip] elements to 0.
We use this as indication to move the value to
memcache.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15125
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
If a client disconnected all its interfaces and reconnects when
the come back, it will likely start from any ip address returned
dns, which means it can try to connect to a different ctdb node.
The old node may not have noticed the disconnect and still holds
the client_guid based smbd.
Up unil now the new node returned NT_STATUS_NOT_SUPPORTED to
the SMB2 Negotiate request, as messaging_send_iov[_from]() will
return -1/ENOSYS if a file descriptor os passed to a process on
a different node.
Now we tell the other node to teardown all client connections
belonging to the client-guid.
Note that this is not authenticated, but if an attacker can
capture the client-guid, he can also inject TCP resets anyway,
to get the same effect.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15159
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 2 20:59:15 UTC 2022 on sn-devel-184
MSG_RPC_DUMP_STATUS will be like pool-usage carrying a file descriptor to
report status to, the other two are described in rpc_host.idl.
NOALIGN on rpc_worker_status: This makes it easier to count bytes to
push into a static buffer.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
It will be used later to pass in offline domain join structs to serve
request offline domain join requests.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
575d39048e3b4f619d65d65303ac809c40c5d495 has marked
several structures as recursive, they contain typically a
backpointer named '* next'. secrets_domain_info1 is not self
recursive, it only contains a pointer named '*next_change'.
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 29 03:07:17 UTC 2021 on sn-devel-184
Before processing an open we need to reserve the replay cache entry
in order to signal that we're still in progress.
If a reserved record is already present we need to return
FILE_NOT_AVAILABLE in order to let the client retry again.
[MS-SMB2] contains this:
<152> Section 3.2.5.1: For the following error codes, Windows-based clients
will retry the operation up to three times and then retry the operation every 5
seconds until the count of milliseconds specified by Open.ResilientTimeout is
exceeded:
- STATUS_SERVER_UNAVAILABLE
- STATUS_FILE_NOT_AVAILABLE
- STATUS_SHARE_UNAVAILABLE
This works fine for windows clients, but current windows servers seems to
return ACCESS_DENIED instead of FILE_NOT_AVAILABLE.
A Windows server doesn't do any replay detection on pending opens,
which wait for a HANDLE lease to be broken (because of a
SHARING_VIOLATION), at all.
As this is not really documented for the server part of the current [MS-SMB2],
I found the key hint in "SMB 2.2: Bigger. Faster. Scalier - (Parts 1 and 2)"
on page 24. There's a picture showing that a replay gets FILE_NOT_AVAILABLE
as long as the original request is still in progress. See:
https://www.snia.org/educational-library/smb-22-bigger-faster-scalier-parts-1-and-2-2011
A Windows client is unhappy with the current windows server behavior if it
such a situation happens. There's also a very strange interaction with oplock
where the replay gets SHARING_VIOLATION after 35 seconds because it conflicts with
the original open.
I think it's good to follow the intial design from the 2011 presentation and
make the clients happy by using FILE_NOT_AVAILABLE (and differ from Windows).
I'll report that to dochelp@microsoft.com in order to get this hopefully fixed in
their server too).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14449
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We need a full request/response pair in order to avoid races in
the multichannel connection passing.
smb2srv_client_mc_negprot_send/recv locks the
db record for the given client_guid.
If there's no entry found, we add ourself and
return NT_STATUS_OK.
If there's an existing process for that client guid
we start messaging_filtered_read_send()
dbwrap_watched_watch_send() before calling
smb2srv_client_connection_pass().
Then we release the lock and wait for either
MSG_SMBXSRV_CONNECTION_PASSED to arrive or
retry if dbwrap_watched_watch_recv signaled
a change in the database.
If we got MSG_SMBXSRV_CONNECTION_PASSED we'll
return NT_STATUS_MESSAGE_RETRIEVED in order to
signal that the other process will take care of
the connection and we terminate the current process.
All that is done completely async, which means that
the IDLE_CLOSED_TIMEOUT (60 seconds) may trigger
deadtime_fn(), which will send itself a MSG_SHUTDOWN.
So the process that accepted the tcp connection
exists if there was no MSG_SMBXSRV_CONNECTION_PASSED
within 60 seconds.
However the fd may still exists in the kernel (and
the new connection may still be handed to the other
process. If that process somehow exists before
there's no way to prevent a connection termination
for the client.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14433
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Mar 6 03:30:06 UTC 2021 on sn-devel-184
Nobody in share_mode_lock.c looked at that value anymore, so we don't
need to manually maintain it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Dec 4 22:32:38 UTC 2020 on sn-devel-184
This is just a step in the correct direction, but there's still a
possible race...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14433
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jul 14 14:59:19 UTC 2020 on sn-devel-184
Pointer values can be reused (yes, I hit that during my testing!).
Introduce a channel_id to identify connections and also add
some timestamps to make debugging easier.
This makes smbXsrv_session_find_auth() much more robust.
This is a similar change as 0cec96526bf4d3209caf36c4a19632ff5d5dd112:
"smb2_server: make sure we detect stale smbXsrv_connection pointers in smbXsrv_channel_global"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This will be the core of the logic that allows
us to retry break notifications.
When we start the "pending break cycle" we ask for
the current retransmission timemout (rto) on the TCP connection
and remember how many unacked bytes are in the kernel's
send queue. Each time we send bytes into the kernel
we add them to the unacked bytes.
We use a timer using the rto interval in order
to check the amount of unacked bytes again.
The provides send_queu_entry.ack.req will be completed
with tevent_req_done() when everything is completely acked,
tevent_req_nterror(NT_STATUS_IO_TIMEOUT) when
send_queu_entry.ack.timeout is expired or
tevent_req_nterror(connection_error) when the connection
gets disconnected.
It works with support from the FreeBSD and Linux kernels.
For other platforms we just have a fixed rto of 1 second.
And pretend all bytes are acked when we recheck after 1 second.
So only a connection error could trigger tevent_req_nterror(),
but there's no timeout. A follow up commit will most likely
disable support for multi-channel if we don't have kernel support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Instead of a sequence number that gets incremented we just
need a value that's not reused.
The is a similar change like the commit before at the g_lock.c
layer.
I expect a similar performance improvement here, but
I don't know a specific benchmark test to check.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is needed for lock replay detection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14396
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri May 29 13:33:28 UTC 2020 on sn-devel-184
Pointer values can be reused (yes, I hit that during my testing!).
Introduce a channel_id to identify connections and also add
some timestamps to make debugging easier.
This makes smbXsrv_session_find_channel() much more robust.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Limit the max_recursion on self recursive definitions in the idl to
20,000. This value is hopefully large eneough to not impact normal
operation, but small eneough to prevent stack over flow issues.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19820
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14254
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Feb 27 02:29:21 UTC 2020 on sn-devel-184
At last, the nail in the coffin. :)
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jan 13 21:09:01 UTC 2020 on sn-devel-184
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Dec 18 00:05:13 UTC 2019 on sn-devel-184
With the last commit we don't store the share mode entry count
anymore. With this commit we go one step further and avoid storing
it. If there's valid record in locking.tdb, there is a corresponding
record in share_entries.tdb, so there's no point storing that once
more explicitly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This implements two core changes:
* use NTTIME instead of struct timespec at the database layer
* use struct timespec { .tv_nsec = SAMBA_UTIME_OMIT } as special sentinel
value in smbd when processing timestamps
Using NTTIME at the database layer is only done to avoid storing the special
struct timespec sentinel values on disk. Instead, with NTTIME the sentinel value
for an "unset" timestamp is just 0 on-disk.
The NTTIME value of 0 gets translated by nt_time_to_full_timespec() to the
struct timespec sentinel value { .tv_nsec = SAMBA_UTIME_OMIT }.
The function is_omit_timespec() can be used to check this.
Beside nt_time_to_full_timespec(), there are various other new time conversion
functions with *full* in their name that can be used to safely convert between
different types with the changed sentinel value.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
These are not wire protocols, there are no structures to parse.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-progammed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This will contain a summary of the "most restrictive" share mode and
lease, i.e. intersection of all share_access entries and the union of
all access_mask and leases in the share mode array. This way
open_mode_check in the non-conflicting case will only have to look at
the summary and not walk the share mode array.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This moves share_modes[] from "struct share_mode_data" into a separate
share_entries.tdb with a sorted array of fixed-length (132 byte)
"struct share_mode_entry" entries.
I know it's one huge commit, but I did not see a way to keep both data
structures and associated code working together without a lot of code
duplication after having centralized all the code accessing the
share_modes[] array into a few routines.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Believe it or not, but without this change "num_files" was first.
Thanks Metze for this (to me at least) really, really surprising
insight!
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
They are put at the beginning for easy parsing without reading the
full struct. First step to remove the number of read oplocks/leases
from brlock.tdb, where it does not belong.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
file_id plus share_file_id remotely specify the fsp. This avoids the
explicit loop in the receiver.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat May 18 20:18:55 UTC 2019 on sn-devel-184
The previous scheme was overloaded, a idl definition is easier to
print, and it clarifies what data is actually needed
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 16 23:48:18 UTC 2019 on sn-devel-184
The original names will be used with a new structure to cache mac and
cipher handles for gnutls later.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This also removes the temporary functions introduced during the patchset.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Sun Apr 14 05:18:14 UTC 2019 on sn-devel-144
Instead of indexing into the leases[] array, put the lease_db reference into
the share_mode_entry. For simplicity, put in the client guid as well. We
*might* be able to retrieve that from somewhere else, but as other smbd
processes have to look at the lease values, put in the full leases_db index
data.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
