IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This is an adaptation to Heimdal:
commit 06f8985c55fcd23e3efe0017ed2480c5b3c4524f
Author: Luke Howard <lukeh@padl.com>
Date: Wed Jan 5 09:42:03 2022 +1100
hdb: consolidate preauth audit event types
Instead of having distinct preauth success/failure events for different
mechanisms, have a single event; the mechanism can be disambiguated by querying
the HDB_REQUEST_KV_PA_NAME key.
Note: there is still an explicit event for long-term key-based success/failure
in order to help the backend implement lockout.
Audit failure (HDB_AUTH_EVENT_PREAUTH_FAILED) in the main preauth loop, rather
than in each mechanism. Success is still audited in the mechanism to allow
client pre-authentication success to be noted even if something subsequent
(e.g. encoding a reply, memory allocation) fails. The generic catch-all for
success remains.
NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit f234361abea4166ce4e10cfa4e7f4096b83480a9)
This is an adaptation to Heimdal:
commit fcff5933ade652343d7c169659da92fac0e6e0d4
Author: Luke Howard <lukeh@padl.com>
Date: Mon Jan 3 11:10:18 2022 +1100
kdc: rename windc to kdc plugin
Rename the "windc" plugin API to the more general "kdc" plugin API, for two
reasons: the Heimdal KDC uses the Windows PAC even when not emulating a domain
controller, and the plugin API has accreted methods that are not specific to
emulating a domain controller (such as referral_policy and finalize_reply).
NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 83586e8f5846fff7a8bbe47e743e03166b559584)
This is now used instead of a configuration option.
This is an adaption to Heimdal:
commit 3fa47f5a1a422e178d968a8ec0d59889eaa71548
Author: Luke Howard <lukeh@padl.com>
Date: Sun Jan 2 21:51:43 2022 +1100
kdc: add referral_policy callback to windc plugin
Add a referral policy hook to the TGS as a more elegant way of resolving
referral detection for Samba). The hook can either rewrite the server_princ in
the request, or it can return an error to disable built-in referral processing.
NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit a5799cea037a4613ba4d1073fff6e6151ed06c76)
This is an adaptation to Heimdal:
commit d683780b1d728bf8c5b794a1f66842e5a25bd360
Author: Luke Howard <lukeh@padl.com>
Date: Sat Jan 1 23:44:05 2022 +1100
kdc: separate PKINIT/GSS authorization failure
Create a new audit event for PKINIT/GSS authorization (impersonation) failure
NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 0d37a1928100e229bea46701b41d4efa72e10266)
This is an adaptation to Heimdal:
commit e15e711b13e2fb33f4480a054cba60b6c4c0183b
Author: Luke Howard <lukeh@padl.com>
Date: Sat Jan 1 18:05:51 2022 +1100
kdc: remove auth_event_details audit key
The auth event details audit key (formerly, parameter to auth_status)
contained, variously, an encryption type name; a PKINIT client certificate
name; or, a GSS initiator name. Audit these instead using individual keys that
reflect the values' contents.
NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 7989ef0aa7b75b2e5af7be445fc64cbf49b2985c)
This is an adaptation to Heimdal:
commit b1dcc1a47485165ada778ef3c3463cfc0779d183
Author: Luke Howard <lukeh@padl.com>
Date: Fri Dec 31 17:24:58 2021 +1100
kdc: refactor Samba-specific auditing API in terms of existing API
Make Samba-specific HDB auth status API a wrapper on the existing auditing API,
with a view towards unifying the two APIs in a future commit.
The term "auth status" is replaced with "auth event", and the HDB auth_status
method is replaced with a more general purpose audit method which has access to
the entire request structure.
NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit a2f7987d58372cfc52bc5f9786c0719439956fee)
This is an adaptation to Heimdal:
commit be708ca3cf98900c61919f8ff7ced4428b5d1f32
Author: Nicolas Williams <nico@twosigma.com>
Date: Wed Dec 22 17:01:12 2021 -0600
gsskrb5: Add simple name attributes support
This adds Kerberos mechanism support for:
- composite principal name export/import
- getting rudimentary name attributes from GSS names using
gss_get_name_attribute():
- all (raw) authorization data from the Ticket
- all (raw) authorization data from the Authenticator
- transit path
- realm
- component count
- each component
- gss_inquire_name()
- gss_display_name_ext() (just for the hostbased service name type
though)
The test exercises almost all of the functionality, except for:
- getting the PAC
- getting authz-data from the Authenticator
- getting the transit path
TBD (much) later:
- amend test_context to do minimal name attribute checks as well
- gss_set_name_attribute() (to request authz-data)
- gss_delete_name_attribute()
- getting specific authorization data elements via URN fragments (as
opposed to all of them)
- parsing the PAC, extracting SIDs (each one as a separate value)
- some configurable local policy (?)
- plugin interface for additional local policy
NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit f2ca9c5db7e1bb20cfc6705633b48c32b1496334)
NOTE: THIS COMMIT WON'T COMPILE/WORK ON ITS OWN!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 51569b3152a952d07fddaa3a70d60c920618c704)
This is an adaptation to Heimdal:
commit ddc61136100b32346c4c4efa2bb6ddb5baedfb3e
Author: Nicolas Williams <nico@twosigma.com>
Date: Fri Jan 14 16:32:04 2022 -0600
Use fallthrough statement attribute
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit fccf9859786dfb50b317ea2296c2494997f0ae09)
Without this, Heimdal will assume time_t is unsigned, and a wrong
assumption will cause 'infinite' ticket lifetimes to be reckoned as from
the past, and thus requests will fail with KDC_ERR_NEVER_VALID.
This is an adaptation to Heimdal:
commit 9ae9902249732237aa1711591604a6adf24963fe
Author: Nicolas Williams <nico@twosigma.com>
Date: Tue Feb 15 17:01:00 2022 -0600
cf: Check if time_t is signed
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Mar 1 18:07:50 UTC 2022 on sn-devel-184
(cherry picked from commit 9eb27f296ae2b797803fffbb7f4cb34d8eb06f34)
Heimdal will no longer allow us to pass a dummy zero-length buffer to
krb5_pac_add_buffer(), so we have to pass a buffer of length 1 instead.
This is an adaption to Heimdal:
commit 190263bb7a56fc775b50a6cd0dc91820d2b2e5eb
Author: Jeffrey Altman <jaltman@secure-endpoints.com>
Date: Wed Jan 19 22:55:33 2022 -0500
assert non-NULL ptrs before calling mem funcs
The definitions of memcpy(), memmove(), and memset() state that
the behaviour is undefined if any of the pointer arguments are
NULL, and some compilers are known to make use of this to
optimise away existing NULL checks in the source.
Change-Id: I489bc256e3eac7ff41d91becb0b43aba73dbb3f9
Link: https://www.imperialviolet.org/2016/06/26/nonnull.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 9936038fae72fb440864be543e9afd500444d502)
This is an adaptation to Heimdal:
commit 7bb00a40eabbed2bc1c268f5244bfb9736d9bebe
Author: Luke Howard <lukeh@padl.com>
Date: Tue Jan 4 13:08:35 2022 +1100
kdc: fix Windows build
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 6d8fec7006e8eadf5967a6f2f5add7d3c2c7bd3e)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit ef95fb439237910b945b8d6a3ad4a140a8d6d1ea)
This is most likely not a problem for the current callers,
but that it is unexpected and will likely cause problems with future
changes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14993
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit f6fe86924c2ca756083d3628d5dbace0b12d06b0)
stat_cache_lookup() allocates its result on top of talloc_tos().
filename_convert_smb1_search_path() creates a talloc_stackframe(),
which makes the names which were supposed to be allocated on the "ctx"
parameter of filename_convert_smb1_search_path() go away too
early. Reparent the results from stat_cache_lookup() properly.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14989
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 1 20:59:55 UTC 2022 on sn-devel-184
(cherry picked from commit 8c97743511e4d53f795f2469a28aabfb96da0dfa)
this was another portability regression that came with the moving to waf
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13631
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 18 23:12:51 UTC 2022 on sn-devel-184
(cherry picked from commit 45cb14ac80889ac913f7f76dbfaebcb4d5ee14fd)
Autobuild-User(v4-16-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-16-test): Sun Feb 27 20:03:27 UTC 2022 on sn-devel-184
We need to return 0 in case readlink is *broken* here - this is because our waf
CHECK_CODE function does only allow generating defines in case the test succeeds
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13631
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit e225ab70db0cc01454d319eaca5265d7e33f396c)
The principal name stored in the winbindd ccache entry might be an
enterprise principal name if enterprise principals are enabled. Use
the canonical name to renew the credentials.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14979
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 8246ccc23d064147412bb3475e6431a9fffc0d27)
Autobuild-User(v4-16-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-16-test): Fri Feb 25 18:08:19 UTC 2022 on sn-devel-184
They will be used later to refresh the tickets.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14979
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 0f4f330773d272b4d28ff3ba5a41bdd4ba569c8b)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14979
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 00b1f44a7e8f66976757535bcbc6bea97fb1c29f)
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 1b5b4107a5081f15ba215f3025056d509fcfcf2a)
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit ed14513be055cc56eb39785323df2c538a813865)
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 3dbcd20de98cd28683a9c248368e5082b6388111)
What we want to avoid:
$ ./bin/testparm -s | grep "idmap config"
idmap config * : rangesize = 10000
idmap config * : range = 10000-19999
idmap config * : backend = autorid
$ ./bin/wbinfo --name-to-sid BUILTIN/Administrators
S-1-5-32-544 SID_ALIAS (4)
$ ./bin/wbinfo --sid-to-gid S-1-5-32-544
10000
$ ./bin/wbinfo --name-to-sid ADDOMAIN/alice
S-1-5-21-4058748110-895691256-3682847423-1107 SID_USER (1)
$ ./bin/wbinfo --sid-to-gid S-1-5-21-984165912-589366285-3903095728-1107
failed to call wbcSidToGid: WBC_ERR_DOMAIN_NOT_FOUND
Could not convert sid S-1-5-21-984165912-589366285-3903095728-1107 to gid
If only one range is configured we are either not able to map users/groups
from our primary *and* the BUILTIN domain. We need at least two ranges to also
cover the BUILTIN domain!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14967
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 7e5afd8f1f7e5cfab1a8ef7f4293ac465b7cd8de)
Autobuild-User(v4-16-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-16-test): Fri Feb 18 09:07:13 UTC 2022 on sn-devel-184
What we want to avoid:
$ ./bin/testparm -s | grep "idmap config"
idmap config * : rangesize = 10000
idmap config * : range = 10000-19999
idmap config * : backend = autorid
$ ./bin/wbinfo --name-to-sid BUILTIN/Administrators
S-1-5-32-544 SID_ALIAS (4)
$ ./bin/wbinfo --sid-to-gid S-1-5-32-544
10000
$ ./bin/wbinfo --name-to-sid ADDOMAIN/alice
S-1-5-21-4058748110-895691256-3682847423-1107 SID_USER (1)
$ ./bin/wbinfo --sid-to-gid S-1-5-21-984165912-589366285-3903095728-1107
failed to call wbcSidToGid: WBC_ERR_DOMAIN_NOT_FOUND
Could not convert sid S-1-5-21-984165912-589366285-3903095728-1107 to gid
If only one range is configured we are either not able to map users/groups
from our primary *and* the BUILTIN domain. We need at least two ranges to also
cover the BUILTIN domain!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14967
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit db6d4da3411a910e7ce45fe1fecfabf2864eb9f4)
What we want to avoid:
$ ./bin/testparm -s | grep "idmap config"
idmap config * : rangesize = 10000
idmap config * : range = 10000-19999
idmap config * : backend = autorid
$ ./bin/wbinfo --name-to-sid BUILTIN/Administrators
S-1-5-32-544 SID_ALIAS (4)
$ ./bin/wbinfo --sid-to-gid S-1-5-32-544
10000
$ ./bin/wbinfo --name-to-sid ADDOMAIN/alice
S-1-5-21-4058748110-895691256-3682847423-1107 SID_USER (1)
$ ./bin/wbinfo --sid-to-gid S-1-5-21-984165912-589366285-3903095728-1107
failed to call wbcSidToGid: WBC_ERR_DOMAIN_NOT_FOUND
Could not convert sid S-1-5-21-984165912-589366285-3903095728-1107 to gid
If only one range is configured we are either not able to map users/groups
from our primary *and* the BUILTIN domain. We need at least two ranges to also
cover the BUILTIN domain!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14967
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit fe84ae5547313e482ea0eba8ddca5b38a033dc8f)
A stalled node probably continues to hold the cluster lock, so confirm
elections work in this case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14958
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Feb 14 02:46:01 UTC 2022 on sn-devel-184
(cherry picked from commit 331c435ce520bef1274e076e6ed491400db3b5ad)
Autobuild-User(v4-16-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-16-test): Tue Feb 15 09:55:38 UTC 2022 on sn-devel-184
Elections should now be quite rare, so always log when one begins.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14958
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 0e74e03c9cf83d5dc2d97fa9f38ff8fbaa3d2685)
This is currently missed when the cluster lock is lost.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14958
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit bf55a0117d045e8ca888f7e01591cc2a2bce9223)
The problem here is that election-in-progress must be set to
potentially avoid restarting the election broadcast timeout in
main_loop(), so this is already done by leader_handler().
Have force_election() set election-in-progress for all election types
and do not bother setting it in cluster_lock_election().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14958
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 9b3fab052bd2dccf2fc3fe9bd2b4354dff0b9ebb)
Election-in-progress is set by unknown leader broadcast, so needs to
be cleared in all cases when election completes.
This was seen in a case where the leader node stalled, so didn't send
leader broadcasts for some time. The node continued to hold the
cluster lock, so another node could not become leader. However, after
the node returned to normal it still did not send leader broadcasts
because election-in-progress was never cleared.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14958
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 188a9021565bc2c1bec1d7a4830d6f47cdbc44a9)
This fixes a use-after-free in smb_full_audit_create_file() when
calling SMB_VFS_CREATE_FILE with fsp->fsp_name as smb_fname.
create_file_unixpath() has this comment:
* This is really subtle. If someone passes in an smb_fname
* where smb_fname actually is taken from fsp->fsp_name, then
* the lifetime of these objects is meant to be the same.
so it seems legitimate to call CREATE_FILE this way.
When CREATE_FILE runs into an error, create_file_unixpath() does a
file_free, which also takes fsp->fsp_name with
it. smb_full_audit_create_file() wants to log the failure including
the smb_fname after NEXT_CREATE_FILE has exited, but this will then
use the already free'ed data.
Fix by only doing the file_free() on an fsp that
create_file_unixpath() created itself.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 10 19:11:33 UTC 2022 on sn-devel-184
(cherry picked from commit 434e6d4b4b45757878642d229d26d146792a3878)
Autobuild-User(v4-16-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-16-test): Mon Feb 14 18:36:26 UTC 2022 on sn-devel-184
This does almost everything that close_file_free() does, but it leaves
the fsp around.
A normal close_file() now calls fsp_unbind_smb() twice. Functionally
this is not a problem, fsp_unbind_smb() is idempotent. The only
potential performance penalty might come from the loops in
remove_smb2_chained_fsp(), but those only are potentially large with
deeply queued smb2 requests. If that turns out to be a problem, we'll
cope with it later. The alternative would be to split up file_free()
into even more routines and make it more difficult to figure out which
of the "rundown/unbind/free" routines to call in any particular
situation.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit e91b59c4dfb2b35661dbecbc5769584109e23571)
For example, remove our entry from smbXsrv_open_global.tdb
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit e751c6237b750adb4cb59df4a42bb9f39354e7e4)
Run vfstest with this vfstest.cmd under valgrind and you'll see what
happens. Exact explanation a few patches further down...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 5f1ceead7094aefc6ad1f209468e9ea8f009716c)
We are no longer called on base_fsp's in SHUTDOWN_CLOSE. That
simplifies the logic in the common case, we now have a linear flow for
the very often-called close_file()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 93fe9c83145d31ea11a9cd25049ac527ad4a000d)
Same logic as the change for file_close_conn()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 1fbd9877fead466a17d697c143cd370c0b27f610)
To be reused in file_close_user(). Deliberately a separate commit to
make the previous commit easier to understand.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 61f57ba24ee2e54abf224118f93bd0ccda44ec41)
close_file_free() needs to handle base fsps specially. This can be
simplified a lot if we pass the the open files a second time in case
we encountered base_fsps that we could not immediately delete.
file_close_conn() is not our hot code path, and also we don't expect
many thousand open files that we need to walk a second time.
A subsequent patch will simplify close_file_free(), the complicated
logic is now in files.c, where it IMHO belongs because
file_set_base_fsp() are here as well.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14975
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit d1341d666af12965b4318f89b1d0e1e8769e861e)
