1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

129232 Commits

Author SHA1 Message Date
Volker Lendecke
57bcbbcacd smbd: Don't loose base_fsp statinfo in non_widelink_open
smb_fname_rel came from SMB_VFS_PARENT_PATHNAME() without a reference
to the underlying base_fsp. We want to pass the existing stat-info to
the VFS objects, so when creating the relative base fsp_name we should
copy the stat-info from the base fsp we were handed, not the fake one
that we just made up in SMB_VFS_PARENT_PATHNAME()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-04-01 20:19:29 +00:00
Volker Lendecke
b15c249757 vfs: streams_xattr uses fsetxattr by now, remove an assert
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-04-01 20:19:29 +00:00
Volker Lendecke
702af7f85f vfs: Ensure we have a base fsp openat() for named streams
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-04-01 20:19:29 +00:00
Volker Lendecke
fbce308dd4 torture: Create a base_fsp for a named stream in vfstest
This will enable a simplification in the stream-handling openat vfs
routines.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-04-01 20:19:29 +00:00
Volker Lendecke
b3ab69a435 torture: Introduce error labels for vfstest's cmd_open()
Next patch will have another error exit

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-04-01 20:19:29 +00:00
Andreas Schneider
ac7d0b45fc Move LSP stuff to buildtools/devel_env.sh
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Apr  1 11:20:35 UTC 2022 on sn-devel-184
2022-04-01 11:20:35 +00:00
Andreas Schneider
012d81d0e2 Add missing final newline to end of sh file
find $(pwd) -type f -name "*.sh" | xargs sed -i -e '$a\'

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-04-01 10:29:31 +00:00
Andreas Schneider
59d1044e55 Add missing final newline to end of c file
find $(pwd) -type f -name "*.c" | xargs sed -i -e '$a\'

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-04-01 10:29:31 +00:00
Ralph Boehme
4b0296995c smbd: consolidate nested if expressions
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 31 23:58:54 UTC 2022 on sn-devel-184
2022-03-31 23:58:54 +00:00
Ralph Boehme
643da37fd1 smbd: remove itime and file_id logic and code
This bases File-Ids on the inode numbers again. The whole stuff was
added because at that time Apple clients

1. would be upset by inode number reusage and

2. had a client side bug in their fallback implemetentation that
assigns File-Ids on the client side in case the server provides
File-Ids of 0.

After discussion with folks at Apple it should be safe these days to
rely on the Mac to generate its own File-Ids and let Samba return 0
File-Ids.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-31 23:01:37 +00:00
Ralph Boehme
8ad0febd13 vfs: bump VFS version to 47
The VFS version bump to 47 was missed when adding SMB_VFS_FSTATAT(). While at
it, fix the version history.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-31 23:01:37 +00:00
Ralph Boehme
8532d7b38c CI: consolidate SMB2-FILEID and SMB2-FILEID-UNIQUE torture test suites
We don't need seperate test suites here, all tests are related to
File-Ids.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-31 23:01:37 +00:00
Ralph Boehme
24f4bea5b8 vfs_fruit: change default for "fruit:zero_file_id" option to yes
After discussion with folks at Apple it should be safe these days to rely on the
Mac to generate its own File-Ids and let Samba return 0 File-Ids.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-31 23:01:37 +00:00
Ralph Boehme
9fa67ba8ee vfs_shadow_copy2: implement readdir()
RN: shadow_copy2 fails listing snapshotted dirs with shadow:fixinodes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15035

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 31 18:47:42 UTC 2022 on sn-devel-184
2022-03-31 18:47:42 +00:00
Ralph Boehme
ba9c5ba8ec CI: add a test listing a snapshotted directory
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15035

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-31 17:53:29 +00:00
Ralph Boehme
f734e960eb CI: avoid smb2.twrp being run by plansmbtorture4testsuite() directly
This should only be run by a blackbox test.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15035

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-31 17:53:29 +00:00
Jeremy Allison
06bfac2125 s3: smbd: Preserve the fsp->fsp_name->st buf across a MSG_SMB_FILE_RENAME message.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15038

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Mar 30 15:07:09 UTC 2022 on sn-devel-184
2022-03-30 15:07:09 +00:00
Jeremy Allison
5e1aa469ae s3: smbd: Preserve the fsp->fsp_name->st bufs across rename_open_files()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15038

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-03-30 14:16:29 +00:00
Jeremy Allison
1301e64613 s4: torture: Add test_smb2_close_full_information() test to smb2.rename.
Creates a file, opens it again on two different connections
and then renames it. When we close and ask for SMB2_CLOSE_FLAGS_FULL_INFORMATION
we expect this to succeed and return valid data on the handles that did not do
the rename request.

This currently succeeds by accident on master, so we are not
adding a knownfail.d/ file here. When we back-port this test
to 4.16.next, 4.15.next we will add a knownfail.d file.

The rename request zeros out the fsp->fsp_name->st field on the handles
that are open but are not being renamed, marking them as INVALID_STAT.

This should not happen on any open handle. Fix to follow will
preserve the field on rename in both the local connection and
different connection case.

Master gets away with this as in this branch, openat_pathref_fsp(),
which we use in the setup_close_full_information() call to fetch
the SMB2_CLOSE_FLAGS_FULL_INFORMATION data doesn't require an
existing VALID_STAT struct in order to open the file. This
hides the fact the rename zeroed out fsp->fsp_name->st.

4.16.x and 4.15.x don't have this fix, so expose the bug.
Regardless, even in master we should not zero out any
fsp->fsp_name->st values on rename.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15038

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-03-30 14:16:29 +00:00
Jeremy Allison
4725ef5c96 s4: torture: Add CHECK_CREATED macro to smb2/rename.c. Not yet used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15038

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-03-30 14:16:29 +00:00
Jeremy Allison
e862a2d9ec s4: torture: Add CHECK_VAL macro to smb2/rename.c. Not yet used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15038

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-03-30 14:16:29 +00:00
Jeremy Allison
e01c5992b0 s3: tests.py: Only run smb2.rename against fileserver.
No need to run this against nt4_dc or ad_dc.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15038

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-03-30 14:16:29 +00:00
Stefan Metzmacher
f7f65ceb46 s4:dsdb/descriptor: skip duplicates in descriptor_sd_propagation_object()
We're now sure that the security descriptor propagation happened
first for parent objects.

It means we can safely skip processing the same object twice in
descriptor_sd_propagation_object().

For the database with ~ 22000 objects it reduced the commit time
from 2m 50s down to 2m 24s.

The statistics are changed from:

descriptor_prepare_commit: changes: num_registrations=50000
descriptor_prepare_commit: changes: num_registered=22000
descriptor_prepare_commit: changes: num_toplevel=5
descriptor_prepare_commit: changes: num_processed=5200
descriptor_prepare_commit: objects: num_processed=68800

to:

descriptor_prepare_commit: changes: num_registrations=50000
descriptor_prepare_commit: changes: num_registered=22000
descriptor_prepare_commit: changes: num_toplevel=5
descriptor_prepare_commit: changes: num_processed=5200
descriptor_prepare_commit: objects: num_processed=22000
descriptor_prepare_commit: objects: num_skipped=41600

It means that we have "changes: num_registered" and
"objects: num_processed" exactly match the number
of replicated objects.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Mar 30 12:06:21 UTC 2022 on sn-devel-184
2022-03-30 12:06:21 +00:00
Stefan Metzmacher
bd1e667a62 s4:dsdb/descriptor: sort descriptor_changes tree based
For the hot code path, e.g. the commit after the initial replication,
we typically have one descriptor_changes for each object in the
database.

It means that we most likely have 5 naming contexts/partitions.
Except of their head/root object have a valid parent_guid,
so can move all of them into the tree structure.

Now we start the processing at the partition root objects,
which means that we also process all child objects in
the same run. While processing these objects we are most
likely able to mark their related descriptor_changes structure
as done removing it from the hierarchy.

With the 22000 object domain it reduces the time spend in
the commit stage from 3m 20s down to 2m 50s.

The statistics are changed from:

descriptor_prepare_commit: changes: num_registrations=50000
descriptor_prepare_commit: changes: num_registered=22000
descriptor_prepare_commit: changes: num_processed=22000
descriptor_prepare_commit: objects: num_processed=80800

to:

descriptor_prepare_commit: changes: num_registrations=50000
descriptor_prepare_commit: changes: num_registered=22000
descriptor_prepare_commit: changes: num_toplevel=5
descriptor_prepare_commit: changes: num_processed=5200
descriptor_prepare_commit: objects: num_processed=68800

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-30 11:13:35 +00:00
Stefan Metzmacher
ce38b30cdc s4:dsdb/descriptor: pass parent guid to dsdb_module_schedule_sd_propagation()
This is preparation to optimize the security descriptor propagation
in the following commits.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-30 11:13:35 +00:00
Stefan Metzmacher
b812ade416 s4:dsdb/descriptor: skip duplicates in descriptor_extended_sec_desc_propagation()
During replication we may need to fallback to using DRS_GET_TGT,
which means that we'll get a lot of objects more than once,
the most important one it the partition root object.

It means we'll also do the security descriptor propagation more than
once for these objects, which is extrememly costly for the partition
root objects and other objects near the root.

I analyzed a domain where we collected ~ 50000 descriptor_changes
registrations for the initial replication of ~ 22000 objects
in the database.
For that domain we spend ~ 4 hours for the security descriptor
propagation in descriptor_prepare_commit(), while the replication
itself was finished in less than 2 minutes.

With this change we reduce the number of registered/processed
descriptor_changes down to ~ 22000, while is reduces the time
from ~ 4 hours to just ~ 3 minutes 20 seconds!

The statitics changed from:

descriptor_prepare_commit: changes: num_registered=50000
descriptor_prepare_commit: changes: num_processed=50000
descriptor_prepare_commit: objects: num_processed=12000000

to:

descriptor_prepare_commit: changes: num_registrations=50000
descriptor_prepare_commit: changes: num_registered=22000
descriptor_prepare_commit: changes: num_processed=22000
descriptor_prepare_commit: objects: num_processed=80800

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-30 11:13:35 +00:00
Stefan Metzmacher
4c32f46a86 s4:dsdb/descriptor: add statistics for security descriptor propagation
In order to analyze the security descriptor propagation we remember
how much work we registered/processed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-30 11:13:35 +00:00
Stefan Metzmacher
8597cc9d6c s4:dsdb/descriptor: split out struct descriptor_transaction
This will make it easier to add more details to the per transaction
state.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-30 11:13:35 +00:00
Stefan Metzmacher
36ccb98aba python/join: improve logging of join_replicate()
It's useful to have timestamps to see the
time used for replication and committing.
We also warn the user that the committing stage
may take some time.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-30 11:13:35 +00:00
Stefan Metzmacher
420bbb1d92 wafsamba: require PYTHONHASHSEED=1 to be exported
This avoids a lot of trouble with random build failures,
if people try to use waf directly.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 29 23:31:38 UTC 2022 on sn-devel-184
2022-03-29 23:31:38 +00:00
Stefan Metzmacher
aa02cf3c44 ctdb/packaging/RPM: don't use waf directly
./configure && make && make install is will always work.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Stefan Metzmacher
22c46d9f41 configure/Makefile: export PYTHONHASHSEED=1 in all 'configure/Makefile' scripts
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Stefan Metzmacher
a6b1e4b576 wafsamba: let test_duplicate_symbol.sh export PYTHONHASHSEED=1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Stefan Metzmacher
0be4f56723 s4:selftest/provisions: make use of 'make testenv' and avoid direct waf
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Stefan Metzmacher
10d69da1d3 lib/fuzzing/README.md: don't use waf directly
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Stefan Metzmacher
42eeed05f1 buildtools: remove unused testwaf.sh
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Volker Lendecke
825dcc6a13 smbd: Don't NULL out "::$DATA"
Slight simplification now possible after introducing and using
fsp_is_alternate_stream() almost everywhere.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 29 22:24:38 UTC 2022 on sn-devel-184
2022-03-29 22:24:38 +00:00
Volker Lendecke
e41f8001f1 smbd: Don't NULL out the "::$DATA" in openat_pathref_fsp()
Slight simplification now possible after introducing and using
fsp_is_alternate_stream() almost everywhere.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Volker Lendecke
50bac24665 smbd: Simplify reply_rmdir()
We don't need to check this here, create_file_default and callees take
care of this.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Volker Lendecke
103dc3f938 smbd: Add a DEBUG to create_file_unixpath()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Volker Lendecke
af1719a92b smbd: Fix create_file_unixpath()'s stream handling
Make create_file_unixpath() robust against callers explicitly passing
in ":$DATA" as a stream name indicating the default stream. Right now
we NULL this out in callers, but this might change in the future.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Volker Lendecke
91ac9ce0d1 lib: GENCACHE_RAM isn't used anymore
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Volker Lendecke
1f78a8e32f smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Andrew Bartlett
d7a91a855c s4-auth: Remove last traces of LanMan authentiation support in the AD DC.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 29 03:32:57 UTC 2022 on sn-devel-184
2022-03-29 03:32:57 +00:00
Andrew Bartlett
86f7e4e690 s4-auth: Only build auth_developer module in developer mode
This is a silly module for provoking NTSTATUS replies for testing and
was useful many moons ago for determining the NTSTATUS -> DOS table that
windows uses.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-03-29 02:33:34 +00:00
Andrew Bartlett
360bb864e9 s4-auth: Do not trigger RODC replication unless missing all passwords
With the NT hash becoming optional we cannot make blind assumptions that
a missing value means we are on an RODC needing the password replicated.

Instead, check for supplementalCredentials as well.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-03-29 02:33:34 +00:00
Andrew Bartlett
1884bc11f0 s4-auth: Remove unused acct_flags parameter
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-03-29 02:33:34 +00:00
Andrew Bartlett
14e7112734 waf: Document the confusing --nonshared-binary, --builtin-libraries, --private-libraries and --bundled-libraries
These options are confusing to all who encounter them.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=8731

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Mar 28 10:06:01 UTC 2022 on sn-devel-184
2022-03-28 10:06:01 +00:00
Christof Schmitt
127f728d58 vfs_gpfs: Initialize litemask to 0
The change from commit fb13c7c94f to query exact values for atime,
mtime, ctime and size  is not necessary, as none of these are used in
this codepath. Initiale litemask to 0 instead.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15027

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Mar 28 09:10:58 UTC 2022 on sn-devel-184
2022-03-28 09:10:58 +00:00
Joseph Sutton
0bd4bc40f4 samba-tool: Check specified domain and realm against our own
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar 28 03:11:51 UTC 2022 on sn-devel-184
2022-03-28 03:11:51 +00:00