1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-24 02:04:21 +03:00

121181 Commits

Author SHA1 Message Date
Jeremy Allison
ca4521f1dd s3: smbd: In reply_tdis(), replace req -> smb1req.
Minimises the diff in the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-18 18:03:29 +00:00
Jeremy Allison
86cc67d5a7 s3: smbd: Add async internals of reply_tdis().
Waits until all aio requests on all fsp's under this
conn struct are finished before returning to the client.

Charges the profile time in the done function. Not strictly
correct but better than the other SMB1 async code that
double-charges profiling in both send and done at the
moment.

Done this way (commented out) so it is a clean
diff and it's clear what is being added.

A later commit will remove the old synchronous version.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-18 18:03:29 +00:00
Jeremy Allison
7891302ab8 s3: smbd: Replace synchronous conn_force_tdis() with the async version.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-18 18:03:29 +00:00
Jeremy Allison
4f9e0459cd s3: smbd: Add async internals of conn_force_tdis().
Commented out so it can be seen complete as
a diff. The next commit will replace the old
synchronous conn_force_tdis() code with the
new async code.

Uses a wait_queue to cause the force close
requests to stay pending until all outstanding
aio is finished on all file handles opened
on the connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-18 18:03:29 +00:00
Jeremy Allison
ac800ca6bc s3: smbd: Don't allow force disconnect of a connection already being disconnected.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-18 18:03:28 +00:00
Jeremy Allison
4287ea138e s3: smbd: Every place we check fsp->deferred_close, also check for fsp->closing.
Eventually this will allow us to remove fsp->deferred_close
from the fsp struct (and also source3/lib/tevent_wait.[ch]).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-18 18:03:28 +00:00
Jeremy Allison
b7d09b30ad s3: smbd: In async SMB1 reply_close() set fsp->closing = true, as we already do in SMB2 async close.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-18 18:03:28 +00:00
Jeremy Allison
b90bc0f289 s3: smbd: Now we free fsp->aio_requests when it gets zero entries, talloc in chunks of 10 instead of 1.
Prevents incremental +1 tallocs, and the original
idea of this array was that it wasn't freed for
io efficiency reasons. Add paranoia integer wrap
protection also.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-18 18:03:28 +00:00
Jeremy Allison
0c952bba1e s3: smbd: In aio_del_req_from_fsp() talloc_free(fsp->aio_requests[]) when fsp->num_aio_requests reaches zero.
The add code in aio_add_req_to_fsp() re-tallocs
this array on demand, and talloc freeing it here
allows it to be used as the parent for a tevent
wait queue, so callers can get notified when
all outstanding aio on an fsp is finished.

We'll deal with any performance issues in
the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-18 18:03:28 +00:00
Jeremy Allison
566658d914 s3: tests: Slight tweak to the force-close share test.
Turns out on a fast desktop machine 10MB is too small,
and by the time we've done the 'sleep 1' to make sure
the smbclient got scheduled and started processing
the 'put' command, it's already done.

Tweak the file size to be 20MB from 10MB. 10MB
seems to work reliably on gitlab-ci and on
sn-devel, but making the put size 20MB makes
sure it's still in flight when we force-close
the share, even on a fast desktop box. 20MB
shouldn't be too burdonsome even on ci VM's.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-18 18:03:28 +00:00
Martin Schwenke
319c93f0c6 ctdb-tcp: Do not stop outbound connection in ctdb_tcp_node_connect()
The only place the outgoing connection needs to be stopped is when
there is a timeout when waiting for the connection to become writable.
Add a new function ctdb_tcp_node_connect_timeout() to handle this
case.

All of the other cases are attempts to establish a new outgoing
connection (initial attempt, retry after an error or disconnect, ...)
so drop stopping the connection in those cases.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Mar 12 05:29:20 UTC 2020 on sn-devel-184
2020-03-12 05:29:20 +00:00
Martin Schwenke
3c8747fe29 ctdb-tcp: Factor out function ctdb_tcp_start_outgoing()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Ralph Boehme
2c73dbafba ctdb-tcp: add ctdb_tcp_stop_incoming()
No change in behaviour.  This makes the code self-documenting.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Ralph Boehme
1e2a967ff4 ctdb-tcp: rename ctdb_tcp_stop_connection() to ctdb_tcp_stop_outgoing()
No change in behaviour.  This makes the code self-documenting.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Ralph Boehme
ea37ecdcd5 ctdb-tcp: Remove redundant restart in ctdb_tcp_tnode_cb()
The node dead upcall has already restarted the outgoing connection.
There's no need to repeat it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Ralph Boehme
b83ef98c74 ctdb-tcp: always call node_dead() upcall in ctdb_tcp_tnode_cb()
ctdb_tcp_tnode_cb() is called when we receive data on the outgoing connection.

This can happen when we get an EOF on the connection because the other side as
closed. In this case data will be NULL.

It would also be called if we received data from the peer. In this case data
will not be NULL.

The latter case is a fatal error though and we already call
ctdb_tcp_stop_connection() for this case as well, which means even though the
node is not fully connected anymore, by not calling the node_dead() upcall
NODE_FLAGS_DISCONNECTED will not be set.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Noel Power
0ff1b78fc2 ctdb-tcp: move free of inbound queue to TCP restart
Since commit 77deaadca8e8dbc3c92ea16893099c72f6dc874e, a nodeA which
had previously accepted a connection from nodeB (where nodeB dies
e.g. as as result of fencing) when nodeB attempts to connect again
after restarting is always rejected with

 ctdb_listen_event: Incoming queue active, rejecting connection from w.x.y.z

messages.

Consolidate dead node handling in the TCP restart handling.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Martin Schwenke
15762a3455 ctdb-daemon: more logical whitespace, debug modernisation
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-12 03:47:30 +00:00
Ralph Boehme
6a4fa0785f ctdb-daemon: ensure restart() callback is called in half-connected state
If NODE_FLAGS_DISCONNECTED is set the node can be in half-connected state. With
this change we ensure to restart the transport for this case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-03-12 03:47:30 +00:00
Christof Schmitt
808d6c0c53 selftest: Add test for rpcclient LSA lookup calls
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar 11 09:52:44 UTC 2020 on sn-devel-184
2020-03-11 09:52:44 +00:00
Christof Schmitt
00ab6349e2 rpcclient: Ask for minimal permissions for SID and name lookups
The RPC calls to lookup SIDS and names only require the
POLICY_LOOKUP_NAMES permission. Only ask for that instead of the
MAXIMUM_ALLOWED flag. This allows these calls to work against a NetApp
that does not accept MAXIMUM_ALLOWED (see bugzilla 11105).

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-11 08:09:32 +00:00
Volker Lendecke
12596a3a8d libcli: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 10 23:08:20 UTC 2020 on sn-devel-184
2020-03-10 23:08:19 +00:00
Volker Lendecke
52b5bcb602 lib: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-10 21:25:33 +00:00
Volker Lendecke
c8d5195349 smbd: Fix a comment, "flags" expanded to 2 bytes
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-10 21:25:33 +00:00
Volker Lendecke
9653a10738 libsmbclient: Put it back to a known, well-working state
For adapting unix extensions in our client libraries, we need a fresh start
with additional APIs. We can't change existing application behaviour.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-10 21:25:33 +00:00
Isaac Boukris
0982980dc6 mit-kdc: Explicitly reject S4U requests
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Tue Mar 10 14:46:04 UTC 2020 on sn-devel-184
2020-03-10 14:46:04 +00:00
Andreas Schneider
8b0c796f53 selftest: Set KRB5RCACHETYPE to none for selftest
This is required that out tests work with MIT KRB5 1.18.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
2020-03-10 13:02:27 +00:00
Isaac Boukris
3434758637 Sign and verify PAC with ticket principal instead of canon principal
With MIT library 1.18 the KDC no longer set
KRB5_KDB_FLAG_CANONICALIZE for enterprise principals which allows
us to not canonicalize them (like in Windows / Heimdal).

However, it now breaks the PAC signature verification as it was
wrongly done using canonical client rather than ticket client name.

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2020-03-10 13:02:27 +00:00
Isaac Boukris
5d73cc408b Fix uxsuccess test with new MIT krb5 library 1.18
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14155

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2020-03-10 13:02:27 +00:00
Isaac Boukris
bebad45b29 Adapt sign_authdata in our KDB module for krb5 v1.18
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-10 13:02:27 +00:00
Martin Schwenke
9f9dcfb6c3 ctdb-tests: Use built-in hexdump() in system socket tests
Better compatibility, since od output isn't consistent on FreeBSD.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Mar 10 09:17:12 UTC 2020 on sn-devel-184
2020-03-10 09:17:12 +00:00
Martin Schwenke
602694522f ctdb-tests: Split system socket test
One test for each of types, TCP, ARP.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Martin Schwenke
b10e79f208 ctdb-tests: Skip "ctdb process-exists" tests when not on Linux
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Martin Schwenke
c5dd476715 ctdb-tests: Add function ctdb_test_check_supported_OS
Skips test if not on one of the supported OSes.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Martin Schwenke
8402dabf88 ctdb-tests: Use ctdb_test_skip() when initscript can not be found
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Martin Schwenke
30180ef6c2 ctdb-tests: Use ctdb_test_skip() when shellcheck is not installed
When the tests are run interactively this will make it more noticeable
that shellcheck is not installed because the test summary will
indicate missing tests.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Martin Schwenke
77f6977102 ctdb-tests: Skipped tests should not cause failure
Skipped tests return a status that indicates failure.  In combination
with the -e option this results in an exit with failure on the first
skipped test.

Convert skipped test status to success.  The skip has already been
counted.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2020-03-10 07:37:34 +00:00
Andreas Schneider
54f26cfcf2 autobuild: Run the none env in the samba-o3 build
This includes tests which should make sure that certain code is not
optimized away, like memset_s().

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar  9 23:42:26 UTC 2020 on sn-devel-184
2020-03-09 23:42:26 +00:00
Andrew Bartlett
609c990347 Require Python 3.6 for Samba 4.13
This allows Samba to use formatted string literals, which
are quite handy.

REF: https://docs.python.org/3/whatsnew/3.6.html#whatsnew36-pep498

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 22:03:26 +00:00
Andrew Bartlett
e9ce0f13e6 .gitlab-ci.yml: Do not build Samba for Ubuntu 16.04 or Debian 9 any longer
These only have Python 3.5 and we want to increase the minimum to Python 3.6.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 22:03:26 +00:00
Andrew Bartlett
d048d7e17d bootstrap: Remove long-unsupported OS versions
Samba has not built on these versions for quite some time due to
the need for Python 3.5 and GnuTLS 3.4.7

These were always marked as broken, but given the requirements
these are never likely to come back.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 22:03:26 +00:00
Ralph Boehme
0ae4f368c6 smbd: reuse close_free_pending_aio() in close_directory()
A directory fsp can have outstanding aio requests as well.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar  9 19:34:27 UTC 2020 on sn-devel-184
2020-03-09 19:34:27 +00:00
Ralph Boehme
f94cd10a21 smbd: call tevent_req_nterror() for directories when cleaning up pending aio
smbd_smb2_query_directory_recv() calls tevent_req_is_nterror() which requires a
NTSTATUS error code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-09 18:07:34 +00:00
Ralph Boehme
acb0b01761 smbd: move pending aio cleanup to a helper function
We'll be reusing this from close_directory() in the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-09 18:07:34 +00:00
Ralph Boehme
95cfcda13f vfs_default: Protect vfs_getxattrat_done() from accessing a freed req pointer
If the fsp is forced closed by a SHUTDOWN_CLOSE whilst the request is in
flight (share forced closed by smbcontrol), then we set state->req = NULL in the
state destructor.

The existing state destructor prevents the state memory from being freed, so
when the thread completes and calls vfs_getxattrat_done(), just throw away the result
if state->req == NULL.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-09 18:07:34 +00:00
Ralph Boehme
0e894f3e48 vfs_default: pass in state as the callback data to the subreq
Find the req we're finishing off by looking inside the state.  In a shutdown
close the caller calls talloc_free(req), so we can't access it directly as
callback data.

The next commit will NULL out the state->req pointer when a caller calls
talloc_free(req), and the request is still in flight.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-09 18:07:34 +00:00
Günther Deschner
54c21a99e6 winexe: add configure option to control whether to build it (default: auto)
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Mar  9 16:27:21 UTC 2020 on sn-devel-184
2020-03-09 16:27:21 +00:00
Günther Deschner
ebda529b59 librpc: fix IDL for svcctl_ChangeServiceConfigW
Found while trying to run winexe against Windows Server 2019.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 15:00:31 +00:00
Günther Deschner
c3fa0b2df9 s4-torture: add ndr svcctl testsuite
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 15:00:31 +00:00
Günther Deschner
0825324bc7 s4-torture: add rpc test for ChangeServiceConfigW
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-09 15:00:31 +00:00