IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
For streams, access is already checked in create_file_unixpath() by
check_base_file_access().
We already skip the access check in this function when doing an IO open of a
file, see above in open_file(), also skip it for "stat opens".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
One reference to conn->cwd_fsp less, makes "mkdir" look less ugly in
strace.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
process_symlink_open goes with it
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The Linux prototype for openat2 looks like this:
long openat2(int dirfd, const char *pathname,
struct open_how *how, size_t size);
where "struct open_how" is defined in "linux/openat2.h". It is
designed to be extensible with further flags.
The "size" parameter is required because there is no type checking
between userland and kernelspace, so the way for Linux to find which
version of open_how is being passed in is looking at the size:
"open_how" is expected to only every grow with additional fields,
should a change be necessary in the future.
Samba does not have this problem, we can typecheck the struct and
pointers, we expect all VFS modules to be compiled against the current
vfs.h.
For now this adds no functionality, but it will make further patches
much smaller.
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This was added due to the error code check in test_symlink_traversal_smb1_posix.sh.
After careful consideration I've realized the error code expected here
is incorrect, and not providing any security benefit.
We already check that trying to fetch a file/traverse through a
symlink that points outside of a share returns NT_STATUS_OBJECT_PATH_NOT_FOUND,
and this is enforced in the symlink checks already inside filename_convert_dirfsp().
If a symlink points to a directory within the share for which
the user has no permissions (as is tested here), then there's no
benefit in mapping the error code from NT_STATUS_ACCESS_DENIED
to NT_STATUS_OBJECT_PATH_NOT_FOUND, as we are not providing any
extra information about the filesystem state the user cannot already
obtain by normal SMB1+POSIX calls.
Change the error code expected in this single test from NT_STATUS_OBJECT_PATH_NOT_FOUND
to NT_STATUS_ACCESS_DENIED.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Aug 5 10:24:23 UTC 2022 on sn-devel-184
Now we always call check_path_syntaxXXX(), even on DFS names
we no longer need this. It was a BAD change, and I should feel BAD :-).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
The original design decision to just copy a DFS path and let
parse_dfs_path() take care of it was a horrible mistake.
Fix srvstr_get_path_internal() to always return a
/server/share/path (i.e. a path separated with '/', not '\').
This is a more complex change than I like to allow
DFS path procesing in srvstr_get_path_internal() but
needed as clients (including Samba smbclient) have a
rather "fuzzy" idea of what constitutes a valid DFS path.
If we detect the DFS path isn't valid here we have to
fall back to treating it as a local path.
I also need to modify the DFS parsing in
filename_convert_smb1_search_path() to cope with only '/'
separators.
This also means parse_dfs_path() needs changing to
cope.
The changes here are best reviewed by just applying
the fix and looking at the modified functions:
srvstr_get_path_internal()
parse_dfs_path()
For parse_dfs_path() it's mostly removing bad code
and makes parse_dfs_path() much easier to read.
These changes will enable me to remove some ugly mistakes made
adding ucf_flags to extract_snapshot_token(), as
we can now always assume canonicalized paths.
This is a little messy, but has to be done in
one chunk as the change to srvstr_get_path_internal()
depends on the change to parse_dfs_path().
Thanks to Volker for the insight that made this
cleanup possible.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is copy&paste from reply_negprot() where this variable was used
to set the remote architecture. This isn't used anymore in the
stripped down smb2 version of this.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 4 21:46:23 UTC 2022 on sn-devel-184
Further up we add O_PATH manually. Initial development versions of
this code did set the is_pathref, but then I found this potential
problem. I forgot to remove this incarnation of is_pathref=true, doing
it now.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Preparation for convertion of the last filename_convert() -> filename_convert_dirfsp().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This will allow us to remove the call to dfs_redirect() from get_original_lcomp().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Now we know all @GMT paths are removed before get_original_lcomp()
is called, we can eliminate this code.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This was the last case where the snapshot TWRP token could be
passed into get_original_lcomp(). get_original_lcomp() can now
be changed to ignore TWRP tokens.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
We're going to need to convert in place if it's an MSDFS path
with an SMB1 @GMT token.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
We're soon going to change this to return dirfsp and use convert_filename_dirfsp()
so we need to return values on the passed in talloc ctx.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
"raw" MSDFS paths are passed here as \server\share\path.
find_snapshot_token() only looks for a '/' as a separator
in SMB1 shapshot paths.
Allow extract_snapshot_token() to cope with SMB1 MSDFS paths by
converting in place, looking for the @GMT token with a '/'
separator via find_snapshot_token(), and then converting back.
Note, this a temporary measure until we handle DFS paths better
and will be removed in the next patchset.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Reviewed-by: Volker Lendecke <vl@samba.org>
Will be needed to cope with MSDFS paths which can be passed in
to this function.
Note, this a temporary measure until we handle DFS paths better
and will be removed in the next patchset.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Reviewed-by: Volker Lendecke <vl@samba.org>
There is only one last user of filename_convert(), in filename_convert_smb1_search_path().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 2 20:46:38 UTC 2022 on sn-devel-184
One less use of filename_convert().
Later we should optimize this by passing in
the src_dirfsp from the caller.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
One less use of filename_convert().
Later we should optimize this by passing in
the src_dirfsp from the caller.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Not yet used, but when this is fully plumbed though we can
look at optimizing and removing the code inside rename_internals_fsp()
that currently gets it's own dst_dirfsp.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
There is no point in calling filename_convert() on a raw stream name.
It can never find the file anyway (and never returns a valid smb_fname->fsp).
Use the same logic as SMB2_FILE_RENAME_INFORMATION_INTERNAL now does
and generate smb_fname_new directly.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
There's no point in calling filename_convert() and then
just ignoring the returned smb_fname if it's a raw stream name.
Only call filename_convert() if we know it isn't a raw stream
name.
Ignore stream/non-stream mismatches in src and dst in
smb2_file_rename_information, let rename_internals_fsp()
take care of that as the error returns inside rename_internals_fsp()
are tested by raw.streams.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
We don't require it for a new file. Without this change, we have
to add UCF_PREP_CREATEFILE to the destination flags when we are
doing renames to a destination stream name, but not when doing
renames to a destination file name, which makes for inconsistent API use.
filename_convert_dirfsp() is now a drop in replacement
for filename_convert(), even for the ugly SMB1 POSIX
cases.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This isn't 100% correct, but it gets us close enough
to the old behavior for SMB1+POSIX libsmbclient. If we went through a
symlink, and we got NT_STATUS_ACCESS_DENIED on the directory
containing the target, just don't allow the client to see the
intermediate path.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Doesn't contain a valid smb_fname->fsp pointer of course,
and is only used by the SMB1 code to take a reference to
a smylink name for manipulation (unlinkat, readlinkat etc.).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is the behavior of filename_convert() and
we need to allow it for the legacy SMB1+POSIX libsmbclient
libraries already deployed out there.
When we add SMB2 POSIX we must disallow symlink
traversal over any symlinks, the client must
resolve symlinks locally.
Add a note to show this is where we need to add
an error for SMB2+POSIX names with UCF_POSIX_PATHNAMES
set.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
One less use of filename_convert().
This is the acid test of filename_convert_dirfsp() pathname error
handling.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jul 28 16:34:54 UTC 2022 on sn-devel-184
We need this in order to pass:
samba3.raw.samba3badpath
raw.chkpath
samba3.base.chkpath
Now we can convert all the SMB1 reply_openXXX functions,
and reply_checkpath().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is a subtle one. The dirfsp returned by openat_pathref_dirfsp_nosymlink()
can be used inside open.c and passed to check_parent_access_fsp() to
check if a delete_on_close flag has been set on an existing "real"
open fsp. So the file_id must be correctly set in order for this
to work. Without it, samba3.base.delete fails in deltest20 when
we convert reply_open_and_X() to use filename_convert_dirfsp().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
One less use of filename_convert().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 27 17:49:51 UTC 2022 on sn-devel-184
Without this, if we just return smb_fname_rel->fsp->fsp_name as the smb_fname
then we return something allocated off fsp (which itself is allocated off
the conn struct), not the passed in talloc_ctx.
Do this for both non-stream and stream returns.
This matters for two reasons.
1). If we error out after calling filename_convert_dirfsp()
but before getting to the code inside create_file_unixpath()
that takes ownership of the passed in smb_fname->fsp we will
leak the fsp as the destructor for smb_fname that closes the
fsp will never fire on return to the client, as smb_fname is
owned by smb_fname->fsp, not the talloc_tos() context.
2). Some uses of filename_convert() expect to be able
to TALLOC_FREE the returned smb_fname once they've successfully
called SMB_VFS_CREATE_FILE() as they consider the passed in smb_fname
no longer used. It would be nice to be able to just change
filename_convert() -> filename_convert_dirfsp() without
having to change the lifetime handling of smb_fname.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Instead of just assigning smb_fname->fsp = fsp.
This makes the logic match that of openat_pathref_fullname() and parent_pathref()
when returning smb_fnames with associated pathref fsp's.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Fixes the raw.write.bad-write test.
NB. We need the two (==0) changes in source3/smbd/smb2_reply.c
as the gcc optimizer now knows that the return from
smbreq_bufrem() can never be less than zero.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15085
Remove knownfail.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Jule Anger <janger@samba.org>
Autobuild-Date(master): Wed Jul 27 11:46:46 UTC 2022 on sn-devel-184
This will become important in the following commits when the
dbwrap_watch layer will only wake up one watcher at a time
and each woken watcher will wakeup the next one.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15125
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This makes sure we cleanup the locked record in all cases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15125
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This will become important in the following commits when the
dbwrap_watch layer will only wake up one watcher at a time
and each woken watcher will wakeup the next one.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15125
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The destructor triggered by dbwrap_watched_watch_recv() will
remove the watcher instance via a dedicated dbwrap_do_locked(),
just calling dbwrap_watched_watch_remove_instance() inside.
But the typical caller triggers a dbwrap_do_locked() again after
dbwrap_watched_watch_recv() returned. Which means we call
dbwrap_do_locked() twice.
We now allow dbwrap_watched_watch_recv() to return the existing
instance id (if it still exists) and removes the destructor.
That way the caller can pass the given instance id to
dbwrap_watched_watch_remove_instance() from within its own dbwrap_do_locked(),
when it decides to leave the queue, because it's happy with the new
state of the record. In order to get the best performance
dbwrap_watched_watch_remove_instance() should be called before any
dbwrap_record_storev() or dbwrap_record_delete(),
because that will only trigger a single low level storev/delete.
If the caller found out that the state of the record doesn't meet the
expectations and the callers wants to continue watching the
record (from its current position, most likely the first one),
dbwrap_watched_watch_remove_instance() can be skipped and the
instance id can be passed to dbwrap_watched_watch_send() again,
in order to resume waiting on the existing instance.
Currently the watcher instance were always removed (most likely from
the first position) and re-added (to the last position), which may
cause unfair latencies.
In order to improve the overhead of adding a new watcher instance
the caller can call dbwrap_watched_watch_add_instance() before
any dbwrap_record_storev() or dbwrap_record_delete(), which
will only result in a single low level storev/delete.
The returned instance id is then passed to dbwrap_watched_watch_send(),
within the same dbwrap_do_locked() run.
It also adds a way to avoid alerting any callers during
the current dbwrap_do_locked() run.
Layers above may only want to wake up watchers
during specific situations and while it's useless to wake
others in other situations.
This will soon be used to add more fairness to the g_lock code.
Note that this commit only prepares the api for the above to be useful,
the instance returned by dbwrap_watched_watch_recv() is most likely 0,
which means the watcher entry was already removed, but that will change
in the following commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15125
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
commit 8e3798dd22 actually came with a
change in behavior..., as SMB_VFS_GET_NT_ACL_AT() (at the time) and
now SMB_VFS_FGET_NT_ACL() is always called even if it's not needed.
E.g. access by root.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 26 00:31:29 UTC 2022 on sn-devel-184
This converts filename_convert_dirfsp to do symlink evaluation in user
space. It uses openat_pathref_dirfsp_nosymlink() to open the dirpath
and looks at the proper NT_STATUS_STOPPED_ON_SYMLINK response. Using
this avoids filename_convert() and thus unix_convert() completely for
the SMB2_CREATE case.
The tests
samba3.blackbox.smbclient_s3.NT1.plain.Recursive ls across MS-DFS links
now correctly stop the symlink lookup recursion with
NT_STATUS_OBJECT_PATH_NOT_FOUND. Previously we did not correcly pass up the
ELOOP coming back from the stat-call.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Jul 25 12:56:08 UTC 2022 on sn-devel-184
Next we want to avoid filename_convert() to take care of this. The
SMB2 code has a proper TWRP token anyway, so let's push the
@GMT-handling to the SMB1 code that will be converted to
filename_convert_dirfsp().
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This does a step-by-step path resolution for a directory by splitting
up the path into individual components and does a loop like that
for component in components:
fd = openat(dirfd, component, O_NOFOLLOW);
close(dirfd);
dirfd = fd
and it will report any symlink it finds in a way that will be
indirectly consumable for the smb2 symlink error response.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We'll use this in files.c, which creates a bit of a cyclic
dependency. But files.c has all the lowlevel fsp handling, and we'll
add another routine there next which needs get_real_filename_at()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Before this patch we asserted that if we have a base_fsp then
smb_fname must have a stream name attached. Now we also assert that if
we don't have a base_fsp smb_fname is not a stream.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The main point of this function was to avoid fd_openat() and thus the
expensive non_widelink_open(). Now that fd_openat() has the direct
SMB_VFS_OPENAT() fast-path for streams, we can avoid duplicating the
logic in open_stream_pathref_fsp() again.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Rename it to openat_pathref_fullname(), it will be used for stream
open next
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Would not have hurt either, but this makes the next patch easier to
verify properly
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Remove the implicit recursion
openat_pathref_fsp->openat_pathref_base_fsp->openat_pathref_fsp
by introducing openat_pathref_nostream() and use
open_stream_pathref_fsp() where possible. openat_pathref_nostream()
will change its name in further refactoring patches, but for
understanding this patch I think this name is good :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Now that non_widelink_open() does not see streams opens, we don't need
to take care of fsp->base_fsp anymore.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The main optimization is to avoid non_widelink_open() for streams
opens based on the fact that all streams opens are relative to
fsp->base_fsp, which is a pathref fsp already.
Neither streams_xattr nor streams_depot referenced dirfsp for the
streams case. Make this more obvious in the callers by passing NULL
and asserting this: non-streams opens and streams opens are just
different things, streams-opens can and do reference a base fsp and
don't need the non_widelink_open logic.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
For the current callers this does not make a difference, they have
already allocated *_smb_fname as a talloc child of fsp, but the next
patches will add one where it does.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The type of a fsp should never change, but if this call to
vfs_stat_fsp() is the very first one on this fsp, we must update this
flag.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
All we need to do is to convert the @GMT-Token and move the
rest. Before this patch we did a lot of talloc to move the @GMT token
to the beginning of the path only to cut it off immediately
again. Merge that logic into a simple memmove()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
"::$DATA" is the main file, we don't need the overhead of base_fsp here.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We open "." fixed here, and fd_openat (or rather SMB_VFS_OPENAT) will
tell us if "dirfsp" does not point at a proper directory
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
During gpfs_connect for default share of IPC$ not setting the handle data but during the vfs_gpfs_capabilities
for the default share IPC$ the get handle data was called and observing error log failed to get vfs_handle->data!
so to bypass this error log the condition check if IS_IPC share is added in make_connection_snum while calling SMB_VFS_FS_CAPABILITIES
Signed-off-by:Dinesh <dinesh.kumar.reddy@ibm.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 22 05:27:53 UTC 2022 on sn-devel-184
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Björn Baumbach <bb@sernet.de>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Jul 9 09:04:46 UTC 2022 on sn-devel-184
Originally I added the assert here as we can't return the error being in a
talloc destructor. But OEMs prefer error log messages over crashes.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jul 8 09:04:28 UTC 2022 on sn-devel-184
Tree-wide spellcheck for some common misspellings.
source3/utils/status.c has misspelled local variable (unkown_dialect).
"missmatch" is a known historical misspelling, only the incorrect
misspellings are fixed.
source3/locale/net/de.po has the spelling error (unkown) in two msgids -
it probably should be updated with current source.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This partly reverts commit edda7a329e.
Revert the chunks related to netgroups and skip NIS support related ones.
Use getdomainname() from glibc instead of yp_get_default_domain() from
libnsl to get the NIS domain name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15087
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14443
Signed-off-by: Robert Sprowson <webpages@sprow.co.uk>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 8 19:50:08 UTC 2022 on sn-devel-184
Highly likely that's a false positive because Coverity does not
understand that srv_encrypt_buffer() only allocates when
NT_STATUS_OK(status), but it does not hurt to make it happy this way.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is only used for print files. Storing it in the fd_handle seems
overkill to me, this can easily be stored directly in the fsp itself,
we have a flag for this.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14765
RN: add new smb.conf parameter "volume serial number" to allow overriding
the generated default value
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed=by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 6 17:42:37 UTC 2022 on sn-devel-184
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14765
RN: add new smb.conf parameter "volume serial number" to allow overriding the
generated default value
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Pass in new_create_disposition directly. We can also remove the
if-case (ofun & OPENX_FILE_EXISTS_OPEN) in copy_file, the two callers
don't use it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The only two callers did not use "count" and "target_is_directory".
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Covscan:
source3/smbd/files.c:575: check_after_deref: Null-checking "fsp" suggests that it
may be null, but it has already been dereferenced on all paths leading to the check.
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat May 14 04:41:57 UTC 2022 on sn-devel-184
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15042
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Apr 29 15:50:21 UTC 2022 on sn-devel-184
As part of the filename_convert() process, keep a pathref dirfsp of
the containing directory for later use. This avoids having to do
another non_widelink_open() on every SMB2_CREATE and ntcreate&x in
later patches.
Future work will be to go through other filename_convert() calls and
make them use filename_convert_dirfsp(). If we manage to convert all
of them except the one in filename_convert_dirfsp() itself, we can
simplify filename_convert() and unix_convert() significantly.
Too large a patch, but I don't know how to split this up into smaller
logic pieces.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
parent_pathref() is expensive, and we should avoid it if possible.
Not effective at this point, we always pass in NULL, but will be used
soon.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This reverts commit 322574834f.
Not strictly a revert anymore, but for future work we do need "dirfsp"
in create_file_default() passed through the VFS.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Make get_real_filename() a wrapper.
Right now shadow_copy2 does a fallback to do get_real_filename() on
the twrp=0 tree in case of snapdirseverywhere because snapdirs can be
somewhere deep in the tree, and doing that correctly would be a
full-tree walk. I'd say that snapdirseverywhere is impossible to
implement if you want symlink safety, i.e. careful top-down tree
traversal together with snapdirseverywhere. If you have
snapdirseverywhere you need to pass down the full path very deep down,
which contradicts our fd-based approach we want to take.
Also, I believe that our test does not 100% correctly reflect what
actually is there: My understanding is that if you activate
snapdirseverywhere for example in GPFS, you see all snapshots at every
level (this would need to be verified). Our test does something more
nasty: It creates and tests a specific snapshot only at one place deep
in the directory hierarchy, which makes it impossible to find without
the full path.
This is all a big mess, but for now we need to deal with it. This adds
the twrp=0 fallback to core smbd, but I don't see any other way to do
that properly. And I do want a fd-based getrealfilename....
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
If we have a directory pathref fsp, do an openat(dirfd, ".", O_RDONLY)
to cheaply get a real directory handle.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
In a patchset that I'm working on right now there's the need to call
getrealfilename while the code does have a pathref fsp already
around. Doing the name-based call including non_widelink_open is not
necessary in this case. Start by adding the _at based call to the VFS.
For now, fall back to the name-based call. glusterfs-fuse will in a
future patch be converted to fgetxattr.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
If openat_pathref_fsp() fails, callers might want to inspect the stat
info. If we really failed on STOPPED_ON_SYMLINK, the caller might need
to know this, although openat_pathref_fsp() masked this error.
As there is no smb_fname->fsp returned from openat_pathref_fsp() on
error, we need to pass this up in smb_fname itself.
This essentially reverts de439cd030, which does basically the same
thing but is too specific. We need to cover the general !O_PATH case
more broadly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Pass down "fsp" and "info_level", no need to parse this inside
call_trans2qpipeinfo() when the caller also has to do it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 26 22:38:59 UTC 2022 on sn-devel-184
Move includes.h for struct files_struct to fd_handle.c. Both
printing.c and smb1_utils.c depended on fd_handle.h to include the
prototypes. Do that explicitly in those files.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Replace them with direct calls to smb1_srv_send
and smb2_srv_send.
Signed-off-by: David Mulder <dmulder@suse.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
This enables the multi-protocol negotiate when
the SMB1 build is disabled. It requires enabling
parts of the SMB1 negotiation.
Signed-off-by: David Mulder <dmulder@suse.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
init_smb_request is needed for a multi-protocol
negotiation.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
valid_smb_header is needed for a multi-protocol
negotiation.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Because this stray prototype was mixed in with
the smb1 code, it caused the smb2-only build to
fail. Instead of duplicating the function
prototype, lets just include the correct header.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
