IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14783
RN: smbd "deadtime" parameter doesn't work anymore
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 10 18:41:43 UTC 2021 on sn-devel-184
We can use reset_share_mode_entry() for this purpose. 32 lines less
code.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 6 18:09:06 UTC 2021 on sn-devel-184
The "return" is unnecessary here, but in case the code changes later
on, it won't be forgotten. Also, we need to tell the callers that we
found an invalid record.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
I think this also fixes the errno return, cli_shutdown() can do a lot and set
errno in between.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Directly use the return value from cli_setatr(), don't go via the cli_state
struct member
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
In former times this switch statement had more than one branch
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
With just one case handled specially in a switch statement and the
rest being default:, a simple if-statement can reduce indentation.
Best viewed with "git show -b".
I wonder if the second "if (pauth->auth_type == DCERPC_AUTH_TYPE_NONE)"
leads to reachable code, this should have been taken care of already
further up. But for now I did the 1:1 translation of existing code.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14773
Signed-off-by: David Gajewski <dgajews@math.utoledo.edu>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Aug 6 17:19:57 UTC 2021 on sn-devel-184
Same as the fix for glusterfs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14766
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Aug 5 06:15:14 UTC 2021 on sn-devel-184
Handle the case where a NT4 DC does not fill in the acct_flags in
the samlogon reply info3. Yes, in 2021, there are still admins
arround with real NT4 DCs.
NT4 DCs reject authentication with workstation accounts with
NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT, even if
MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT is specified.
We no longer call dcerpc_samr_QueryUserInfo(level=16)
to get the acct_flags, as we only ever got
ACB_NORMAL back (maybe with ACB_PWNOEXP in addition),
which is easy to calculate on our own.
This was removed in commit (for 4.15.0rc1):
commit 73528f26ee
Author: Ralph Boehme <slow@samba.org>
AuthorDate: Mon Jan 11 14:59:46 2021 +0100
Commit: Jeremy Allison <jra@samba.org>
CommitDate: Thu Jan 21 22:56:20 2021 +0000
winbind: remove legacy flags fallback
Some very old NT4 DCs might have not returned the account flags filled in. This
shouldn't be a problem anymore. Additionally, on a typical domain member server,
this request is (and can only be) send to the primary domain, so this will not
work with accounts from trusted domains.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 21 22:56:20 UTC 2021 on sn-devel-184
It means one more caller of the problematic cm_connect_sam()
function is removed! SAMR connections may not be allowed for
machine accounts with modern AD DCs.
For network logons NT4 DCs also skip the
account_name, so we have to fallback to the
one given by the client. We have code to cope
with that deeply hidden inside of netsamlogon_cache_store().
Up to Samba 4.7 netsamlogon_cache_store() operated on the
info3 structure that was passed to the caller of winbind_dual_SamLogon()
and pass propagated up to auth_winbind in smbd.
But for Samba 4.8 the following commit:
commit f153c95176
Author: Ralph Boehme <slow@samba.org>
Date: Mon Dec 11 16:25:35 2017 +0100
winbindd: let winbind_dual_SamLogon return validation
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
actually changed the situation and only a temporary info3 structure
was passed into netsamlogon_cache_store(), which means
account_name was NULL and get propagated as "" into auth_winbind
in smbd, where getpwnam() is no longer possible and every
smb access gets NT_STATUS_LOGON_FAILURE.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14772
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug 3 11:10:27 UTC 2021 on sn-devel-184
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14700
RN: File owner not available when file unreadable
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Aug 2 18:05:04 UTC 2021 on sn-devel-184
This was needed before we had pathref fsps, with pathref fsps we can do
operation requiring WRITE_OWNER_ACCESS, WRITE_DAC_ACCESS and READ_CONTROL_ACCESS
on the pathref fsp.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14700
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
With the above combination, some flavor of lp_load() already
initializes global_event_ctx, for which the closeall_except() later on
will happily close the epoll fd for. If we want to close all file
descriptors at startup, this must be the very first thing overall.
Can't really write a proper test for this with knownfail that is
removed with the fix, because if we have clustering+include=registry,
the whole clusteredmember environment does not even start up.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Jul 31 16:58:41 UTC 2021 on sn-devel-184
This is a subtle one. In smbd_dirptr_get_entry() we now
open a pathref fsp on all entries - including "..".
If we're at the root of the share we don't want
a handle to the directory above it, so silently
close the smb_fname->fsp for ".." names to prevent
it from being used to return meta-data to the client
(more than we already have done historically by
calling pathname functions on "..").
The marshalling returned entries and async DOS
code copes with smb_fname->fsp == NULL perfectly
well.
Only in master, but will need fixing for 4.15.rc1
or 2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14759
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Jul 28 15:07:54 UTC 2021 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul 21 07:19:00 UTC 2021 on sn-devel-184
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14764
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 20 16:13:28 UTC 2021 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 16 03:45:19 UTC 2021 on sn-devel-184
This turns the 'smb2.read.bug14607' test from 'skip' into 'xfailure',
as the 2nd smb2cli_read() function will now return
NT_STATUS_INVALID_NETWORK_RESPONSE.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is always called via a path that mandates
smb_fname->fsp is valid.
https://bugzilla.samba.org/show_bug.cgi?id=14758
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Jul 15 05:48:05 UTC 2021 on sn-devel-184
This is always called via a path that mandates
smb_fname->fsp is valid.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14758
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We want to re-use this and don't want to have to add forward
declarations.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14758
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We already have a valid smb_fname->fsp, don't drop
it when returning from smbd_dirptr_lanman2_entry()
to allow it to be reused inside dos_mode_at_send().
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14758
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
If must be "smbd async dosmode", not "smbd:async dosmode"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14758
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This brings us closer to what a Windows Server with GMAC signing
returns.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
But notice that srv_sign_algos->num_algos is always 0 for now,
but that'll change in the next commits.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Normally these are never generated, but it can happen when the
signing check fails.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
It's important to match Windows here in order to avoid reusing
a NONCE for AES-128-GMAC signing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
SMB 3.0 and 3.0.2 require aes-128-ccm, so we need to reject them unless
'client smb3 encryption algorithms' allows them.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This gives administrators more control over the used algorithms.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This makes the code more generic and allow the supported ciphers
to be easily added or depend on the configuration later.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The motivation is to get the same error responses as a windows server.
We already fallback to smb2srv_session_lookup_global() in other places
where we don't have a valid session in the current smbd process.
If signing is failing while verifying a session setup request,
we should do the same if we don't have a valid channel binding
for the connection yet.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We have '} else if (signing_required || (flags & SMB2_HDR_FLAG_SIGNED)) {'
before...
Use 'git show -U52' to see the whole story...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
There might be other places than smb2srv_update_crypto_flags(), which
may call smbXsrv_session_update() with a fake session, they should
return in error instead of segfaulting.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
When we used a fake session structure from
smb2srv_session_lookup_global() there's no point in updating
any database.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
When we make use of this we only in order to provide the correct
error codes anyway.
This actually fixes even more error codes.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
These were only used in Windows development versions but not in
production.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The new code uses PING_DC to tell the child to try to go online.
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
The idea is to run the same DC validation steps as for dsgetdcname()
just omit the query list of DCs via DNS/netbios step but instead
validate a given DC right away.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
libnet_DomainOfflineJoin will consume the provided offline domain join
blob and lay out libnet_Join information to properly store join metadata
in the local database.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
It will be used later to pass in offline domain join structs to serve
request offline domain join requests.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Jul 14 08:58:30 UTC 2021 on sn-devel-184
Note that parent_pathref() must succeed before we call SMB_VFS_READ_DFS_PATHAT().
If parent_pathref() fails, just step back a component without calling
SMB_VFS_READ_DFS_PATHAT().
There are no longer any non-relative uses of SMB_VFS_READ_DFS_PATHAT().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Note parent_pathref() must succeed before we can call SMB_VFS_READ_DFS_PATHAT().
Otherwise, just skip the whole path optimization and go onto the path walk code.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Remember to update the smb_fname->st struct inside check_msdfs_link(),
as we now pass the atname to is_msdfs_link(), not the smb_fname.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We don't need an io fd here, and we only get away
with it as we have the assert above:
SMB_ASSERT(dirfsp == dirfsp->conn->cwd_fsp);
This will be removed next.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Change struct stat st -> SMB_STRUCT_STAT st
and just copy the struct on success, as sys_fstatat()
already does the init_stat_ex_from_stat() for us.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
shadow_copy2_strip_snapshot() will happily return without modifying the passed
timestamp=0 if the path is already converted and refers to an object in a
snapshot, eg (first debug line from extra debugging patch [1]):
[10 2021/07/02 08:19:28.811424 pid=738290 ../../source3/modules/vfs_shadow_copy2.c:1303 shadow_copy2_fstat]
shadow_copy2_fstat: fsp [test.txt {@GMT-2000.01.02-03.04.05}]
[10 2021/07/02 08:19:28.811449 pid=738290 ../../source3/modules/vfs_shadow_copy2.c:607 _shadow_copy2_strip_snapshot_internal]
_shadow_copy2_strip_snapshot_internal: [from shadow_copy2_fstat()] Path 'test.txt {@GMT-2000.01.02-03.04.05}'
[10 2021/07/02 08:19:28.811474 pid=738290 ../../source3/modules/vfs_shadow_copy2.c:619 _shadow_copy2_strip_snapshot_internal]
_shadow_copy2_strip_snapshot_internal: abs path '/gpfs0/smb_snapshots2/filesetone/.snapshots/@GMT-2000.01.02-03.04.05/test.txt'
[10 2021/07/02 08:19:28.811496 pid=738290 ../../source3/modules/vfs_shadow_copy2.c:1924 shadow_copy2_snapshot_to_gmt]
shadow_copy2_snapshot_to_gmt: match @GMT-%Y.%m.%d-%H.%M.%S: @GMT-2000.01.02-03.04.05
[10 2021/07/02 08:19:28.811536 pid=738290 ../../source3/modules/vfs_shadow_copy2.c:566 check_for_converted_path]
check_for_converted_path: path |/gpfs0/smb_snapshots2/filesetone/.snapshots/@GMT-2000.01.02-03.04.05/test.txt| is already converted. connect path = |/gpfs0/smb_snapshots2/filesetone/.snapshots/@GMT-2000.01.02-03.04.05|
As check_for_converted_path() detects an "already converted path",
_shadow_copy2_strip_snapshot_internal() just returns without modifying the value
of the timestamp.
By using shadow_copy2_strip_snapshot_converted() instead of
shadow_copy2_strip_snapshot() we can check if the path is in fact referring to a
VSS object by checking the "converted" bool.
An alternative way would have been directly checking fsp->fsp_name->twrp != 0,
but that would be a new semantic in the module, I'll leave this excersize for
the future when we clean up the usage of shadow_copy2_strip_snapshot() in the
whole module.
This change also switches to using the absolute paths in both place where
convert_sbuf() is called.
[1]
@@ -1309,8 +1348,16 @@ static int shadow_copy2_fstat(vfs_handle_struct *handle, files_struct *fsp,
saved_errno = errno;
}
+ DBG_DEBUG("fsp [%s]\n", fsp_str_dbg(fsp));
RN: vfs_shadow_copy2 fixinodes not correctly updating inode numbers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This will fail with
Failed to open file \@GMT-2015.10.31-19.40.30\subdir\hardlink. NT_STATUS_ACCESS_DENIED
The open is failing in openat_pathref_fsp():
[2021/07/06 04:58:17.677104, 10, pid=95070, effective(1000, 1000), real(1000, 0)] ../../source3/smbd/files.c:541(openat_pathref_fsp)
openat_pathref_fsp: file [subdir/hardlink {@GMT-2015.10.31-19.40.30}] - dev/ino mismatch. Old (dev=64770, ino=3826943444). New (dev=64770, ino=1746568660).
[2021/07/06 04:58:17.677114, 10, pid=95070, effective(1000, 1000), real(1000, 0)] ../../source3/smbd/files.c:568(openat_pathref_fsp)
openat_pathref_fsp: Opening pathref for [subdir/hardlink {@GMT-2015.10.31-19.40.30}] failed: NT_STATUS_ACCESS_DENIED
The reason is subtle:
shadow_copy2 calculates inode numbers of snapshot files based on the path of the
file. The result of that when doing a path based stat() from filename_convert()
was
[2021/07/06 04:58:17.676159, 10, pid=95070, effective(1000, 1000), real(1000, 0)] ../../source3/smbd/filename.c:1945(filename_convert_internal)
filename_convert_internal: XXX smb_fname [subdir/hardlink {@GMT-2015.10.31-19.40.30}] (dev=64770, ino=3826943444).
which is the "Old" inode shown above.
Later in the open code called from openat_pathref_fsp() -> fd_openat() ->
non_widelink_open() since 4.14 we call SMB_VFS_FSTAT() where fsp->fsp_name will
be set to the new relative *basename* of the file:
[2021/07/06 04:58:17.676917, 10, pid=95070, effective(1000, 1000), real(1000, 0), class=vfs] ../../source3/modules/vfs_default.c:1302(vfswrap_fstat)
vfswrap_fstat: XXX fsp [hardlink {@GMT-2015.10.31-19.40.30}] (dev=64770, ino=3826943444)
So for stat() the hash function in called with the full path relative to the share
root:
subdir/hardlink
while for fstat() the hash function will used
hardlink
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
fd_openat() has done an FSTAT on the handle so update the smb_fname stat info
with "truth". from the handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This reverts commit a6df051dd5:
"s3: smbd: In openat_pathref_fsp(), just check we're opening the same file type, not dev and inode."
The prior changes mean we can go back to checking dev/ino
matches.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This helps code inside any module implementing fstat() looking at
fsp->fsp_name->st instead of the passed in stat buf.
I only ran afoul of this in a DEBUG message I added while debugging some inode
related problem.
No change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Remove my poor imitation of synthetic_pathref(), just call the real thing.
We need to go through the full VFS stack here to get
the ino correct to get the fsp handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We'll be calling SMB_VFS_FGETXATTR() on the base fsp anyway.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We actually don't need this to get the right semantics, as the open or the
set_sd() code catches the correct cases and returns ACCESS_DENIED, but it
makes me much happier to see the prerequisites needed expressed in code here
right at the point of use.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jul 13 08:11:36 UTC 2021 on sn-devel-184
Now map_nt_error_from_unix() returns the same value as
map_nt_error_from_unix_common().
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
If libtdb is used from the system, we should use those tools by default.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
I saw systems with locking.tdb records being part of:
ctdb catdb smbXsrv_tcon_global.tdb
It's yet unknown how that happened, but we should not panic in srvsvc_*
calls because the info0 pointer was NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14752
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 6 11:08:43 UTC 2021 on sn-devel-184
If the string is too shhort we don't want to atoi() whatever is beyond
the end of it.
Found using Honggfuzz and the fuzz_parse_lpq_entry fuzzer.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jul 5 05:07:13 UTC 2021 on sn-devel-184
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Jul 4 18:01:16 UTC 2021 on sn-devel-184
Not yet used. We will use this to replace calls
to ad_get(..., ADOUBLE_META). It uses openat_pathref_fsp()
to get a handle before calling into ad_get(..., ADOUBLE_META).
Uses the recursion guard to prevent recursion into openat_pathref_fsp()
from stat calls within.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Not yet used.
Same technique as used to prevent recursion in stat calls in vfs_fake_acls.c
This will go away once SMB_VFS_STATX() is added and we can select exactly
what fields we are calling stat() to get.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Both must succeed for a valid return, and we're next going
to replace ad_get() with a wrapper that calls openat_pathref_fsp(),
which needs a VALID_STAT().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Eventually we will guarantee a valid smb_fname->fsp here and
will remove SMB_VFS_GETXATTR().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Currently in master when we call into openat() in the VFS
we violate the invarient:
fsp->base_fsp->fsp_name->fsp == fsp->base_fsp.
The reason for this is subtle. Inside open.c:non_widelink_open()
we change the fsp->base_fsp to be relative to the new $cwd.
We do this by the following code in open.c:non_widelink_open():
/* Also setup base_fsp to be relative to the new cwd */
if (fsp->base_fsp != NULL) {
base_smb_fname_rel = (struct smb_filename) {
.base_name = smb_fname_rel->base_name,
};
orig_base_fsp_name = fsp->base_fsp->fsp_name;
fsp->base_fsp->fsp_name = &base_smb_fname_rel;
}
Note that fsp->base_fsp->fsp_name now points at a
stack variable struct smb_filename, with smb_fname->fsp == NULL.
This fixes that problem by removing the horrid
stack based smb_filename and changing to use a
talloc'ed fsp->base_fsp->fsp_name, with
correctly linked fsp->base_fsp->fsp_name-> pointer.
Remove the selftest/knownfail.d/fruit_vfs_invariant
file as all vfs_fruit tests now pass again.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
vfs_fruit isn't the bad guy here. It's just a convenient
place to show that non_widelink_open() violates:
fsp->base_fsp->fsp_name->fsp == fsp->base_fsp invarient
Add selftest/knownfail.d/fruit_vfs_invariant to show
what this breaks. Next patch will fix the non_widelink_open()
code and remove the knownfail.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
net ads keytab list prints extra new line for uknown encoding types,
so it spans over two lines, instead over a single line:
1 AES-128 CTS mode with 96-bit SHA-1 HMAC ADDC$@ADDOM.SAMBA.EXAMPLE.COM
1 UNKNOWN: 3
ADDC$@ADDOM.SAMBA.EXAMPLE.COM
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jul 2 11:45:48 UTC 2021 on sn-devel-184
Unintentionally used fsp_get_pathref_fd() in the initial patchset.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12033
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 1 17:45:49 UTC 2021 on sn-devel-184
The following are the default values:
preopen:nomatch_log_level = 5
preopen:match_log_level = 5
preopen:nodigits_log_level = 1
preopen:founddigits_log_level = 3
preopen:reset_log_level = 5
preopen:push_log_level = 3
preopen:queue_log_level = 10
This gives admins a way to debug/audit the preopen usage.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This will allow the usage of patterns as
'POSIX Basic Regular Expression'
vfs objects = preopen
preopen:posix-basic-regex = yes
preopen:names = /Re7599Ex\([0-9]\).*\.txt/test\([0-9]*\)\.dat/
The key is that exactly one 'subexpression' starting with '\(' and
ending with '\)' is specified in order to select the position where
the digits are searched.
E.g. given a file name 'Re7599Ex01234.txt' will actually preopen:
Re7599Ex01234.txt
Re7599Ex11234.txt
Re7599Ex21234.txt
Re7599Ex31234.txt
Re7599Ex41234.txt
As '\([0-9]\)' will only match the first digit after 'Re7599Ex'.
It also means it's now possible to have digits in the fixed part of the
filename, which was the actual motivation for this patchset.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
samba_path_matching_check_last_component() may return the start and end
offset of a submatch (for us the bytes where the digits are expected).
We use that in order to allow preopen_parse_fname() to just
look at these bytes and ignore any trailing digits after the submatch.
For the current use of samba_path_matching_mswild_create(),
there's no difference as we'll always get replace_start=-1 and
replace_end=-1. But the next commit will make optional use of
samba_path_matching_regex_sub1_create(), which will change the situation
and allow to return hints we got from regexec().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
If we have a single digit we only replace up to '9', which also fits
into a single digit.
We operate on numbers from 0 to 9999999999999999999 independent of the
architecture.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Calculating the start_idx and num_digits at the first possible place
will make the following commits much easier.
At the end we just want to assign the return values without any logic.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
There's no point in trying to check if the current number is part
of the existing queue. This makes the logic at least more unstandable
to me.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Otherwise there's no point in stopping the existing queue to continue
via pending preopen_helper_readable() invocations.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
There should not be any logic change in this commit,
for now we'll keep the same ms wildcard matching we had before.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
So we make sure the dirfsp contains an absolute path to begin with
and smb_fname is a relative name within the directory.
Note: dirfsp->fsp_name->base_name[0] is only '/' because currently all callers pass
conn->cwd_fsp as dirfsp ... though there's already one caller that calls
fd_openat() with a real dirfsp, that is in vfs_fruit though on the
resource fork stream so doesn't really effect us currently.
If more callers are changed in future the situation may change,
but I guess then this is not the only place with potential problems.
We most likely need a generic helper function that returns the absolute
path of a dirfsp and use it here.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
It might be useful to change the level/location
of debug messages specific to this module.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This will allow the usage 'POSIX Basic Regular Expression'
instead of 'ms wildcard' strings.
We allow exactly one 'subexpression' starting with '\(' and
ending with '\)' in order to find a replacement (byte) region
in the matching string.
This will be used in the vfs_preopen module in the following
commits.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This aims to replace the current is_in_path() code in the long run.
For now it implements samba_path_matching_mswild_create()
in order to replace is_in_path() in the long run.
But there will be other "backends" using regexec() too.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
I want to assert at least some of the behavior as the
next commits will add a new abstraction that should
at least partly behave the same.
Note: case_[in]sensitive_idx is the index to the patterns
in the namelist, set to -1 on non-match, otherwise to
a value >= 0.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Original file on an XFS filesystem:
$ ls -l /mnt/test/1048578-file
-rw-rw-r--. 1 slow slow 1048578 Jun 25 11:40 /mnt/test/1048578-file
$ xfs_bmap /mnt/test/1048578-file
/mnt/test/1048578-file:
0: [0..2055]: 192..2247
Copy created with cp --reflink=never:
$ xfs_bmap /mnt/test/1048578-file-reflink-never
/mnt/test/1048578-file-reflink-never:
0: [0..2055]: 2248..4303
Copy created with cp --reflink=always
$ xfs_bmap /mnt/test/1048578-file-reflink-always
/mnt/test/1048578-file-reflink-always:
0: [0..2055]: 192..2247
Copy done from a Windows client:
$ xfs_bmap /mnt/test/1048578-file\ -\ Copy
/mnt/test/1048578-file - Copy:
0: [0..2055]: 192..2247
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12033
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 30 17:40:23 UTC 2021 on sn-devel-184
No change in behavour, this just makes the logic slightly more
understandable. In theory it would also allow the logic to be adjusted for
allowing short reads which is not quite clear from MS-SMB2 if we should allow
it. The file could be truncated while we're reading it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12033
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph made me feel really guilty about this, so I cleaned it up :-).
This may also be the way we can finally get rid of SMB_VFS_GETXATTR()
from adouble.c too.
This will go away once we have SMB_VFS_STATX() and we will
have a way for a caller to as for specific stat fields in a
granular way. Then we will know exactly what fields the caller
wants, so we won't have to fill in everything.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 29 22:08:02 UTC 2021 on sn-devel-184
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jun 29 09:10:00 UTC 2021 on sn-devel-184
575d39048e has marked
several structures as recursive, they contain typically a
backpointer named '* next'. secrets_domain_info1 is not self
recursive, it only contains a pointer named '*next_change'.
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 29 03:07:17 UTC 2021 on sn-devel-184
Found by Coverity.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 28 20:03:33 UTC 2021 on sn-devel-184
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jun 25 16:37:59 UTC 2021 on sn-devel-184
Remove the connection struct and smb_filename parameters.
There are now no more callers of SMB_VFS_GETXATTR().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Use new smb_fname->fsp->base_fsp parameter in get_xattr_size(), change name parameter to NULL.
If openat_pathref_fsp() fails, return the correct error code (thanks Ralph!).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
There can never be EA's on a symlink. Windows will never
see a symlink, and in SMB_FILENAME_POSIX_PATH mode we don't
allow EA's on a symlink.
All of the previous code boiled down to errno = ENOENT, return -1
so make that explicit.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We no longer need the 'struct smb_filename *smb_fname_base' here.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We know this is a valid fsp as we have already used it above inside
walk_xattr_streams() as an argument to get_ea_names_from_file().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
No longer used and we were leaking it onto the talloc_tos() anyway.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We know fsp->base_fsp must be valid here for SMB_VFS_FSETXATTR()
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
No longer used and we were leaking it onto the talloc_tos() anyway.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
No longer used and we were leaking it onto the talloc_tos() anyway.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We know fsp->base_fsp must be valid here for SMB_VFS_FSETXATTR().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Handle-based copy of ceph_snap_get_btime(). Uses
SMB_VFS_NEXT_FGETXATTR() instead of SMB_VFS_NEXT_GETXATTR().
Commented out as nothing uses it yet. This will change shortly.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Comment out fake_acls_uid()/fake_acls_gid(), they are no longer used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Add a recursion guard so that openat_pathref_fsp() doesn't
end up recursing into itself when it calls SMB_VFS_STAT().
We now always have a valid fsp inside fake_acls_stat().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
It serves no purpose here. We no longer need the frame pointer.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Add a recursion guard so that synthetic_pathref() can't
recurse into itself by calling SMB_VFS_LSTAT().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
It serves no purpose here. We no longer need the frame pointer.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
It was always NULL. Always use the passed in fsp.
If the underlying fd is -1, we want this to fail with EBADF.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This will go away once get_ea_value() is fully handle-based
and renamed to get_ea_value_fsp().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Once SMB_VFS_CHDIR() has been called and returned success, cwd_fsp *must* be AT_FDCWD.
We needs this so that SMB_VFS_STAT() can work correctly with
at startup time with modules that need to create pathref fsp's.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This occurs on first CHDIR to the root of the share.
Ensure we don't add conn->connectpath twice when doing
creating the file name hash.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
As this is an internal open and we don't have any
locks around, we don't have to mandate the dev and ino
pair are the same (and in fact not doing so fixes bugs
when this is called by VFS modules that like to play tricks
with ino number on stream paths (fruit, and streams_xattr
are the two that currently do this).
There's no security advantage to checking that, as the
fd_openat() ensures this is safe. As fd_openat() does an
FSTAT on the handle, update the smb_fname stat info with
the "correct" values from the handle.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Wed Jun 23 09:56:00 UTC 2021 on sn-devel-184
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jun 22 14:34:06 UTC 2021 on sn-devel-184
Finally fix the promise from the docs that this module is stackable. Re-use copy_internals().
This is a horrible module that must be removed !
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
We should always do the operation first, then try the sync.
Failure to sync is not reported as an error, so failure
to create the full_fnames shouldn't fail the operation either.
Makes the code path clearer.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Makes the macro much clearer.
We should always do the operation first, then try the sync.
Failure to sync is not reported as an error, so failure
to create the full_fname shouldn't fail the operation either.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Remove 'const' from 'char *dname' parameter. This is always a talloc
allocated pointer.
Not yet used. This will allow us to make syncops really stackable later.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Not yet used. This will allow us to make syncops really stackable later.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Not yet used. This will allow us to make syncops really stackable later.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
We expect smb_fname->base_name values to not contain "./name".
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
There is software out there trying to open desktop.ini in every
directory. Avoid spamming the logs with error messages.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 18 18:14:11 UTC 2021 on sn-devel-184
Save several system calls if we're operating at the root of the share.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jun 18 17:21:31 UTC 2021 on sn-devel-184
Optimization now becomes clear. We already have a valid stat of the parent
directory so we don't need to re-do a system call.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Optimization now becomes clear. We already have a valid stat of the parent
directory so we don't need to re-do a system call.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Tidy up fsp == NULL checks. Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14742
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Wed Jun 16 11:58:00 UTC 2021 on sn-devel-184
This ensure we never blunder into indirecting a NULL fsp pointer
in the server. Currently this crashes the server in several info
levels.
Add knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14742
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
This ensures mdssvc uses the same FileIDs as the fileserver as well as Spotlight
can be used working on a virtual filesystem like GlusterFS.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14740
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Jun 16 05:59:13 UTC 2021 on sn-devel-184
Compared to create_conn_struct_tos_cwd() this takes a TALLOC_CTX and
tevent_context as additional arguments and the resulting connection_struct is
stable across the lifetime of mem_ctx and ev.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14740
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The next commit will add another caller of create_conn_struct_as_root() that is
going to pass a long-lived tevent context.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14740
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is needed in a subsequent commit. Note that I prefer to do the event
context unwrapping in the caller and pass both the event and messaging context
explicitly to mds_init_ctx().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14740
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Just skip adding the result to the pending results set, don't return an
error. Returning an error triggers an error at the MDSSVC RPC error which is NOT
what we want here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14740
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
cli_errno() calls far too many trivial but subtle functions, all
referencing cli->raw_status. This might be the first step towards
getting rid of that.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
In the "num_users==0" case (previously just return NULL) we depended
on errno==0 implicitly. When list_sessions() above in this routine had
to open smbXsrv_session_global, it could however happen that errno was
set. If then there were no users, get_domain_userlist() returned NULL
with errno set, which the callers interpreted then as a real error.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
socket_wrapper can't do EADDRINUSE because unix domain sockets don't
do it.
This currently works correctly because right now all RPC servers
either use explicit ports or all listen on the same socket.
The new code uses a static variable, so it only helps if a single
process listens for multiple RPC sockets. It won't work if multiple
processes start listening. But in case samba-dcerpcd goes in this will
be exactly the right thing to do.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This ensure we never blunder into indirecting a NULL fsp pointer
in the server. We already pass this, but this test will ensure
we continue to do so as we make fileserver changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power<npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jun 15 11:06:23 UTC 2021 on sn-devel-184
Caller is still using this !
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14736
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power<npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Fri Jun 11 10:17:46 UTC 2021 on sn-devel-184
as the sys_acl_set_fd_fn definition for vxfs_sys_acl_set_fd is ifdef'ed
out we also need ifdef out the vxfs_sys_acl_set_fd implementation itself
otherwise we get the following error.
source3/modules/vfs_vxfs.c:484:12: error: ‘vxfs_sys_acl_set_fd’ defined but not used [-Werror=unused-function]
static int vxfs_sys_acl_set_fd(vfs_handle_struct *handle,
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is an inconsequential cosmetic change, it just caught my eye
as looking a bit out of place compared to the surrounding code style.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
smb_fname is unused and we can get conn from the fsp passed in
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Next commit can remove smb_name param from dos_mode_post
signature.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
I commented this out but forgot to remove in the
previous mega-patch.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 10 21:36:11 UTC 2021 on sn-devel-184
This is not used anymore since e7a90fd7a1.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 10 19:22:23 UTC 2021 on sn-devel-184
We already dereference req earlier. So if it is NULL it already
segfaulted much earlier.
Found by covscan.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Thu Jun 10 11:22:19 UTC 2021 on sn-devel-184
We already dereference fsp earlier. So if it is NULL it already
segfaulted much earlier.
Found by covscan.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Noel Power <npower@samba.org>
Found by covscan.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Noel Power <npower@samba.org>
https://bugzilla.samba.org/show_bug.cgi?id=14734
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Thu Jun 10 09:16:22 UTC 2021 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 10 00:24:22 UTC 2021 on sn-devel-184
Prior to 572d4e3a56 it was sufficient to
initialize struct timespec to zero to return NTTIME 0 (ie not set) over
SMB.
This fixes the same problem from bug 14714 where the timestamps in an SMB2 CLOSE
response.
Windows of course does return *some* timestamps, but as it's neither documented
nor was I able to figure out where they would be coming from, as well as the
Windows client apparently doesn't care, I didn't bother with implementing some
sophisticated heuristic to return some timestamps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14731
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 9 20:38:02 UTC 2021 on sn-devel-184
This ensures SMB requests on the quote fake file "$Extend/$Quota" don't hit the
VFS, where specifically in vfs_gpfs we log an error message if we fail to read
the DOS attributes for a file with
vfs_gpfs_get_dos_attributes: Getting winattrs failed for $Extend/$Quota
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14731
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Jun 9 14:04:13 UTC 2021 on sn-devel-184
Just pass through to sys_acl_set_fd(), which goes to posixacl_sys_acl_set_fd()
on posix ACL systems.
We already have identical code in posixacl_sys_acl_set_fd()
and these fallbacks are really system specific so we shouldn't
be doing them in more than one place.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This is really unmaintained code and should be removed unless
someone from HP steps up..
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Pass it through to the backends. The default posixacl_sys_acl_set_fd()
already copes with this anyway, as does the AIX, and Solaris backends.
The HPUX code isn't compiled and was broken anyway (there was a
missmatch of the number of parameters being passed to the
sys_acl_set_fd_fn backend hpuxacl_sys_acl_set_fd()), and HPUX
doesn't have fd-based ACLs, so just switch to calling hpuxacl_sys_acl_set_file().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
