IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Previously this would fail with Unsupported critical extension 1.3.6.1.4.1.7165.4.3.2
Reported by Alexander Harm. Many thanks for helping make Samba better
and for your patience with patches and providing debugging information.
REF: https://lists.samba.org/archive/samba/2020-February/228153.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14306
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This type of object was not possible to delete in Samba without first removing
the link.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14306
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Let delayed update handler also update on-disk timestamps by calling
trigger_write_time_update_immediate().
trigger_write_time_update_immediate() sets fsp->update_write_time_on_close to
false which prevents updating the write-time on close if there was ever only one
write to the file.
Besides resetting fsp->update_write_time_on_close and setting the on-disk timestamps
trigger_write_time_update_immediate() takes the same steps as the removed code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 19 03:05:40 UTC 2020 on sn-devel-184
Verify close only updates write-time when a delayed update is actually pending.
This scenario is not covered by basic.delaywrite.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We need to flush a pending write time update even when we're setting the
filesize to current filesize.
Note that we're already doing it this way in the relevant places listed my
dochelp@MS in
https://lists.samba.org/archive/cifs-protocol/2019-December/003364.html
Cleanup (= Close)
SetBasicInfo
SetAllocationInfo
SetEndOfFileInfo
SetValidDataLengthInfo
Flush
FSCTL_SET_ENCRYPTION
FSCTL_OFFLOAD_WRITE
Cleanup (= Close):
Already implemented by update_write_time_on_close() and friends.
SetBasicInfo:
Currently doesn't flush pending updates. Fixed by a subsequent commit.
SetAllocationInfo:
smb_set_file_allocation_info() when setting a file's allocation size.
SetEndOfFileInfo:
Currently doesn't flush pending updates. Fixed by a subsequent commit.
SetValidDataLengthInfo:
Not implemented, returns NT_STATUS_NOT_SUPPORTED which seems wrong btw, as
SetValidDataLengthInfo IS listed in MS-SMB2 2.2.39.
Flush:
Currently doesn't flush pending updates. Fixed by subsequent commit.
FSCTL_SET_ENCRYPTION:
Windows 2016 doesn't flush a pending writetime update, verified with a
smbtorture test.
FSCTL_OFFLOAD_WRITE:
NT_STATUS_NOT_IMPLEMENTED
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
For adapting unix extensions in our client libraries, we need a fresh start
with additional APIs. We can't change existing application behaviour.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
A few lines above the mode check we created a file with mode
0666. With unix exensions we expect this back 1:1, without them the
server changes them on the fly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This keeps the original SMB_STRUCT_STAT coming from posix as part of
struct file_info. It is a slight waste of space, as the timestamps are
kept twice, but having a full SMB_STRUCT_STAT with the nlink!=0
validity check makes thinking about which mode/size/etc is the correct
one a no-brainer. We can save space later by referencing only one set
of time stamps for example.
This for the time fixes readdirplus2, but for the wrong reason: We don't yet
create files the "proper" way using posix create.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The libsmbclient readdir tests are broken just for the unix extension
case. For example they assume our "map archive" behaviour. This will
have to be parameterized once unix extensions become better
implemented in libsmbclient
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 27 19:34:36 UTC 2020 on sn-devel-184
This fixes doing strlen() on talloc_tos(), about which valgrind is pretty
unhappy. Without this patch we survive the tests because we have fallbacks to
the non-posix flavors of stat(). With this patch in place cli_posix_stat()
becomes functional in this code path. This creates conflicts with the readdir
libsmbclient tests, which need fixing separately.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14101
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
According to Posix and the Linux open(2) manpage, the open-syscall can
return EINTR. If that happens, core smbd saw this as an indication
that aio_pthread's open function was doing its job. With a real EINTR
without aio_pthread this meant we ended up in a server_exit after 20
seconds, because there was nobody to do the retry.
EINTR is mapped to NT_STATUS_RETRY. Handle this by just retrying after
a second.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14285
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 20 22:14:25 UTC 2020 on sn-devel-184
LDAP Simple BIND authentications have already been mapped to a
DOMAIN\username pair and should not be mapped twice.
This appears to be a regression in 09e24ce40f
included in Samba 4.7.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13598
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Fri Feb 14 17:13:33 UTC 2020 on sn-devel-184
This type of account is often used by e-mail hosting platforms
that do not wish to create an AD domain for each DNS domain that
they host mail for.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13598
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Fix the expected data in fuzzed_ntlmssp-CHALLENGE_MESSAGE.txt, as it
contained source code line numbers.
Andrew this test needs to be altered to us a regular expression and
remove the dependency on source line numbers.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20083
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14236
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
I regularly get requests for my simple script to print the
password from the secrets.tdb (or secrets.ldb on the AD DC).
This removes the old script that only reads the secrets.ldb.
Neither new nor old script has tests, however it seems
better to have it in the tree where it can be found rather
that me digging it out of my outbound e-mail.
Originally posted here:
https://lists.samba.org/archive/samba/2017-November/212362.html
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
When a domain member gets an empty domain name or '.', it should
not forward the authentication to domain controllers of
the primary domain.
But we need to keep passing UPN account names with
an empty domain to the DCs as a domain member.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
We can not process on the basis of a DN, as the DN may have changed in a rename,
not only that this module can see, but also from repl_meta_data below.
Therefore remove all the complex tree-based change processing, leaving only
a tree-based sort of the possible objects to be changed, and a single
stopped_dn variable containing the DN to stop processing below (after
a no-op change).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Previously if there was a conflict, but the incoming object would still
win, this was not marked as a rename, and so inheritence was not done.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
When contending a WRITE with an existing READ, the contender puts
himself into the exclusive slot, waiting for the READers to go
away. If the async lock request is canceled before we got the lock, we
need to remove ourselves again. This is done in the destructor of the
g_lock_lock_state. In the successful case, the destructor needs to go
away.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Dec 22 18:57:17 UTC 2019 on sn-devel-184
This walks different code paths in the subsequent locker. And the one
that we did not test so far is in fact buggy
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This simply matches the behaviour from before e7b1acaddf
when the logic for a trailing . was added. This matches what is added in
the dnsRecord attribute for a name of "." over the dnsserver RPC
management interface and is based on what Windows does for that name
in (eg) an MX record.
No a security bug because we use talloc and so name will be just the
end of the talloc header.
Credit to OSS-Fuzz
Found using the fuzz_ndr_X fuzzer
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Dec 20 11:33:52 UTC 2019 on sn-devel-184
Ensure that the '-lock' files for the dns partitions as well as the data
files are linked when running
samba_dnsupgrade --dns-backend=BIND9_DLZ
failure to create these links can cause corruption of the corresponding
data file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Add tests to check that the '-lock' files for the dns partitions as well as
the data files are linked when running
samba_dnsupgrade --dns-backend=BIND9_DLZ
failure to create these links can cause corruption of the corresponding
data file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Credit to OSS-Fuzz
Found using the ndr_fuzz_X target.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
The set was within the switch, the get was before the switch.
The difference is shown when there is an empty default element.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
