1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

95883 Commits

Author SHA1 Message Date
Stefan Metzmacher
5533d9c3db python/join: use lowercase for the dnshostname.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
a9545f3de7 selftest/Samba3: also bind to ipv6
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
5d4b36d1fe selftest/Samba4: also bind to ipv6
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
0e7abb398d selftest: export _IPV6 environment variables
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
3fcc4a545e libcli/dns: ignore NS entries in dns_hosts_file.c at a higher log level for now
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
7f18a3b58e libcli/dns: add AAAA support to dns_hosts_file.c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
5d397c8198 s4:dlz_bind9: do an early talloc_free(el_ctx) in dlz_allnodes()
We don't have to keep everything arround while walking the whole zone.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
fbebe7e756 s4:dlz_bind9: avoid some compiler warnings
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
491715399f s4:dns_server: handle tombstones in handle_one_update()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
bb3ca930cc s4:dns_server: add DNS_TYPE_TOMBSTONE support to dns_common_replace()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749

Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
a0a81ab01c s4:dns_server: make sure dns_common_lookup() doesn't return tombstones
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
3ff025a02c s4:dns_server: use .wType = DNS_TYPE_TOMBSTONE instead of ZERO_STRUCT()
The result is the same, but it is clearer.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
0689e795e0 s4:dns_server: split out dns_common_replace()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
7e7df78bd7 s4:dns_server: remove const from dns_replace_records()
All callers are find we the record array gets modified.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
342a087349 s4:dns_server: split out dns_common_extract() and dns_common_lookup()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
99d5a5ead4 s4:dns_server: split out a private 'dnsserver_common' library
This will contain common code for the internal dns server, the dlz_bind9 module
and the rpc dns management server.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
d0f424a23d s4:dns_server: map LDB_ERR_NO_SUCH_OBJECT to WERR_DNS_ERROR_NAME_DOES_NOT_EXIST
This is the correct fix for commit 8b24c43b38
and Bug: https://bugzilla.samba.org/show_bug.cgi?id=9559

With this change we have a consistent behavior between internal server
and the bind dlz module. We keep a dangling LDAP object without
dnsRecord attribute arround forever. This will be fixed in the following
commits.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Stefan Metzmacher
deb21a9afe s4:dns_server: handle WERR_DNS_ERROR_NAME_DOES_NOT_EXIST in werr_to_dns_err()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-08-26 09:13:06 +02:00
Volker Lendecke
e914c2c52d smbd: Properly initialize mangle_hash
[Bug 10782] mangle_hash() can fail to initialize charset (smbd crash).

https://bugzilla.samba.org/show_bug.cgi?id=10782

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 26 01:30:38 CEST 2014 on sn-devel-104
2014-08-26 01:30:38 +02:00
Arvid Requate
7f44432fb0 passdb: fix NT_STATUS_NO_SUCH_GROUP
Share options like "force group" and "valid users = @group1"
triggered a NT_STATUS_NO_SUCH_GROUP. While the group was found in
the SAM backend, its objectclass was not retrived.

This fix also revealed a talloc access after free in the group
branch of pdb_samba_dsdb_getgrfilter.

[Bug 9570] Access failure for shares with "force group" or "valid users = @group"

https://bugzilla.samba.org/show_bug.cgi?id=9570

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-08-25 23:08:12 +02:00
Roel van Meer
6174bfafe7 Don't discard result of checking grouptype
The pdb_samba_dsdb_getgrfilter() function first determines the security type
of a group and sets map->sid_name_use accordingly. A little later, this
variable is set again, undoing the previous work.

https://bugzilla.samba.org/show_bug.cgi?id=10777

Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 23 02:48:52 CEST 2014 on sn-devel-104
2014-08-23 02:48:52 +02:00
Volker Lendecke
20ef305cfa messaging3: Avoid messaging_is_self_send
This was a bad API, and it was used in a buggy way: In
messaging_dispatch_rec we always did the defer, we referenced the
destination pid, not the source. In messaging_send_iov this is the right
thing to do to reference the destination, but when we have arrived in
messaging_dispatch_rec we should compare source and destination.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-08-23 00:24:18 +02:00
Volker Lendecke
46e912210d lib: Introduce server_id_same_process()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-08-23 00:24:18 +02:00
Volker Lendecke
1c4284c739 pthreadpool: Slightly serialize jobs
Using the new msg_source program with 1.500 instances against a single
msg_sink I found the msg_source process to spawn two worker threads for
synchronously sending the data towards the receiving socket. This should
not happen: Per destination node we only create one queue. We strictly
only add pthreadpool jobs one after the other, so a single helper thread
should be perfectly sufficient.

It turned out that under heavy overload the main sending thread was
scheduled before the thread that just had finished its send() job. So
the helper thread was not able to increment the pool->num_idle variable
indicating that we don't have to create a new thread when the new job
is added.

This patch moves the signalling write under the mutex. This means that
indicating readiness via the pipe and the pool->num_idle variable happen both
under the same mutex lock and thus are atomic. No superfluous threads anymore.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-08-23 00:24:18 +02:00
Volker Lendecke
4288c5496b messaging3: Add msg_sink/source -- perftest
With this pair of programs I did some performance tests of the messaging
system. Guess what -- I found two bugs :-)

See the subsequent patches.

With 1500 msg_source processes I can generate message overload: A

Intel(R) Xeon(R) CPU           L5640  @ 2.27GHz

can receive roughly 100k messages per second. When using
messaging_read_send/recv user/system time is roughly even, a bit more
work done in user space. When using messaging_register, due to less
malloc activity, user space chews a lot less.

By the way: 1.500 helper threads in a blocking sendto() against a single
datagram socket reading as fast as it can (with epoll_wait in between)
only drove the loadavg to 12 on a 24-core machine. So I guess unix domain
datagram sockets are pretty well protected against overload. No thundering
herd or so. Interestingly "top" showed msg_sink at less than 90% CPU,
although it was clearly the bottleneck. But that must be a "top" artifact.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-08-23 00:24:18 +02:00
Stefan Metzmacher
ff9a083363 selftest/Samba4: avoid warnings about 'path' not specified on 'ntvfs handler = cifs' shares
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-08-23 00:24:18 +02:00
Volker Lendecke
0ddfdb83e8 torture: Fix cleanup2 to utilize on-demand cleanup
Now we check the cleanup when conflicts happen, not when we first open
the file. This means we don't have to re-open the connection to make
cleanup happen.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-08-23 00:24:18 +02:00
Volker Lendecke
513584a3b1 torture: Run the cleanup2 test against 2 nodes
This enables testing the brlock cleanup across ctdb

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-08-23 00:24:18 +02:00
Volker Lendecke
85935097b9 brlock: Remove validate_lock_entries
This is now only called during brl_forall. It does not really hurt if we list
dead processes here. If the upper layers really care, they can filter it out
themselves. The real lock conflicts are not removed on-demand.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-08-23 00:24:18 +02:00
Volker Lendecke
1057240733 brlock: Do auto-cleanup at conflict time
This avoids the need to do sweeping validate_lock_entries calls

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-08-23 00:24:18 +02:00
Jeremy Allison
815bde28ee s3: smbd: POSIX ACLs. Remove incorrect check for SECINFO_PROTECTED_DACL in incoming security_information flags in posix_get_nt_acl_common().
Tidy-up of code obsoleted by fixes for bug #10773 (SECINFO_PROTECTED_DACL is not ignored).
We now never pass SECINFO_PROTECTED_DACL in security_information flags to this layer.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 22 11:26:57 CEST 2014 on sn-devel-104
2014-08-22 11:26:57 +02:00
Volker Lendecke
8d96a280f6 messaging_dgm: Factor out messaging_dgm_lockfile_name
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 22 05:20:43 CEST 2014 on sn-devel-104
2014-08-22 05:20:43 +02:00
Volker Lendecke
8deb851200 messaging_dgm: Use %ju to fill lockfile
... much nicer than PRIu64

Also, append a \n. Makes it better readable when looking at the lockfile

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-08-22 02:53:52 +02:00
Stefan Metzmacher
5cbda7e248 libcli/security: add better detection of SECINFO_[UN]PROTECTED_[D|S]ACL in get_sec_info()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 22 02:52:50 CEST 2014 on sn-devel-104
2014-08-22 02:52:50 +02:00
Stefan Metzmacher
1b3ee5e5a3 s3:smbd: mask security_information input values with SMB_SUPPORTED_SECINFO_FLAGS
Sometimes Windows clients doesn't filter SECINFO_[UN]PROTECTED_[D|S]ACL flags
before sending the security_information to the server.

security_information = SECINFO_PROTECTED_DACL| SECINFO_DACL
results in a NULL dacl being returned from an GetSecurityDecriptor
request. This happens because posix_get_nt_acl_common()
has the following logic:

if ((security_info & SECINFO_DACL) && !(security_info & SECINFO_PROTECTED_DACL)) {
    ... create DACL ...
}

I'm not sure if the logic is correct or wrong in this place (I guess it's
wrong...).

But what I know is that the SMB server should filter the given
security_information flags before passing to the filesystem.

[MS-SMB2] 3.3.5.20.3 Handling SMB2_0_INFO_SECURITY
...
The server MUST ignore any flag value in the AdditionalInformation field that
is not specified in section 2.2.37.

Section 2.2.37 lists:
OWNER_SECURITY_INFORMATION
GROUP_SECURITY_INFORMATION
DACL_SECURITY_INFORMATION
SACL_SECURITY_INFORMATION
LABEL_SECURITY_INFORMATION
ATTRIBUTE_SECURITY_INFORMATION
SCOPE_SECURITY_INFORMATION
BACKUP_SECURITY_INFORMATION

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-08-22 00:28:08 +02:00
Stefan Metzmacher
f56bfffa51 security.idl: add SMB_SUPPORTED_SECINFO_FLAGS
A SMB server should only care about specific SECINFO flags
and ignore others e.g. SECINFO_PROTECTED_DACL.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-08-22 00:28:08 +02:00
Ross Lagerwall
52063e90dd s3:libsmb: Set a max charge for SMB2 connections
Set a max charge for SMB2 connections so that larger request sizes can
be used and more requests can be in flight.

Signed-off-by: Ross Lagerwall <rosslagerwall@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Aug 21 17:31:11 CEST 2014 on sn-devel-104
2014-08-21 17:31:11 +02:00
Volker Lendecke
5c26a01627 smbcontrol: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <Ira@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug 21 14:58:37 CEST 2014 on sn-devel-104
2014-08-21 14:58:37 +02:00
Volker Lendecke
236ccbbeb7 smbd: Only DEBUG errors from messaging_cleanup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ronnie sahlberg <ronniesahlberg@gmail.com>
2014-08-21 12:35:11 +02:00
Volker Lendecke
12c781b9bf messaging3: Don't print a message if there's nothing to clean up
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ronnie sahlberg <ronniesahlberg@gmail.com>
2014-08-21 12:35:11 +02:00
Volker Lendecke
131437e079 lib: Check socket length in ctdbd_connect
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ronnie sahlberg <ronniesahlberg@gmail.com>
2014-08-21 12:35:11 +02:00
Amitay Isaacs
c9169a5e98 s4-rpc: dnsserver: Do not return NS_GLUE records with VIEW_GLUE_DATA filter
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10751

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Aug 21 11:36:55 CEST 2014 on sn-devel-104
2014-08-21 11:36:55 +02:00
Amitay Isaacs
2036cbd924 s4-rpc: dnsserver: Correctly set rank for glue NS records
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10751

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-08-21 09:11:06 +02:00
Amitay Isaacs
9b720ab139 ctdb-build: Add missing dependency on popt
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-08-21 09:11:06 +02:00
Amitay Isaacs
c53c3dfeff ctdb-build: Remove unnecessary third_party symlink
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-08-21 09:11:06 +02:00
Amitay Isaacs
9f0b2f9503 ldb: Fix check for third_party
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-08-21 09:11:06 +02:00
Amitay Isaacs
4f105b27b7 wafsamba: Correctly locate the 'third_party' directory
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-08-21 09:11:06 +02:00
Martin Schwenke
e4118730d1 ctdb-build: Avoid unused variable warning in output from rpcgen
default/ctdb/utils/smnotify/gen_xdr.c: In function ‘xdr_status’:
  default/ctdb/utils/smnotify/gen_xdr.c:11:20: warning: unused variable ‘buf’ [-Wunused-variable]
    register int32_t *buf;
                      ^

When generating the code, change it to assign the variable to itself.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Aug 21 07:11:02 CEST 2014 on sn-devel-104
2014-08-21 07:11:01 +02:00
Martin Schwenke
6fd3ce5391 ctdb-daemon: Fix some strict-aliasing warnings
Seeing these with -Wall:

  ../server/ctdb_call.c:1117:3: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
     record_flags = *(uint32_t *)&c->data[c->keylen + c->datalen];
     ^

memcpy() seems to be the easiest way to get fix these.  The
alternative would be to use unmarshalling functions.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-08-21 04:46:13 +02:00
Martin Schwenke
2807b185f4 ctdb-util: Fix warning about ignored result from system()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2014-08-21 04:46:13 +02:00