IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Previously this would fail with Unsupported critical extension 1.3.6.1.4.1.7165.4.3.2
Reported by Alexander Harm. Many thanks for helping make Samba better
and for your patience with patches and providing debugging information.
REF: https://lists.samba.org/archive/samba/2020-February/228153.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14306
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This type of object was not possible to delete in Samba without first removing
the link.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14306
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit finally switches the RPC server implementation.
At the same we have to do other related changes to keep code compiling
and test environments running.
First avoid moving the session_info into the allocated pipes_struct memory
context as it is owned now by the core RPC server, and the s3compat pidl
compiler will update the pipes_struct session_info before dispatching
the call with dcesrv_call->auth_state->session_info.
Also, fix a segfault in the endpoint mapper daemon when it tries to delete
the endpoints previously registered over a NCALRPC connection.
If we have:
rpc_server : epmapper = external
rpc_server : lsarpc = external
rpc_daemon : epmd = fork
rpc_daemon : lsasd = fork
The sequence is:
* The endpoint mapper starts (start_epmd in source3/smbd/server.c)
* The lsarpc daemon starts (start_lsasd in source3/smbd/server.c)
* The lsarpc daemon creates the sockets and registers its endpoints
(rpc_ep_register in source3/rpc_server/lsasd.c)
* The endpoint registration code opens a NCALRPC connection to the
endpoint mapper daemon (ep_register in source3/librpc/rpc/dcerpc_ep.c)
and keeps it open to re-register if the endpoint mapper daemon dies
(rpc_ep_register_loop in source3/rpc_server/rpc_ep_register.c)
* When the endpoint mapper daemon accepts a NCALRPC connection it sets a
termination function (srv_epmapper_delete_endpoints)
* Suppose the lsarpc daemon exits. The NCALRPC connection termination
function is called.
* The termination function tries to delete all endpoints registered by that
connection by calling _epm_Delete
* _epm_Delete calls is_privileged_pipe which access to
pipes_struct->session_info.
As the call to _epm_Delete occurs outside of the PIDL generated code,
the pipes_stuct->session_info is NULL. This commit also sets
pipes_struct->session_info from the dcerpc_connection before calling
_epm_Delete. As the core rpc server supports security context multiplexing we
need to pass the dcesrv_connection to the termination function and let the
implementation pick a auth context. In the case of the endpoint mapper
the termination function has to pick one of type NCALRPC_AS_SYSTEM to
check if the connection is privileged and delete the endpoints
registered by the connection being closed.
Finally, the samba.tests.dcerpc.raw_protocol testsuite passes against
the ad_member environment.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Keep the s3 server behaviour for now and return always the same
association group ID, 0x53F0.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The goal is to pass the raw protocol testsuite against s3 RPC server.
To do so we need to enable epmd and lsasd daemons, as the testsuite
connects to the endpoint mapper and lsa endpoints using NCACN_IP_TCP
and NCACN_NP transports.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Let delayed update handler also update on-disk timestamps by calling
trigger_write_time_update_immediate().
trigger_write_time_update_immediate() sets fsp->update_write_time_on_close to
false which prevents updating the write-time on close if there was ever only one
write to the file.
Besides resetting fsp->update_write_time_on_close and setting the on-disk timestamps
trigger_write_time_update_immediate() takes the same steps as the removed code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 19 03:05:40 UTC 2020 on sn-devel-184
Verify close only updates write-time when a delayed update is actually pending.
This scenario is not covered by basic.delaywrite.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This test demonstrates that Windows has a timestamp resolution of ~15ms.
When a smaller amount of time than that has passed between modifying operations
on a file, it's not necessarily detectable on a Windows 2019 server that
implements immediate timestamp updates (no delayed magic).
Note that this test relies on a low latency SMB connection. Even with a low
latency connection of eg 1m there's a chance of 1/15 that the first part of the
test expecting no timestamp change fails as the writetime is updated.
Due to this timing dependency this test is skipped in Samba CI, but it is
preserved here for future SMB2 timestamps behaviour archealogists.
See also: https://lists.samba.org/archive/cifs-protocol/2019-December/003358.html
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We need to flush a pending write time update even when we're setting the
filesize to current filesize.
Note that we're already doing it this way in the relevant places listed my
dochelp@MS in
https://lists.samba.org/archive/cifs-protocol/2019-December/003364.html
Cleanup (= Close)
SetBasicInfo
SetAllocationInfo
SetEndOfFileInfo
SetValidDataLengthInfo
Flush
FSCTL_SET_ENCRYPTION
FSCTL_OFFLOAD_WRITE
Cleanup (= Close):
Already implemented by update_write_time_on_close() and friends.
SetBasicInfo:
Currently doesn't flush pending updates. Fixed by a subsequent commit.
SetAllocationInfo:
smb_set_file_allocation_info() when setting a file's allocation size.
SetEndOfFileInfo:
Currently doesn't flush pending updates. Fixed by a subsequent commit.
SetValidDataLengthInfo:
Not implemented, returns NT_STATUS_NOT_SUPPORTED which seems wrong btw, as
SetValidDataLengthInfo IS listed in MS-SMB2 2.2.39.
Flush:
Currently doesn't flush pending updates. Fixed by subsequent commit.
FSCTL_SET_ENCRYPTION:
Windows 2016 doesn't flush a pending writetime update, verified with a
smbtorture test.
FSCTL_OFFLOAD_WRITE:
NT_STATUS_NOT_IMPLEMENTED
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
For adapting unix extensions in our client libraries, we need a fresh start
with additional APIs. We can't change existing application behaviour.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is required that out tests work with MIT KRB5 1.18.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Found while trying to run winexe against Windows Server 2019.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
A few lines above the mode check we created a file with mode
0666. With unix exensions we expect this back 1:1, without them the
server changes them on the fly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This keeps the original SMB_STRUCT_STAT coming from posix as part of
struct file_info. It is a slight waste of space, as the timestamps are
kept twice, but having a full SMB_STRUCT_STAT with the nlink!=0
validity check makes thinking about which mode/size/etc is the correct
one a no-brainer. We can save space later by referencing only one set
of time stamps for example.
This for the time fixes readdirplus2, but for the wrong reason: We don't yet
create files the "proper" way using posix create.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The libsmbclient readdir tests are broken just for the unix extension
case. For example they assume our "map archive" behaviour. This will
have to be parameterized once unix extensions become better
implemented in libsmbclient
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 27 19:34:36 UTC 2020 on sn-devel-184
I'm planning to mess with libsmbclient tests calling into
smbtorture4. For this it will be much more convenient to have the
arguments available as a higher-level data structure than just a
string.
Checked by "diff" on the testlist before and after -- no change.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This fixes doing strlen() on talloc_tos(), about which valgrind is pretty
unhappy. Without this patch we survive the tests because we have fallbacks to
the non-posix flavors of stat(). With this patch in place cli_posix_stat()
becomes functional in this code path. This creates conflicts with the readdir
libsmbclient tests, which need fixing separately.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14101
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is an implementation which doesn't have undefined behavior
problems. It casts correctly that calculations are don in the correct
integer space. Also the naming is less confusing than what we have in
byteorder.h.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
According to Posix and the Linux open(2) manpage, the open-syscall can
return EINTR. If that happens, core smbd saw this as an indication
that aio_pthread's open function was doing its job. With a real EINTR
without aio_pthread this meant we ended up in a server_exit after 20
seconds, because there was nobody to do the retry.
EINTR is mapped to NT_STATUS_RETRY. Handle this by just retrying after
a second.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14285
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 20 22:14:25 UTC 2020 on sn-devel-184
This is fairly cheap and it is simple to do. This allows the Python
code to be able to specify a unclist quite simply. The level of
coupling doesn't seem worse than anything else in the
selftest/autobuild code.
There may be cleverer ways of doing this (e.g. a wrapper in
testprogs/blackbox/clusteredmember_smbtorture or similar) but cleverer
code isn't necessarily better code... and they'll probably involve
code duplication.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Allow running tests against a CTDB setup, thereby covering the
dbrwap_ctdb->ctdb stack in real SMB tests.
Sets up a 3 node cluster.
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Martin Schwenke <martin@meltin.net>
So just run it "as root" all the time.
Something similar is already done for other things in
Samba3::provision(), such as running smbpasswd in
Samba3::createuser().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Default to closing the write end of the parent->child pipe.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
If $nmbd is not "yes" then this can result in a warning.
Introduced in commit 676261fa08.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Feb 18 21:07:44 UTC 2020 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 14 20:16:04 UTC 2020 on sn-devel-184
LDAP Simple BIND authentications have already been mapped to a
DOMAIN\username pair and should not be mapped twice.
This appears to be a regression in 09e24ce40f
included in Samba 4.7.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13598
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Fri Feb 14 17:13:33 UTC 2020 on sn-devel-184
