Karolin Seeger
2018-04-06 11:51:02 UTC
The branch, v4-8-test has been updated
via 8e149c8 s4: torture: Test all combinations of directory open with existing directory to ensure behavior is the same.
via 1f94e36 s4: torture: Test all combinations of directory create to ensure behavior is the same.
via 29aa75e s4: torture: Test all combinations of file open with existing file to ensure behavior is the same.
via d3ac788 s4: torture: Test all combinations of file create to ensure behavior is the same.
via 2f41822 s4: torture: Ensure a failed file create doesn't create the file.
via 03876304 s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access.
via 879fccb ctdb-client: Client code should never free the client context
via a630cb9 ctdb-client: Add missing initialization of tevent_context
via aeed66e ctdb-client: Do not try to allocate 0 sized record
via 25edad4 Fix invocation of gnutls_aead_cipher_encrypt()
via 8a77ae0 Allow AESNI to be used on all processor supporting AESNI, not just Intel's This improves performance/reduced CPU usage. Tests performed: - Ran on Ivy Bridge and Ryzen and verified that AESNI is detected (crypto tests) - Ran on Ryzen, and observed 50% increased speed.
via 58befdd s3: docs: Add documentation for "smb2" and "smb2_credits" debug classes.
via b5bc2f5 s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues.
via e9f5476 lib: debug: Add DBGC_XXX versions of the macros to allow class-specific messages.
via 49a9c98 s3: debug: smb2: Create a new DBGC_SMB2 debug class and mark all smbd/smb2_*.c files with it.
via 43cbf7f lib:replace: Fix linking when libtirpc-devel overwrites system headers
via ccda6d9 s3:smbd: map nterror on smb2_flush errorpath
via f66a35b ctdb-tests: Don't use nc -d or -w options
via 65ca557 s3: smbd: Fruit. Make the use of dom_sid_compare_domain() much clearer.
via 47b1ec0 s4: vfs: fruit tests: Add regression test for dealing with NFS ACE entries.
via c45da7e selftest: vfs.fruit: add xattr_tdb where possible
via 1f93e4d selftest: run vfs.fruit_netatalk test against seperate share
via 134c412 s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces().
via 9c80cb6 s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with remove_virtual_nfs_aces().
via 2fc537b s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE remover.
via 0aed473 s3: vfs_fruit. Change check_ms_nfs() to remove the virtual ACE's generated by fruit_fget_nt_acl().
via 8ea9d13 s3: vfs_fruit. If the security descriptor was modified, ensure we set the flags correctly to reflect the ACE's left.
via 9fab1dd s3: vfs_fruit: Ensure we operate on a copy of the incoming security descriptor.
via f1c0db3 s3: vfs_fruit. Ensure we only return one set of the 'virtual' UNIX ACE entries.
via 6785550 s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir()
via a02a98a s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here.
from cbbb6ef s3:auth: make use of make_{server,session}_info_anonymous()
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-8-test
- Log -----------------------------------------------------------------
commit 8e149c84f07870b8131521a6fa13af60d0772861
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 13:19:12 2018 -0700
s4: torture: Test all combinations of directory open with existing directory to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
Autobuild-User(master): Jeremy Allison <***@samba.org>
Autobuild-Date(master): Thu Mar 29 23:13:42 CEST 2018 on sn-devel-144
(cherry picked from commit c98cd0f25edaae7558f18fd331e2fef3aabb61f2)
Autobuild-User(v4-8-test): Karolin Seeger <***@samba.org>
Autobuild-Date(v4-8-test): Fri Apr 6 13:50:18 CEST 2018 on sn-devel-144
commit 1f94e367aacf2d61ee47d79b30396b14c8013113
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 13:17:14 2018 -0700
s4: torture: Test all combinations of directory create to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
(cherry picked from commit fd9084336e7e86ccec83141d880fd7c336c23b6c)
commit 29aa75e66196fd16da9240798d5eaa07f364f232
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 11:44:40 2018 -0700
s4: torture: Test all combinations of file open with existing file to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
(cherry picked from commit 820b35bb1ceb445eb3659b67eedfb0a2f5b2f976)
commit d3ac788221e5532c11a557cf8754917f8007040e
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 11:00:59 2018 -0700
s4: torture: Test all combinations of file create to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
(cherry picked from commit 22fe8dcb77565495886244e88bb0433363d1f80a)
commit 2f418222ad1a6adf6252b265e1f53fd0a29cf473
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 10:54:30 2018 -0700
s4: torture: Ensure a failed file create doesn't create the file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
(cherry picked from commit 53cdf7a9a18ed547eade4c3cdd80d286058e440d)
commit 03876304a1f550330c622fee1e1f2e3e74d61f10
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 12:42:20 2018 -0700
s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
(cherry picked from commit 2514bee0a3b0a12430e2679ee590075c54d4803a)
commit 879fccbb8acabbc396088babe469034424012541
Author: Amitay Isaacs <***@gmail.com>
Date: Thu Mar 8 11:35:55 2018 +1100
ctdb-client: Client code should never free the client context
This should never have been done.
Signed-off-by: Amitay Isaacs <***@gmail.com>
Reviewed-by: Martin Schwenke <***@meltin.net>
(cherry picked from commit 376e9794e2d19e8d17b0bdde36ce8a1a205986c6)
commit a630cb9a37b5ed423c5c23c021bc4bcbf28c5fc0
Author: Amitay Isaacs <***@gmail.com>
Date: Mon Mar 19 13:58:43 2018 +1100
ctdb-client: Add missing initialization of tevent_context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13356
Signed-off-by: Amitay Isaacs <***@gmail.com>
Reviewed-by: Martin Schwenke <***@meltin.net>
(cherry picked from commit 4e37be92bfb790150b3791bef552aa4acf8f78b7)
commit aeed66ece0220d40fe33e66f726c4638e7c02393
Author: Amitay Isaacs <***@gmail.com>
Date: Mon Mar 19 13:38:28 2018 +1100
ctdb-client: Do not try to allocate 0 sized record
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13356
Signed-off-by: Amitay Isaacs <***@gmail.com>
Reviewed-by: Martin Schwenke <***@meltin.net>
(cherry picked from commit 92a68af1a8473dc2a5d9d6036830f944e968606d)
commit 25edad412a3d503114a805b434a729d5d2786b3f
Author: Timur I. Bakeyev <***@iXsystems.com>
Date: Thu Mar 22 05:47:58 2018 +0100
Fix invocation of gnutls_aead_cipher_encrypt()
Which was failing with GNUTLS_E_SHORT_MEMORY_BUFFER - The given memory
buffer is too short to hold parameters.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13352
Signed-off-by: Timur I. Bakeyev <***@iXsystems.com>
Reviewed-by: Garming Sam <***@catalyst.net.nz>
Reviewed-by: Gary Lockyer <***@catalyst.net.nz>
Autobuild-User(master): Garming Sam <***@samba.org>
Autobuild-Date(master): Fri Mar 23 07:25:30 CET 2018 on sn-devel-144
(cherry picked from commit b9f0c7f93c058685e24d104432978bd40b94b49f)
commit 8a77ae09ee1522d01746a4cb7fd5661b980b86d7
Author: Eric Vannier <***@google.com>
Date: Thu Mar 22 21:32:56 2018 -0700
Allow AESNI to be used on all processor supporting AESNI, not just Intel's This improves performance/reduced CPU usage. Tests performed: - Ran on Ivy Bridge and Ryzen and verified that AESNI is detected (crypto tests) - Ran on Ryzen, and observed 50% increased speed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13302
Signed-off-by: Eric Vannier <***@google.com>
Reviewed-by: Jeremy Allison <***@samba.org>
Reviewed-by: Björn Jacke <***@samba.org>
Autobuild-User(master): Jeremy Allison <***@samba.org>
Autobuild-Date(master): Tue Mar 27 13:50:09 CEST 2018 on sn-devel-144
(cherry picked from commit 77d88d75f6262a855e818a9b2b4018f8b6ced7b0)
commit 58befddfce55fd1ade66d206dbdc3274dd2a790e
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 21 12:56:12 2018 -0700
s3: docs: Add documentation for "smb2" and "smb2_credits" debug classes.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Böhme <***@samba.org>
(cherry picked from commit fc922bd29b40a20450f16728fa7347f8f83d3bcd)
commit b5bc2f593d364bf173c13ef0cca9663db6019b69
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 21 12:52:49 2018 -0700
s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Böhme <***@samba.org>
(cherry picked from commit ad973fddef00d6d92443be89e7f5404006a94d99)
commit e9f54762fa607ad321016df2284c918547a40264
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 21 12:40:50 2018 -0700
lib: debug: Add DBGC_XXX versions of the macros to allow class-specific messages.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Böhme <***@samba.org>
(cherry picked from commit cdde6d93605d15a59e816a35e8e02ca193bf1403)
commit 49a9c984974fe8c31aada72224cda434358c38f7
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 21 12:01:05 2018 -0700
s3: debug: smb2: Create a new DBGC_SMB2 debug class and mark all smbd/smb2_*.c files with it.
Will allow easier smb2-specific debugging.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Böhme <***@samba.org>
(cherry picked from commit 8dabcf8948c2e514b489169c34673e093519b583)
commit 43cbf7f7728414a6e0d0feb76d4e3a4729df55de
Author: Noel Power <***@suse.com>
Date: Thu Mar 15 16:46:39 2018 +0000
lib:replace: Fix linking when libtirpc-devel overwrites system headers
Some systems (like SUSE currently) install the new tirpc headers by
overwritting the existing system location used by gcc. This patch will
detect if the headers in the system location belong to tirpc or not.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13341
Signed-off-by: Noel Power <***@suse.com>
Reviewed-by: Andreas Schneider <***@samba.org>
Reviewed-by: Alexander Bokovoy <***@samba.org>
(cherry picked from commit 618c714b6b6c0b63993299b40b9a466adb753cc2)
commit ccda6d9b8c893d6432ac92c5c542cbde6039ad74
Author: Anton Nefedov via samba-technical <samba-***@lists.samba.org>
Date: Thu Mar 15 14:38:41 2018 +0300
s3:smbd: map nterror on smb2_flush errorpath
smbd_smb2_flush_recv() expects nterror in tevent_req, and otherwise
aborts in tevent_req_is_nterror()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13338
Signed-off-by: Anton Nefedov <***@virtuozzo.com>
Reviewed-by: Volker Lendecke <***@samba.org>
Reviewed-by: Jeremy Allison <***@samba.org>
(cherry picked from commit 98623129446672521b7fa41d3457b8ce95db828c)
commit f66a35b8beb8101a0064dfd58e494ec2f2fa40fd
Author: Martin Schwenke <***@meltin.net>
Date: Thu Mar 8 11:49:56 2018 +1100
ctdb-tests: Don't use nc -d or -w options
nmap-ncat is used in some distributions to replace netcat. It has a
different meaning for these options.
We can get the same effect as the current combination of -d and -w by
piping a sleep process to nc. Subsequent use of $! works because it
gets the last process in pipeline.
Note that redirecting from /dev/null doesn't work with some versions
of nc. They just exit when they get EOF.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13327
Signed-off-by: Martin Schwenke <***@meltin.net>
Reviewed-by: Amitay Isaacs <***@gmail.com>
(cherry picked from commit 9e954bcbf43d67a18ee55f84cda0b09028f96b92)
commit 65ca5574b769d8b211b4c9550b62f8af126346e9
Author: Jeremy Allison <***@samba.org>
Date: Mon Mar 19 15:46:41 2018 -0700
s3: smbd: Fruit. Make the use of dom_sid_compare_domain() much clearer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit 5c909ea4530d4e7e4aa27046c45e3e48b094a411)
commit 47b1ec0a5ea458f9a8a21c29afca9ff21e2fbd8f
Author: Jeremy Allison <***@samba.org>
Date: Thu Mar 15 14:45:06 2018 -0700
s4: vfs: fruit tests: Add regression test for dealing with NFS ACE entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
Autobuild-User(master): Jeremy Allison <***@samba.org>
Autobuild-Date(master): Sat Mar 17 04:04:32 CET 2018 on sn-devel-144
(cherry picked from commit a6054c01c29c2507e0d5a6aa110fee4fd5c5eeb9)
commit c45da7ee611ea9ac8ff8b88c8eeecbc06dfb7def
Author: Ralph Boehme <***@samba.org>
Date: Fri Mar 16 21:57:31 2018 +0100
selftest: vfs.fruit: add xattr_tdb where possible
This makes the tests indepent from fs xattr support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Ralph Boehme <***@samba.org>
Reviewed-by: Jeremy Allison <***@samba.org>
(cherry picked from commit 49996ca9324596b6cd72eb8051ca3676dab17191)
commit 1f93e4d2e703a61c689b040ff5f6ae60dacc7e75
Author: Ralph Boehme <***@samba.org>
Date: Fri Mar 16 21:55:26 2018 +0100
selftest: run vfs.fruit_netatalk test against seperate share
These tests require a fs with xattr support. This allows adding
xattr_tdb to all other shares in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Ralph Boehme <***@samba.org>
Reviewed-by: Jeremy Allison <***@samba.org>
(cherry picked from commit 013aaffe7ff0ed4c30495761bb3208c29b3b5de2)
commit 134c41255ca492d533d6e9cbeedabf1ac87aa7e4
Author: Jeremy Allison <***@samba.org>
Date: Thu Mar 15 09:57:09 2018 -0700
s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit 875ff2575feb96d06cf2290e5b6a226b32ef9758)
commit 9c80cb6a030cc000a52a3dc04d3794471c40ca82
Author: Jeremy Allison <***@samba.org>
Date: Thu Mar 15 09:54:41 2018 -0700
s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit a3c925d80433e3d4fe1b1b315edf6520cacf0a9e)
commit 2fc537b71998b9ea9a7492cb1d053e5b511da931
Author: Jeremy Allison <***@samba.org>
Date: Thu Mar 15 09:52:30 2018 -0700
s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE remover.
Not yet used, will be used to tidyup existing code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit ef091e2cf836793e2aa533990913609ccab5119a)
commit 0aed47322cd8e9a8df09aaa222fa30bb2215c5b4
Author: Jeremy Allison <***@samba.org>
Date: Fri Mar 2 13:53:55 2018 -0800
s3: vfs_fruit. Change check_ms_nfs() to remove the virtual ACE's generated by fruit_fget_nt_acl().
Ensures they don't get stored in the underlying ACL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
Autobuild-User(master): Ralph Böhme <***@samba.org>
Autobuild-Date(master): Thu Mar 8 04:09:38 CET 2018 on sn-devel-144
(cherry picked from commit e0b147f650fe59f606d1faffe57059e6e9d7837b)
commit 8ea9d133048be3a04d5e4b92f0e497ac426e28cc
Author: Jeremy Allison <***@samba.org>
Date: Fri Mar 2 13:51:54 2018 -0800
s3: vfs_fruit. If the security descriptor was modified, ensure we set the flags correctly to reflect the ACE's left.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit 8edad37e476295e25932778721d8ef33713f6853)
commit 9fab1ddc2db5f88dbc9b396051cdc9d8d0195f4b
Author: Jeremy Allison <***@samba.org>
Date: Fri Mar 2 13:21:37 2018 -0800
s3: vfs_fruit: Ensure we operate on a copy of the incoming security descriptor.
This will allow us to modify it in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit 019a1bc4caf3439adcaac48b384e86d84a1ad383)
commit f1c0db35d5d6c75a5a6c6778a9093fa8e04053b8
Author: Jeremy Allison <***@samba.org>
Date: Fri Mar 2 13:07:48 2018 -0800
s3: vfs_fruit. Ensure we only return one set of the 'virtual' UNIX ACE entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit e9059c7b40069cfb036bfb95958b78c6a2c800e4)
commit 678555091a5d6de1f0a32a2dd5e9ced2a9cf1b30
Author: Jeremy Allison <***@samba.org>
Date: Wed Feb 14 13:23:12 2018 -0800
s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir()
HPUX has this problem.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13270
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
Autobuild-User(master): Ralph Böhme <***@samba.org>
Autobuild-Date(master): Fri Feb 23 22:56:35 CET 2018 on sn-devel-144
(cherry picked from commit 5ad5e7966f555b1d2b39d276646934a2cd2535e6)
commit a02a98af8b20b8860252cbde372ef8f6a3b286f4
Author: Jeremy Allison <***@samba.org>
Date: Wed Jan 24 14:09:43 2018 -0800
s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here.
Thanks to Isaac Boukris <***@gmail.com> for finding the
issue and testing this fix.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13244
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@samba.org>
Autobuild-User(master): Jeremy Allison <***@samba.org>
Autobuild-Date(master): Fri Jan 26 02:25:20 CET 2018 on sn-devel-144
(cherry picked from commit e7425bd5245ffea68b7e8f794c9b5f864d103769)
-----------------------------------------------------------------------
Summary of changes:
ctdb/client/client_connect.c | 1 -
ctdb/client/client_db.c | 20 +-
ctdb/tests/complex/30_nfs_tickle_killtcp.sh | 2 +-
ctdb/tests/complex/31_nfs_tickle.sh | 2 +-
ctdb/tests/complex/32_cifs_tickle.sh | 2 +-
ctdb/tests/complex/34_nfs_tickle_restart.sh | 2 +-
ctdb/tests/complex/36_smb_reset_server.sh | 2 +-
ctdb/tests/complex/37_nfs_reset_server.sh | 2 +-
docs-xml/smbdotconf/logging/loglevel.xml | 2 +
lib/crypto/aes.c | 16 --
lib/replace/wscript | 10 +-
lib/util/debug.c | 2 +
lib/util/debug.h | 32 +++
selftest/target/Samba3.pm | 20 +-
source3/libads/ldap_utils.c | 9 +
source3/modules/vfs_fruit.c | 93 +++++++-
source3/selftest/tests.py | 2 +-
source3/smbd/open.c | 12 +
source3/smbd/smb2_break.c | 3 +
source3/smbd/smb2_close.c | 3 +
source3/smbd/smb2_create.c | 3 +
source3/smbd/smb2_flush.c | 5 +-
source3/smbd/smb2_getinfo.c | 3 +
source3/smbd/smb2_glue.c | 3 +
source3/smbd/smb2_ioctl.c | 3 +
source3/smbd/smb2_ioctl_dfs.c | 3 +
source3/smbd/smb2_ioctl_filesys.c | 3 +
source3/smbd/smb2_ioctl_named_pipe.c | 3 +
source3/smbd/smb2_ioctl_network_fs.c | 3 +
source3/smbd/smb2_keepalive.c | 3 +
source3/smbd/smb2_lock.c | 3 +
source3/smbd/smb2_negprot.c | 3 +
source3/smbd/smb2_notify.c | 3 +
source3/smbd/smb2_query_directory.c | 12 +-
source3/smbd/smb2_read.c | 3 +
source3/smbd/smb2_server.c | 51 ++--
source3/smbd/smb2_sesssetup.c | 3 +
source3/smbd/smb2_setinfo.c | 3 +
source3/smbd/smb2_tcon.c | 3 +
source3/smbd/smb2_write.c | 3 +
source4/dsdb/samdb/ldb_modules/encrypted_secrets.c | 6 +-
source4/torture/basic/delete.c | 257 ++++++++++++++++++++-
source4/torture/vfs/fruit.c | 171 ++++++++++++++
43 files changed, 714 insertions(+), 76 deletions(-)
Changeset truncated at 500 lines:
diff --git a/ctdb/client/client_connect.c b/ctdb/client/client_connect.c
index 89a602d..1e4157e 100644
--- a/ctdb/client/client_connect.c
+++ b/ctdb/client/client_connect.c
@@ -297,7 +297,6 @@ static void client_dead_handler(void *private_data)
ctdb_client_callback_func_t callback = client->callback;
void *callback_data = client->private_data;
- talloc_free(client);
if (callback != NULL) {
callback(callback_data);
return;
diff --git a/ctdb/client/client_db.c b/ctdb/client/client_db.c
index e86830e..c0ecdeb 100644
--- a/ctdb/client/client_db.c
+++ b/ctdb/client/client_db.c
@@ -1191,6 +1191,7 @@ struct tevent_req *ctdb_fetch_lock_send(TALLOC_CTX *mem_ctx,
if (tevent_req_nomem(state->h, req)) {
return tevent_req_post(req, ev);
}
+ state->h->ev = ev;
state->h->client = client;
state->h->db = db;
state->h->key.dptr = talloc_memdup(state->h, key.dptr, key.dsize);
@@ -1413,14 +1414,19 @@ struct ctdb_record_handle *ctdb_fetch_lock_recv(struct tevent_req *req,
offset = ctdb_ltdb_header_len(&h->header);
data->dsize = h->data.dsize - offset;
- data->dptr = talloc_memdup(mem_ctx, h->data.dptr + offset,
- data->dsize);
- if (data->dptr == NULL) {
- TALLOC_FREE(state->h);
- if (perr != NULL) {
- *perr = ENOMEM;
+ if (data->dsize == 0) {
+ data->dptr = NULL;
+ } else {
+ data->dptr = talloc_memdup(mem_ctx,
+ h->data.dptr + offset,
+ data->dsize);
+ if (data->dptr == NULL) {
+ TALLOC_FREE(state->h);
+ if (perr != NULL) {
+ *perr = ENOMEM;
+ }
+ return NULL;
}
- return NULL;
}
}
diff --git a/ctdb/tests/complex/30_nfs_tickle_killtcp.sh b/ctdb/tests/complex/30_nfs_tickle_killtcp.sh
index d1e7d71..40ec6ba 100755
--- a/ctdb/tests/complex/30_nfs_tickle_killtcp.sh
+++ b/ctdb/tests/complex/30_nfs_tickle_killtcp.sh
@@ -46,7 +46,7 @@ test_port=2049
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with netcat..."
-nc -d -w 30 $test_ip $test_port &
+sleep 30 | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/ctdb/tests/complex/31_nfs_tickle.sh b/ctdb/tests/complex/31_nfs_tickle.sh
index c82d31d..0b6990f 100755
--- a/ctdb/tests/complex/31_nfs_tickle.sh
+++ b/ctdb/tests/complex/31_nfs_tickle.sh
@@ -54,7 +54,7 @@ test_port=2049
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with netcat..."
-nc -d -w $(($monitor_interval * 4)) $test_ip $test_port &
+sleep $((monitor_interval * 4)) | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/ctdb/tests/complex/32_cifs_tickle.sh b/ctdb/tests/complex/32_cifs_tickle.sh
index da369b9..3668245 100755
--- a/ctdb/tests/complex/32_cifs_tickle.sh
+++ b/ctdb/tests/complex/32_cifs_tickle.sh
@@ -52,7 +52,7 @@ test_port=445
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with netcat..."
-nc -d -w $(($monitor_interval * 4)) $test_ip $test_port &
+sleep $((monitor_interval * 4)) | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/ctdb/tests/complex/34_nfs_tickle_restart.sh b/ctdb/tests/complex/34_nfs_tickle_restart.sh
index 6350db6..2aab061 100755
--- a/ctdb/tests/complex/34_nfs_tickle_restart.sh
+++ b/ctdb/tests/complex/34_nfs_tickle_restart.sh
@@ -53,7 +53,7 @@ test_port=2049
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with netcat..."
-nc -d -w 600 $test_ip $test_port &
+sleep 600 | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/ctdb/tests/complex/36_smb_reset_server.sh b/ctdb/tests/complex/36_smb_reset_server.sh
index 5723ac7..beff1a2 100755
--- a/ctdb/tests/complex/36_smb_reset_server.sh
+++ b/ctdb/tests/complex/36_smb_reset_server.sh
@@ -52,7 +52,7 @@ sleep_for 5
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with nc..."
-nc -d -w $(($monitor_interval * 4)) $test_ip $test_port &
+sleep $((monitor_interval * 4)) | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/ctdb/tests/complex/37_nfs_reset_server.sh b/ctdb/tests/complex/37_nfs_reset_server.sh
index d6dd0f0..07bd034 100755
--- a/ctdb/tests/complex/37_nfs_reset_server.sh
+++ b/ctdb/tests/complex/37_nfs_reset_server.sh
@@ -52,7 +52,7 @@ sleep_for 5
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with nc..."
-nc -d -w $(($monitor_interval * 4)) $test_ip $test_port &
+sleep $((monitor_interval * 4)) | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/docs-xml/smbdotconf/logging/loglevel.xml b/docs-xml/smbdotconf/logging/loglevel.xml
index 1a3767d..d3b5c45 100644
--- a/docs-xml/smbdotconf/logging/loglevel.xml
+++ b/docs-xml/smbdotconf/logging/loglevel.xml
@@ -22,6 +22,8 @@
<listitem><para><parameter moreinfo="none">printdrivers</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">lanman</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">smb</parameter></para></listitem>
+ <listitem><para><parameter moreinfo="none">smb2</parameter></para></listitem>
+ <listitem><para><parameter moreinfo="none">smb2_credits</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_parse</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_srv</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_cli</parameter></para></listitem>
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index c226ac1..d16d715 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -66,22 +66,6 @@ static bool has_intel_aes_instructions(void)
return (bool)has_aes_instructions;
}
- __cpuid(cpuid_results, 0);
- /*
- * MSB LSB
- * EBX = 'u' 'n' 'e' 'G'
- * EDX = 'I' 'e' 'n' 'i'
- * ECX = 'l' 'e' 't' 'n'
- */
- if (memcmp((unsigned char *)&cpuid_results[1], "Genu", 4) != 0 ||
- memcmp((unsigned char *)&cpuid_results[3],
- "ineI", 4) != 0 ||
- memcmp((unsigned char *)&cpuid_results[2],
- "ntel", 4) != 0) {
- has_aes_instructions = 0;
- return (bool)has_aes_instructions;
- }
-
__cpuid(cpuid_results, 1);
has_aes_instructions = !!(cpuid_results[2] & (1 << 25));
return (bool)has_aes_instructions;
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 2c638b7..0e04bf7 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -68,7 +68,15 @@ def configure(conf):
conf.CHECK_HEADERS('aio.h sys/unistd.h alloca.h float.h')
conf.SET_TARGET_TYPE('tirpc', 'EMPTY')
- conf.CHECK_HEADERS('rpc/rpc.h rpc/nettype.h')
+
+ if conf.CHECK_CODE(
+ '\n#ifndef _TIRPC_RPC_H\n#error "no tirpc headers in system path"\n#endif\n',
+ 'HAVE_RPC_RPC_HEADERS',
+ headers=['rpc/rpc.h', 'rpc/nettype.h'],
+ msg='Checking for tirpc rpc headers in default system path'):
+ if conf.CONFIG_SET('HAVE_RPC_RPC_H'):
+ conf.undefine('HAVE_RPC_RPC_H')
+
if not conf.CONFIG_SET('HAVE_RPC_RPC_H'):
if conf.CHECK_CFG(package='libtirpc', args='--cflags --libs',
msg='Checking for libtirpc headers',
diff --git a/lib/util/debug.c b/lib/util/debug.c
index 6428550..d010b72 100644
--- a/lib/util/debug.c
+++ b/lib/util/debug.c
@@ -541,6 +541,8 @@ static const char *default_classname_table[] = {
[DBGC_AUTH_AUDIT_JSON] = "auth_json_audit",
[DBGC_KERBEROS] = "kerberos",
[DBGC_DRS_REPL] = "drs_repl",
+ [DBGC_SMB2] = "smb2",
+ [DBGC_SMB2_CREDITS] = "smb2_credits",
};
/*
diff --git a/lib/util/debug.h b/lib/util/debug.h
index e82553a..1e184b4 100644
--- a/lib/util/debug.h
+++ b/lib/util/debug.h
@@ -93,6 +93,8 @@ bool dbghdr( int level, const char *location, const char *func);
#define DBGC_AUTH_AUDIT_JSON 25
#define DBGC_KERBEROS 26
#define DBGC_DRS_REPL 27
+#define DBGC_SMB2 28
+#define DBGC_SMB2_CREDITS 29
/* So you can define DBGC_CLASS before including debug.h */
#ifndef DBGC_CLASS
@@ -216,6 +218,14 @@ extern int *DEBUGLEVEL_CLASS;
&& (dbgtext("%s: ", __func__)) \
&& (dbgtext body) )
+/* Prefix messages with the function name - class specific */
+#define DBGC_PREFIX(dbgc_class, level, body ) \
+ (void)( ((level) <= MAX_DEBUG_LEVEL) && \
+ unlikely(DEBUGLEVEL_CLASS[ dbgc_class ] >= (level)) \
+ && (dbghdrclass(level, dbgc_class, __location__, __func__ )) \
+ && (dbgtext("%s: ", __func__)) \
+ && (dbgtext body) )
+
/*
* Debug levels matching RFC 3164
*/
@@ -231,12 +241,34 @@ extern int *DEBUGLEVEL_CLASS;
#define DBG_INFO(...) DBG_PREFIX(DBGLVL_INFO, (__VA_ARGS__))
#define DBG_DEBUG(...) DBG_PREFIX(DBGLVL_DEBUG, (__VA_ARGS__))
+#define DBGC_ERR(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_ERR, (__VA_ARGS__))
+#define DBGC_WARNING(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_WARNING, (__VA_ARGS__))
+#define DBGC_NOTICE(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_NOTICE, (__VA_ARGS__))
+#define DBGC_INFO(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_INFO, (__VA_ARGS__))
+#define DBGC_DEBUG(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_DEBUG, (__VA_ARGS__))
+
#define D_ERR(...) DEBUG(DBGLVL_ERR, (__VA_ARGS__))
#define D_WARNING(...) DEBUG(DBGLVL_WARNING, (__VA_ARGS__))
#define D_NOTICE(...) DEBUG(DBGLVL_NOTICE, (__VA_ARGS__))
#define D_INFO(...) DEBUG(DBGLVL_INFO, (__VA_ARGS__))
#define D_DEBUG(...) DEBUG(DBGLVL_DEBUG, (__VA_ARGS__))
+#define DC_ERR(...) DEBUGC(dbgc_class, \
+ DBGLVL_ERR, (__VA_ARGS__))
+#define DC_WARNING(...) DEBUGC(dbgc_class, \
+ DBGLVL_WARNING, (__VA_ARGS__))
+#define DC_NOTICE(...) DEBUGC(dbgc_class, \
+ DBGLVL_NOTICE, (__VA_ARGS__))
+#define DC_INFO(...) DEBUGC(dbgc_class, \
+ DBGLVL_INFO, (__VA_ARGS__))
+#define DC_DEBUG(...) DEBUGC(dbgc_class, \
+ DBGLVL_DEBUG, (__VA_ARGS__))
+
/* The following definitions come from lib/debug.c */
/** Possible destinations for the debug log (in order of precedence -
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index f2dcdd1..7e4224a 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -1929,6 +1929,16 @@ sub provision($$$$$$$$$)
[vfs_fruit]
path = $shrdir
+ vfs objects = catia fruit streams_xattr acl_xattr xattr_tdb
+ fruit:resource = file
+ fruit:metadata = netatalk
+ fruit:locking = netatalk
+ fruit:encoding = native
+ fruit:veto_appledouble = no
+
+[vfs_fruit_xattr]
+ path = $shrdir
+ # This is used by vfs.fruit tests that require real fs xattr
vfs objects = catia fruit streams_xattr acl_xattr
fruit:resource = file
fruit:metadata = netatalk
@@ -1938,29 +1948,29 @@ sub provision($$$$$$$$$)
[vfs_fruit_metadata_stream]
path = $shrdir
- vfs objects = fruit streams_xattr acl_xattr
+ vfs objects = fruit streams_xattr acl_xattr xattr_tdb
fruit:resource = file
fruit:metadata = stream
fruit:veto_appledouble = no
[vfs_fruit_stream_depot]
path = $shrdir
- vfs objects = fruit streams_depot acl_xattr
+ vfs objects = fruit streams_depot acl_xattr xattr_tdb
fruit:resource = stream
fruit:metadata = stream
fruit:veto_appledouble = no
[vfs_wo_fruit]
path = $shrdir
- vfs objects = streams_xattr acl_xattr
+ vfs objects = streams_xattr acl_xattr xattr_tdb
[vfs_wo_fruit_stream_depot]
path = $shrdir
- vfs objects = streams_depot acl_xattr
+ vfs objects = streams_depot acl_xattr xattr_tdb
[vfs_fruit_timemachine]
path = $shrdir
- vfs objects = fruit streams_xattr acl_xattr
+ vfs objects = fruit streams_xattr acl_xattr xattr_tdb
fruit:resource = file
fruit:metadata = stream
fruit:time machine = yes
diff --git a/source3/libads/ldap_utils.c b/source3/libads/ldap_utils.c
index a4adbc0..0c37b06 100644
--- a/source3/libads/ldap_utils.c
+++ b/source3/libads/ldap_utils.c
@@ -105,9 +105,18 @@ static ADS_STATUS ads_do_search_retry_internal(ADS_STRUCT *ads, const char *bind
status = ads_connect(ads);
if (!ADS_ERR_OK(status)) {
+ bool orig_is_mine = ads->is_mine;
+
DEBUG(1,("ads_search_retry: failed to reconnect (%s)\n",
ads_errstr(status)));
+ /*
+ * We need to keep the ads pointer
+ * from being freed here as we don't own it and
+ * callers depend on it being around.
+ */
+ ads->is_mine = false;
ads_destroy(&ads);
+ ads->is_mine = orig_is_mine;
SAFE_FREE(bp);
return status;
}
diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c
index ec76f71..1a05d0b 100644
--- a/source3/modules/vfs_fruit.c
+++ b/source3/modules/vfs_fruit.c
@@ -2954,10 +2954,54 @@ static NTSTATUS readdir_attr_macmeta(struct vfs_handle_struct *handle,
return status;
}
+static NTSTATUS remove_virtual_nfs_aces(struct security_descriptor *psd)
+{
+ NTSTATUS status;
+ uint32_t i;
+
+ if (psd->dacl == NULL) {
+ return NT_STATUS_OK;
+ }
+
+ for (i = 0; i < psd->dacl->num_aces; i++) {
+ /* MS NFS style mode/uid/gid */
+ int cmp = dom_sid_compare_domain(
+ &global_sid_Unix_NFS,
+ &psd->dacl->aces[i].trustee);
+ if (cmp != 0) {
+ /* Normal ACE entry. */
+ continue;
+ }
+
+ /*
+ * security_descriptor_dacl_del()
+ * *must* return NT_STATUS_OK as we know
+ * we have something to remove.
+ */
+
+ status = security_descriptor_dacl_del(psd,
+ &psd->dacl->aces[i].trustee);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_WARNING("failed to remove MS NFS style ACE: %s\n",
+ nt_errstr(status));
+ return status;
+ }
+
+ /*
+ * security_descriptor_dacl_del() may delete more
+ * then one entry subsequent to this one if the
+ * SID matches, but we only need to ensure that
+ * we stay looking at the same element in the array.
+ */
+ i--;
+ }
+ return NT_STATUS_OK;
+}
+
/* Search MS NFS style ACE with UNIX mode */
static NTSTATUS check_ms_nfs(vfs_handle_struct *handle,
files_struct *fsp,
- const struct security_descriptor *psd,
+ struct security_descriptor *psd,
mode_t *pmode,
bool *pdo_chmod)
{
@@ -2991,7 +3035,12 @@ static NTSTATUS check_ms_nfs(vfs_handle_struct *handle,
}
}
- return NT_STATUS_OK;
+ /*
+ * Remove any incoming virtual ACE entries generated by
+ * fruit_fget_nt_acl().
+ */
+
+ return remove_virtual_nfs_aces(psd);
}
/****************************************************************************
@@ -5708,6 +5757,13 @@ static NTSTATUS fruit_fget_nt_acl(vfs_handle_struct *handle,
return NT_STATUS_OK;
}
+ /* First remove any existing ACE's with NFS style mode/uid/gid SIDs. */
+ status = remove_virtual_nfs_aces(*ppdesc);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_WARNING("failed to remove MS NFS style ACEs\n");
+ return status;
+ }
+
/* MS NFS style mode */
sid_compose(&sid, &global_sid_Unix_NFS_Mode, fsp->fsp_name->st.st_ex_mode);
init_sec_ace(&ace, &sid, SEC_ACE_TYPE_ACCESS_DENIED, 0, 0);
@@ -5741,24 +5797,53 @@ static NTSTATUS fruit_fget_nt_acl(vfs_handle_struct *handle,
static NTSTATUS fruit_fset_nt_acl(vfs_handle_struct *handle,
files_struct *fsp,
uint32_t security_info_sent,
- const struct security_descriptor *psd)
+ const struct security_descriptor *orig_psd)
{
NTSTATUS status;
bool do_chmod;
mode_t ms_nfs_mode = 0;
int result;
+ struct security_descriptor *psd = NULL;
+ uint32_t orig_num_aces = 0;
+
+ if (orig_psd->dacl != NULL) {
+ orig_num_aces = orig_psd->dacl->num_aces;
+ }
+
+ psd = security_descriptor_copy(talloc_tos(), orig_psd);
+ if (psd == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
DBG_DEBUG("fruit_fset_nt_acl: %s\n", fsp_str_dbg(fsp));
status = check_ms_nfs(handle, fsp, psd, &ms_nfs_mode, &do_chmod);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("fruit_fset_nt_acl: check_ms_nfs failed%s\n", fsp_str_dbg(fsp)));
+ TALLOC_FREE(psd);
return status;
}
+ /*
+ * If only ms_nfs ACE entries were sent, ensure we set the DACL
+ * sent/present flags correctly now we've removed them.
+ */
+
+ if (orig_num_aces != 0) {
+ /*
+ * Are there any ACE's left ?
+ */
+ if (psd->dacl->num_aces == 0) {
+ /* No - clear the DACL sent/present flags. */
+ security_info_sent &= ~SECINFO_DACL;
+ psd->type &= ~SEC_DESC_DACL_PRESENT;
+ }
+ }
+
status = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("fruit_fset_nt_acl: SMB_VFS_NEXT_FSET_NT_ACL failed%s\n", fsp_str_dbg(fsp)));
+ TALLOC_FREE(psd);
return status;
}
@@ -5776,10 +5861,12 @@ static NTSTATUS fruit_fset_nt_acl(vfs_handle_struct *handle,
result, (unsigned)ms_nfs_mode,
strerror(errno)));
status = map_nt_error_from_unix(errno);
+ TALLOC_FREE(psd);
return status;
}
}
+ TALLOC_FREE(psd);
return NT_STATUS_OK;
}
via 8e149c8 s4: torture: Test all combinations of directory open with existing directory to ensure behavior is the same.
via 1f94e36 s4: torture: Test all combinations of directory create to ensure behavior is the same.
via 29aa75e s4: torture: Test all combinations of file open with existing file to ensure behavior is the same.
via d3ac788 s4: torture: Test all combinations of file create to ensure behavior is the same.
via 2f41822 s4: torture: Ensure a failed file create doesn't create the file.
via 03876304 s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access.
via 879fccb ctdb-client: Client code should never free the client context
via a630cb9 ctdb-client: Add missing initialization of tevent_context
via aeed66e ctdb-client: Do not try to allocate 0 sized record
via 25edad4 Fix invocation of gnutls_aead_cipher_encrypt()
via 8a77ae0 Allow AESNI to be used on all processor supporting AESNI, not just Intel's This improves performance/reduced CPU usage. Tests performed: - Ran on Ivy Bridge and Ryzen and verified that AESNI is detected (crypto tests) - Ran on Ryzen, and observed 50% increased speed.
via 58befdd s3: docs: Add documentation for "smb2" and "smb2_credits" debug classes.
via b5bc2f5 s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues.
via e9f5476 lib: debug: Add DBGC_XXX versions of the macros to allow class-specific messages.
via 49a9c98 s3: debug: smb2: Create a new DBGC_SMB2 debug class and mark all smbd/smb2_*.c files with it.
via 43cbf7f lib:replace: Fix linking when libtirpc-devel overwrites system headers
via ccda6d9 s3:smbd: map nterror on smb2_flush errorpath
via f66a35b ctdb-tests: Don't use nc -d or -w options
via 65ca557 s3: smbd: Fruit. Make the use of dom_sid_compare_domain() much clearer.
via 47b1ec0 s4: vfs: fruit tests: Add regression test for dealing with NFS ACE entries.
via c45da7e selftest: vfs.fruit: add xattr_tdb where possible
via 1f93e4d selftest: run vfs.fruit_netatalk test against seperate share
via 134c412 s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces().
via 9c80cb6 s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with remove_virtual_nfs_aces().
via 2fc537b s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE remover.
via 0aed473 s3: vfs_fruit. Change check_ms_nfs() to remove the virtual ACE's generated by fruit_fget_nt_acl().
via 8ea9d13 s3: vfs_fruit. If the security descriptor was modified, ensure we set the flags correctly to reflect the ACE's left.
via 9fab1dd s3: vfs_fruit: Ensure we operate on a copy of the incoming security descriptor.
via f1c0db3 s3: vfs_fruit. Ensure we only return one set of the 'virtual' UNIX ACE entries.
via 6785550 s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir()
via a02a98a s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here.
from cbbb6ef s3:auth: make use of make_{server,session}_info_anonymous()
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-8-test
- Log -----------------------------------------------------------------
commit 8e149c84f07870b8131521a6fa13af60d0772861
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 13:19:12 2018 -0700
s4: torture: Test all combinations of directory open with existing directory to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
Autobuild-User(master): Jeremy Allison <***@samba.org>
Autobuild-Date(master): Thu Mar 29 23:13:42 CEST 2018 on sn-devel-144
(cherry picked from commit c98cd0f25edaae7558f18fd331e2fef3aabb61f2)
Autobuild-User(v4-8-test): Karolin Seeger <***@samba.org>
Autobuild-Date(v4-8-test): Fri Apr 6 13:50:18 CEST 2018 on sn-devel-144
commit 1f94e367aacf2d61ee47d79b30396b14c8013113
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 13:17:14 2018 -0700
s4: torture: Test all combinations of directory create to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
(cherry picked from commit fd9084336e7e86ccec83141d880fd7c336c23b6c)
commit 29aa75e66196fd16da9240798d5eaa07f364f232
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 11:44:40 2018 -0700
s4: torture: Test all combinations of file open with existing file to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
(cherry picked from commit 820b35bb1ceb445eb3659b67eedfb0a2f5b2f976)
commit d3ac788221e5532c11a557cf8754917f8007040e
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 11:00:59 2018 -0700
s4: torture: Test all combinations of file create to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
(cherry picked from commit 22fe8dcb77565495886244e88bb0433363d1f80a)
commit 2f418222ad1a6adf6252b265e1f53fd0a29cf473
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 10:54:30 2018 -0700
s4: torture: Ensure a failed file create doesn't create the file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
(cherry picked from commit 53cdf7a9a18ed547eade4c3cdd80d286058e440d)
commit 03876304a1f550330c622fee1e1f2e3e74d61f10
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 28 12:42:20 2018 -0700
s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@SerNet.DE>
(cherry picked from commit 2514bee0a3b0a12430e2679ee590075c54d4803a)
commit 879fccbb8acabbc396088babe469034424012541
Author: Amitay Isaacs <***@gmail.com>
Date: Thu Mar 8 11:35:55 2018 +1100
ctdb-client: Client code should never free the client context
This should never have been done.
Signed-off-by: Amitay Isaacs <***@gmail.com>
Reviewed-by: Martin Schwenke <***@meltin.net>
(cherry picked from commit 376e9794e2d19e8d17b0bdde36ce8a1a205986c6)
commit a630cb9a37b5ed423c5c23c021bc4bcbf28c5fc0
Author: Amitay Isaacs <***@gmail.com>
Date: Mon Mar 19 13:58:43 2018 +1100
ctdb-client: Add missing initialization of tevent_context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13356
Signed-off-by: Amitay Isaacs <***@gmail.com>
Reviewed-by: Martin Schwenke <***@meltin.net>
(cherry picked from commit 4e37be92bfb790150b3791bef552aa4acf8f78b7)
commit aeed66ece0220d40fe33e66f726c4638e7c02393
Author: Amitay Isaacs <***@gmail.com>
Date: Mon Mar 19 13:38:28 2018 +1100
ctdb-client: Do not try to allocate 0 sized record
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13356
Signed-off-by: Amitay Isaacs <***@gmail.com>
Reviewed-by: Martin Schwenke <***@meltin.net>
(cherry picked from commit 92a68af1a8473dc2a5d9d6036830f944e968606d)
commit 25edad412a3d503114a805b434a729d5d2786b3f
Author: Timur I. Bakeyev <***@iXsystems.com>
Date: Thu Mar 22 05:47:58 2018 +0100
Fix invocation of gnutls_aead_cipher_encrypt()
Which was failing with GNUTLS_E_SHORT_MEMORY_BUFFER - The given memory
buffer is too short to hold parameters.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13352
Signed-off-by: Timur I. Bakeyev <***@iXsystems.com>
Reviewed-by: Garming Sam <***@catalyst.net.nz>
Reviewed-by: Gary Lockyer <***@catalyst.net.nz>
Autobuild-User(master): Garming Sam <***@samba.org>
Autobuild-Date(master): Fri Mar 23 07:25:30 CET 2018 on sn-devel-144
(cherry picked from commit b9f0c7f93c058685e24d104432978bd40b94b49f)
commit 8a77ae09ee1522d01746a4cb7fd5661b980b86d7
Author: Eric Vannier <***@google.com>
Date: Thu Mar 22 21:32:56 2018 -0700
Allow AESNI to be used on all processor supporting AESNI, not just Intel's This improves performance/reduced CPU usage. Tests performed: - Ran on Ivy Bridge and Ryzen and verified that AESNI is detected (crypto tests) - Ran on Ryzen, and observed 50% increased speed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13302
Signed-off-by: Eric Vannier <***@google.com>
Reviewed-by: Jeremy Allison <***@samba.org>
Reviewed-by: Björn Jacke <***@samba.org>
Autobuild-User(master): Jeremy Allison <***@samba.org>
Autobuild-Date(master): Tue Mar 27 13:50:09 CEST 2018 on sn-devel-144
(cherry picked from commit 77d88d75f6262a855e818a9b2b4018f8b6ced7b0)
commit 58befddfce55fd1ade66d206dbdc3274dd2a790e
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 21 12:56:12 2018 -0700
s3: docs: Add documentation for "smb2" and "smb2_credits" debug classes.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Böhme <***@samba.org>
(cherry picked from commit fc922bd29b40a20450f16728fa7347f8f83d3bcd)
commit b5bc2f593d364bf173c13ef0cca9663db6019b69
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 21 12:52:49 2018 -0700
s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Böhme <***@samba.org>
(cherry picked from commit ad973fddef00d6d92443be89e7f5404006a94d99)
commit e9f54762fa607ad321016df2284c918547a40264
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 21 12:40:50 2018 -0700
lib: debug: Add DBGC_XXX versions of the macros to allow class-specific messages.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Böhme <***@samba.org>
(cherry picked from commit cdde6d93605d15a59e816a35e8e02ca193bf1403)
commit 49a9c984974fe8c31aada72224cda434358c38f7
Author: Jeremy Allison <***@samba.org>
Date: Wed Mar 21 12:01:05 2018 -0700
s3: debug: smb2: Create a new DBGC_SMB2 debug class and mark all smbd/smb2_*.c files with it.
Will allow easier smb2-specific debugging.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Böhme <***@samba.org>
(cherry picked from commit 8dabcf8948c2e514b489169c34673e093519b583)
commit 43cbf7f7728414a6e0d0feb76d4e3a4729df55de
Author: Noel Power <***@suse.com>
Date: Thu Mar 15 16:46:39 2018 +0000
lib:replace: Fix linking when libtirpc-devel overwrites system headers
Some systems (like SUSE currently) install the new tirpc headers by
overwritting the existing system location used by gcc. This patch will
detect if the headers in the system location belong to tirpc or not.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13341
Signed-off-by: Noel Power <***@suse.com>
Reviewed-by: Andreas Schneider <***@samba.org>
Reviewed-by: Alexander Bokovoy <***@samba.org>
(cherry picked from commit 618c714b6b6c0b63993299b40b9a466adb753cc2)
commit ccda6d9b8c893d6432ac92c5c542cbde6039ad74
Author: Anton Nefedov via samba-technical <samba-***@lists.samba.org>
Date: Thu Mar 15 14:38:41 2018 +0300
s3:smbd: map nterror on smb2_flush errorpath
smbd_smb2_flush_recv() expects nterror in tevent_req, and otherwise
aborts in tevent_req_is_nterror()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13338
Signed-off-by: Anton Nefedov <***@virtuozzo.com>
Reviewed-by: Volker Lendecke <***@samba.org>
Reviewed-by: Jeremy Allison <***@samba.org>
(cherry picked from commit 98623129446672521b7fa41d3457b8ce95db828c)
commit f66a35b8beb8101a0064dfd58e494ec2f2fa40fd
Author: Martin Schwenke <***@meltin.net>
Date: Thu Mar 8 11:49:56 2018 +1100
ctdb-tests: Don't use nc -d or -w options
nmap-ncat is used in some distributions to replace netcat. It has a
different meaning for these options.
We can get the same effect as the current combination of -d and -w by
piping a sleep process to nc. Subsequent use of $! works because it
gets the last process in pipeline.
Note that redirecting from /dev/null doesn't work with some versions
of nc. They just exit when they get EOF.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13327
Signed-off-by: Martin Schwenke <***@meltin.net>
Reviewed-by: Amitay Isaacs <***@gmail.com>
(cherry picked from commit 9e954bcbf43d67a18ee55f84cda0b09028f96b92)
commit 65ca5574b769d8b211b4c9550b62f8af126346e9
Author: Jeremy Allison <***@samba.org>
Date: Mon Mar 19 15:46:41 2018 -0700
s3: smbd: Fruit. Make the use of dom_sid_compare_domain() much clearer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit 5c909ea4530d4e7e4aa27046c45e3e48b094a411)
commit 47b1ec0a5ea458f9a8a21c29afca9ff21e2fbd8f
Author: Jeremy Allison <***@samba.org>
Date: Thu Mar 15 14:45:06 2018 -0700
s4: vfs: fruit tests: Add regression test for dealing with NFS ACE entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
Autobuild-User(master): Jeremy Allison <***@samba.org>
Autobuild-Date(master): Sat Mar 17 04:04:32 CET 2018 on sn-devel-144
(cherry picked from commit a6054c01c29c2507e0d5a6aa110fee4fd5c5eeb9)
commit c45da7ee611ea9ac8ff8b88c8eeecbc06dfb7def
Author: Ralph Boehme <***@samba.org>
Date: Fri Mar 16 21:57:31 2018 +0100
selftest: vfs.fruit: add xattr_tdb where possible
This makes the tests indepent from fs xattr support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Ralph Boehme <***@samba.org>
Reviewed-by: Jeremy Allison <***@samba.org>
(cherry picked from commit 49996ca9324596b6cd72eb8051ca3676dab17191)
commit 1f93e4d2e703a61c689b040ff5f6ae60dacc7e75
Author: Ralph Boehme <***@samba.org>
Date: Fri Mar 16 21:55:26 2018 +0100
selftest: run vfs.fruit_netatalk test against seperate share
These tests require a fs with xattr support. This allows adding
xattr_tdb to all other shares in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Ralph Boehme <***@samba.org>
Reviewed-by: Jeremy Allison <***@samba.org>
(cherry picked from commit 013aaffe7ff0ed4c30495761bb3208c29b3b5de2)
commit 134c41255ca492d533d6e9cbeedabf1ac87aa7e4
Author: Jeremy Allison <***@samba.org>
Date: Thu Mar 15 09:57:09 2018 -0700
s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit 875ff2575feb96d06cf2290e5b6a226b32ef9758)
commit 9c80cb6a030cc000a52a3dc04d3794471c40ca82
Author: Jeremy Allison <***@samba.org>
Date: Thu Mar 15 09:54:41 2018 -0700
s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit a3c925d80433e3d4fe1b1b315edf6520cacf0a9e)
commit 2fc537b71998b9ea9a7492cb1d053e5b511da931
Author: Jeremy Allison <***@samba.org>
Date: Thu Mar 15 09:52:30 2018 -0700
s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE remover.
Not yet used, will be used to tidyup existing code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit ef091e2cf836793e2aa533990913609ccab5119a)
commit 0aed47322cd8e9a8df09aaa222fa30bb2215c5b4
Author: Jeremy Allison <***@samba.org>
Date: Fri Mar 2 13:53:55 2018 -0800
s3: vfs_fruit. Change check_ms_nfs() to remove the virtual ACE's generated by fruit_fget_nt_acl().
Ensures they don't get stored in the underlying ACL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
Autobuild-User(master): Ralph Böhme <***@samba.org>
Autobuild-Date(master): Thu Mar 8 04:09:38 CET 2018 on sn-devel-144
(cherry picked from commit e0b147f650fe59f606d1faffe57059e6e9d7837b)
commit 8ea9d133048be3a04d5e4b92f0e497ac426e28cc
Author: Jeremy Allison <***@samba.org>
Date: Fri Mar 2 13:51:54 2018 -0800
s3: vfs_fruit. If the security descriptor was modified, ensure we set the flags correctly to reflect the ACE's left.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit 8edad37e476295e25932778721d8ef33713f6853)
commit 9fab1ddc2db5f88dbc9b396051cdc9d8d0195f4b
Author: Jeremy Allison <***@samba.org>
Date: Fri Mar 2 13:21:37 2018 -0800
s3: vfs_fruit: Ensure we operate on a copy of the incoming security descriptor.
This will allow us to modify it in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit 019a1bc4caf3439adcaac48b384e86d84a1ad383)
commit f1c0db35d5d6c75a5a6c6778a9093fa8e04053b8
Author: Jeremy Allison <***@samba.org>
Date: Fri Mar 2 13:07:48 2018 -0800
s3: vfs_fruit. Ensure we only return one set of the 'virtual' UNIX ACE entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
(cherry picked from commit e9059c7b40069cfb036bfb95958b78c6a2c800e4)
commit 678555091a5d6de1f0a32a2dd5e9ced2a9cf1b30
Author: Jeremy Allison <***@samba.org>
Date: Wed Feb 14 13:23:12 2018 -0800
s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir()
HPUX has this problem.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13270
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Ralph Boehme <***@samba.org>
Autobuild-User(master): Ralph Böhme <***@samba.org>
Autobuild-Date(master): Fri Feb 23 22:56:35 CET 2018 on sn-devel-144
(cherry picked from commit 5ad5e7966f555b1d2b39d276646934a2cd2535e6)
commit a02a98af8b20b8860252cbde372ef8f6a3b286f4
Author: Jeremy Allison <***@samba.org>
Date: Wed Jan 24 14:09:43 2018 -0800
s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here.
Thanks to Isaac Boukris <***@gmail.com> for finding the
issue and testing this fix.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13244
Signed-off-by: Jeremy Allison <***@samba.org>
Reviewed-by: Volker Lendecke <***@samba.org>
Autobuild-User(master): Jeremy Allison <***@samba.org>
Autobuild-Date(master): Fri Jan 26 02:25:20 CET 2018 on sn-devel-144
(cherry picked from commit e7425bd5245ffea68b7e8f794c9b5f864d103769)
-----------------------------------------------------------------------
Summary of changes:
ctdb/client/client_connect.c | 1 -
ctdb/client/client_db.c | 20 +-
ctdb/tests/complex/30_nfs_tickle_killtcp.sh | 2 +-
ctdb/tests/complex/31_nfs_tickle.sh | 2 +-
ctdb/tests/complex/32_cifs_tickle.sh | 2 +-
ctdb/tests/complex/34_nfs_tickle_restart.sh | 2 +-
ctdb/tests/complex/36_smb_reset_server.sh | 2 +-
ctdb/tests/complex/37_nfs_reset_server.sh | 2 +-
docs-xml/smbdotconf/logging/loglevel.xml | 2 +
lib/crypto/aes.c | 16 --
lib/replace/wscript | 10 +-
lib/util/debug.c | 2 +
lib/util/debug.h | 32 +++
selftest/target/Samba3.pm | 20 +-
source3/libads/ldap_utils.c | 9 +
source3/modules/vfs_fruit.c | 93 +++++++-
source3/selftest/tests.py | 2 +-
source3/smbd/open.c | 12 +
source3/smbd/smb2_break.c | 3 +
source3/smbd/smb2_close.c | 3 +
source3/smbd/smb2_create.c | 3 +
source3/smbd/smb2_flush.c | 5 +-
source3/smbd/smb2_getinfo.c | 3 +
source3/smbd/smb2_glue.c | 3 +
source3/smbd/smb2_ioctl.c | 3 +
source3/smbd/smb2_ioctl_dfs.c | 3 +
source3/smbd/smb2_ioctl_filesys.c | 3 +
source3/smbd/smb2_ioctl_named_pipe.c | 3 +
source3/smbd/smb2_ioctl_network_fs.c | 3 +
source3/smbd/smb2_keepalive.c | 3 +
source3/smbd/smb2_lock.c | 3 +
source3/smbd/smb2_negprot.c | 3 +
source3/smbd/smb2_notify.c | 3 +
source3/smbd/smb2_query_directory.c | 12 +-
source3/smbd/smb2_read.c | 3 +
source3/smbd/smb2_server.c | 51 ++--
source3/smbd/smb2_sesssetup.c | 3 +
source3/smbd/smb2_setinfo.c | 3 +
source3/smbd/smb2_tcon.c | 3 +
source3/smbd/smb2_write.c | 3 +
source4/dsdb/samdb/ldb_modules/encrypted_secrets.c | 6 +-
source4/torture/basic/delete.c | 257 ++++++++++++++++++++-
source4/torture/vfs/fruit.c | 171 ++++++++++++++
43 files changed, 714 insertions(+), 76 deletions(-)
Changeset truncated at 500 lines:
diff --git a/ctdb/client/client_connect.c b/ctdb/client/client_connect.c
index 89a602d..1e4157e 100644
--- a/ctdb/client/client_connect.c
+++ b/ctdb/client/client_connect.c
@@ -297,7 +297,6 @@ static void client_dead_handler(void *private_data)
ctdb_client_callback_func_t callback = client->callback;
void *callback_data = client->private_data;
- talloc_free(client);
if (callback != NULL) {
callback(callback_data);
return;
diff --git a/ctdb/client/client_db.c b/ctdb/client/client_db.c
index e86830e..c0ecdeb 100644
--- a/ctdb/client/client_db.c
+++ b/ctdb/client/client_db.c
@@ -1191,6 +1191,7 @@ struct tevent_req *ctdb_fetch_lock_send(TALLOC_CTX *mem_ctx,
if (tevent_req_nomem(state->h, req)) {
return tevent_req_post(req, ev);
}
+ state->h->ev = ev;
state->h->client = client;
state->h->db = db;
state->h->key.dptr = talloc_memdup(state->h, key.dptr, key.dsize);
@@ -1413,14 +1414,19 @@ struct ctdb_record_handle *ctdb_fetch_lock_recv(struct tevent_req *req,
offset = ctdb_ltdb_header_len(&h->header);
data->dsize = h->data.dsize - offset;
- data->dptr = talloc_memdup(mem_ctx, h->data.dptr + offset,
- data->dsize);
- if (data->dptr == NULL) {
- TALLOC_FREE(state->h);
- if (perr != NULL) {
- *perr = ENOMEM;
+ if (data->dsize == 0) {
+ data->dptr = NULL;
+ } else {
+ data->dptr = talloc_memdup(mem_ctx,
+ h->data.dptr + offset,
+ data->dsize);
+ if (data->dptr == NULL) {
+ TALLOC_FREE(state->h);
+ if (perr != NULL) {
+ *perr = ENOMEM;
+ }
+ return NULL;
}
- return NULL;
}
}
diff --git a/ctdb/tests/complex/30_nfs_tickle_killtcp.sh b/ctdb/tests/complex/30_nfs_tickle_killtcp.sh
index d1e7d71..40ec6ba 100755
--- a/ctdb/tests/complex/30_nfs_tickle_killtcp.sh
+++ b/ctdb/tests/complex/30_nfs_tickle_killtcp.sh
@@ -46,7 +46,7 @@ test_port=2049
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with netcat..."
-nc -d -w 30 $test_ip $test_port &
+sleep 30 | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/ctdb/tests/complex/31_nfs_tickle.sh b/ctdb/tests/complex/31_nfs_tickle.sh
index c82d31d..0b6990f 100755
--- a/ctdb/tests/complex/31_nfs_tickle.sh
+++ b/ctdb/tests/complex/31_nfs_tickle.sh
@@ -54,7 +54,7 @@ test_port=2049
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with netcat..."
-nc -d -w $(($monitor_interval * 4)) $test_ip $test_port &
+sleep $((monitor_interval * 4)) | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/ctdb/tests/complex/32_cifs_tickle.sh b/ctdb/tests/complex/32_cifs_tickle.sh
index da369b9..3668245 100755
--- a/ctdb/tests/complex/32_cifs_tickle.sh
+++ b/ctdb/tests/complex/32_cifs_tickle.sh
@@ -52,7 +52,7 @@ test_port=445
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with netcat..."
-nc -d -w $(($monitor_interval * 4)) $test_ip $test_port &
+sleep $((monitor_interval * 4)) | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/ctdb/tests/complex/34_nfs_tickle_restart.sh b/ctdb/tests/complex/34_nfs_tickle_restart.sh
index 6350db6..2aab061 100755
--- a/ctdb/tests/complex/34_nfs_tickle_restart.sh
+++ b/ctdb/tests/complex/34_nfs_tickle_restart.sh
@@ -53,7 +53,7 @@ test_port=2049
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with netcat..."
-nc -d -w 600 $test_ip $test_port &
+sleep 600 | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/ctdb/tests/complex/36_smb_reset_server.sh b/ctdb/tests/complex/36_smb_reset_server.sh
index 5723ac7..beff1a2 100755
--- a/ctdb/tests/complex/36_smb_reset_server.sh
+++ b/ctdb/tests/complex/36_smb_reset_server.sh
@@ -52,7 +52,7 @@ sleep_for 5
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with nc..."
-nc -d -w $(($monitor_interval * 4)) $test_ip $test_port &
+sleep $((monitor_interval * 4)) | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/ctdb/tests/complex/37_nfs_reset_server.sh b/ctdb/tests/complex/37_nfs_reset_server.sh
index d6dd0f0..07bd034 100755
--- a/ctdb/tests/complex/37_nfs_reset_server.sh
+++ b/ctdb/tests/complex/37_nfs_reset_server.sh
@@ -52,7 +52,7 @@ sleep_for 5
echo "Connecting to node ${test_node} on IP ${test_ip}:${test_port} with nc..."
-nc -d -w $(($monitor_interval * 4)) $test_ip $test_port &
+sleep $((monitor_interval * 4)) | nc $test_ip $test_port &
nc_pid=$!
ctdb_test_exit_hook_add "kill $nc_pid >/dev/null 2>&1"
diff --git a/docs-xml/smbdotconf/logging/loglevel.xml b/docs-xml/smbdotconf/logging/loglevel.xml
index 1a3767d..d3b5c45 100644
--- a/docs-xml/smbdotconf/logging/loglevel.xml
+++ b/docs-xml/smbdotconf/logging/loglevel.xml
@@ -22,6 +22,8 @@
<listitem><para><parameter moreinfo="none">printdrivers</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">lanman</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">smb</parameter></para></listitem>
+ <listitem><para><parameter moreinfo="none">smb2</parameter></para></listitem>
+ <listitem><para><parameter moreinfo="none">smb2_credits</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_parse</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_srv</parameter></para></listitem>
<listitem><para><parameter moreinfo="none">rpc_cli</parameter></para></listitem>
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index c226ac1..d16d715 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -66,22 +66,6 @@ static bool has_intel_aes_instructions(void)
return (bool)has_aes_instructions;
}
- __cpuid(cpuid_results, 0);
- /*
- * MSB LSB
- * EBX = 'u' 'n' 'e' 'G'
- * EDX = 'I' 'e' 'n' 'i'
- * ECX = 'l' 'e' 't' 'n'
- */
- if (memcmp((unsigned char *)&cpuid_results[1], "Genu", 4) != 0 ||
- memcmp((unsigned char *)&cpuid_results[3],
- "ineI", 4) != 0 ||
- memcmp((unsigned char *)&cpuid_results[2],
- "ntel", 4) != 0) {
- has_aes_instructions = 0;
- return (bool)has_aes_instructions;
- }
-
__cpuid(cpuid_results, 1);
has_aes_instructions = !!(cpuid_results[2] & (1 << 25));
return (bool)has_aes_instructions;
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 2c638b7..0e04bf7 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -68,7 +68,15 @@ def configure(conf):
conf.CHECK_HEADERS('aio.h sys/unistd.h alloca.h float.h')
conf.SET_TARGET_TYPE('tirpc', 'EMPTY')
- conf.CHECK_HEADERS('rpc/rpc.h rpc/nettype.h')
+
+ if conf.CHECK_CODE(
+ '\n#ifndef _TIRPC_RPC_H\n#error "no tirpc headers in system path"\n#endif\n',
+ 'HAVE_RPC_RPC_HEADERS',
+ headers=['rpc/rpc.h', 'rpc/nettype.h'],
+ msg='Checking for tirpc rpc headers in default system path'):
+ if conf.CONFIG_SET('HAVE_RPC_RPC_H'):
+ conf.undefine('HAVE_RPC_RPC_H')
+
if not conf.CONFIG_SET('HAVE_RPC_RPC_H'):
if conf.CHECK_CFG(package='libtirpc', args='--cflags --libs',
msg='Checking for libtirpc headers',
diff --git a/lib/util/debug.c b/lib/util/debug.c
index 6428550..d010b72 100644
--- a/lib/util/debug.c
+++ b/lib/util/debug.c
@@ -541,6 +541,8 @@ static const char *default_classname_table[] = {
[DBGC_AUTH_AUDIT_JSON] = "auth_json_audit",
[DBGC_KERBEROS] = "kerberos",
[DBGC_DRS_REPL] = "drs_repl",
+ [DBGC_SMB2] = "smb2",
+ [DBGC_SMB2_CREDITS] = "smb2_credits",
};
/*
diff --git a/lib/util/debug.h b/lib/util/debug.h
index e82553a..1e184b4 100644
--- a/lib/util/debug.h
+++ b/lib/util/debug.h
@@ -93,6 +93,8 @@ bool dbghdr( int level, const char *location, const char *func);
#define DBGC_AUTH_AUDIT_JSON 25
#define DBGC_KERBEROS 26
#define DBGC_DRS_REPL 27
+#define DBGC_SMB2 28
+#define DBGC_SMB2_CREDITS 29
/* So you can define DBGC_CLASS before including debug.h */
#ifndef DBGC_CLASS
@@ -216,6 +218,14 @@ extern int *DEBUGLEVEL_CLASS;
&& (dbgtext("%s: ", __func__)) \
&& (dbgtext body) )
+/* Prefix messages with the function name - class specific */
+#define DBGC_PREFIX(dbgc_class, level, body ) \
+ (void)( ((level) <= MAX_DEBUG_LEVEL) && \
+ unlikely(DEBUGLEVEL_CLASS[ dbgc_class ] >= (level)) \
+ && (dbghdrclass(level, dbgc_class, __location__, __func__ )) \
+ && (dbgtext("%s: ", __func__)) \
+ && (dbgtext body) )
+
/*
* Debug levels matching RFC 3164
*/
@@ -231,12 +241,34 @@ extern int *DEBUGLEVEL_CLASS;
#define DBG_INFO(...) DBG_PREFIX(DBGLVL_INFO, (__VA_ARGS__))
#define DBG_DEBUG(...) DBG_PREFIX(DBGLVL_DEBUG, (__VA_ARGS__))
+#define DBGC_ERR(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_ERR, (__VA_ARGS__))
+#define DBGC_WARNING(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_WARNING, (__VA_ARGS__))
+#define DBGC_NOTICE(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_NOTICE, (__VA_ARGS__))
+#define DBGC_INFO(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_INFO, (__VA_ARGS__))
+#define DBGC_DEBUG(dbgc_class, ...) DBGC_PREFIX(dbgc_class, \
+ DBGLVL_DEBUG, (__VA_ARGS__))
+
#define D_ERR(...) DEBUG(DBGLVL_ERR, (__VA_ARGS__))
#define D_WARNING(...) DEBUG(DBGLVL_WARNING, (__VA_ARGS__))
#define D_NOTICE(...) DEBUG(DBGLVL_NOTICE, (__VA_ARGS__))
#define D_INFO(...) DEBUG(DBGLVL_INFO, (__VA_ARGS__))
#define D_DEBUG(...) DEBUG(DBGLVL_DEBUG, (__VA_ARGS__))
+#define DC_ERR(...) DEBUGC(dbgc_class, \
+ DBGLVL_ERR, (__VA_ARGS__))
+#define DC_WARNING(...) DEBUGC(dbgc_class, \
+ DBGLVL_WARNING, (__VA_ARGS__))
+#define DC_NOTICE(...) DEBUGC(dbgc_class, \
+ DBGLVL_NOTICE, (__VA_ARGS__))
+#define DC_INFO(...) DEBUGC(dbgc_class, \
+ DBGLVL_INFO, (__VA_ARGS__))
+#define DC_DEBUG(...) DEBUGC(dbgc_class, \
+ DBGLVL_DEBUG, (__VA_ARGS__))
+
/* The following definitions come from lib/debug.c */
/** Possible destinations for the debug log (in order of precedence -
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index f2dcdd1..7e4224a 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -1929,6 +1929,16 @@ sub provision($$$$$$$$$)
[vfs_fruit]
path = $shrdir
+ vfs objects = catia fruit streams_xattr acl_xattr xattr_tdb
+ fruit:resource = file
+ fruit:metadata = netatalk
+ fruit:locking = netatalk
+ fruit:encoding = native
+ fruit:veto_appledouble = no
+
+[vfs_fruit_xattr]
+ path = $shrdir
+ # This is used by vfs.fruit tests that require real fs xattr
vfs objects = catia fruit streams_xattr acl_xattr
fruit:resource = file
fruit:metadata = netatalk
@@ -1938,29 +1948,29 @@ sub provision($$$$$$$$$)
[vfs_fruit_metadata_stream]
path = $shrdir
- vfs objects = fruit streams_xattr acl_xattr
+ vfs objects = fruit streams_xattr acl_xattr xattr_tdb
fruit:resource = file
fruit:metadata = stream
fruit:veto_appledouble = no
[vfs_fruit_stream_depot]
path = $shrdir
- vfs objects = fruit streams_depot acl_xattr
+ vfs objects = fruit streams_depot acl_xattr xattr_tdb
fruit:resource = stream
fruit:metadata = stream
fruit:veto_appledouble = no
[vfs_wo_fruit]
path = $shrdir
- vfs objects = streams_xattr acl_xattr
+ vfs objects = streams_xattr acl_xattr xattr_tdb
[vfs_wo_fruit_stream_depot]
path = $shrdir
- vfs objects = streams_depot acl_xattr
+ vfs objects = streams_depot acl_xattr xattr_tdb
[vfs_fruit_timemachine]
path = $shrdir
- vfs objects = fruit streams_xattr acl_xattr
+ vfs objects = fruit streams_xattr acl_xattr xattr_tdb
fruit:resource = file
fruit:metadata = stream
fruit:time machine = yes
diff --git a/source3/libads/ldap_utils.c b/source3/libads/ldap_utils.c
index a4adbc0..0c37b06 100644
--- a/source3/libads/ldap_utils.c
+++ b/source3/libads/ldap_utils.c
@@ -105,9 +105,18 @@ static ADS_STATUS ads_do_search_retry_internal(ADS_STRUCT *ads, const char *bind
status = ads_connect(ads);
if (!ADS_ERR_OK(status)) {
+ bool orig_is_mine = ads->is_mine;
+
DEBUG(1,("ads_search_retry: failed to reconnect (%s)\n",
ads_errstr(status)));
+ /*
+ * We need to keep the ads pointer
+ * from being freed here as we don't own it and
+ * callers depend on it being around.
+ */
+ ads->is_mine = false;
ads_destroy(&ads);
+ ads->is_mine = orig_is_mine;
SAFE_FREE(bp);
return status;
}
diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c
index ec76f71..1a05d0b 100644
--- a/source3/modules/vfs_fruit.c
+++ b/source3/modules/vfs_fruit.c
@@ -2954,10 +2954,54 @@ static NTSTATUS readdir_attr_macmeta(struct vfs_handle_struct *handle,
return status;
}
+static NTSTATUS remove_virtual_nfs_aces(struct security_descriptor *psd)
+{
+ NTSTATUS status;
+ uint32_t i;
+
+ if (psd->dacl == NULL) {
+ return NT_STATUS_OK;
+ }
+
+ for (i = 0; i < psd->dacl->num_aces; i++) {
+ /* MS NFS style mode/uid/gid */
+ int cmp = dom_sid_compare_domain(
+ &global_sid_Unix_NFS,
+ &psd->dacl->aces[i].trustee);
+ if (cmp != 0) {
+ /* Normal ACE entry. */
+ continue;
+ }
+
+ /*
+ * security_descriptor_dacl_del()
+ * *must* return NT_STATUS_OK as we know
+ * we have something to remove.
+ */
+
+ status = security_descriptor_dacl_del(psd,
+ &psd->dacl->aces[i].trustee);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_WARNING("failed to remove MS NFS style ACE: %s\n",
+ nt_errstr(status));
+ return status;
+ }
+
+ /*
+ * security_descriptor_dacl_del() may delete more
+ * then one entry subsequent to this one if the
+ * SID matches, but we only need to ensure that
+ * we stay looking at the same element in the array.
+ */
+ i--;
+ }
+ return NT_STATUS_OK;
+}
+
/* Search MS NFS style ACE with UNIX mode */
static NTSTATUS check_ms_nfs(vfs_handle_struct *handle,
files_struct *fsp,
- const struct security_descriptor *psd,
+ struct security_descriptor *psd,
mode_t *pmode,
bool *pdo_chmod)
{
@@ -2991,7 +3035,12 @@ static NTSTATUS check_ms_nfs(vfs_handle_struct *handle,
}
}
- return NT_STATUS_OK;
+ /*
+ * Remove any incoming virtual ACE entries generated by
+ * fruit_fget_nt_acl().
+ */
+
+ return remove_virtual_nfs_aces(psd);
}
/****************************************************************************
@@ -5708,6 +5757,13 @@ static NTSTATUS fruit_fget_nt_acl(vfs_handle_struct *handle,
return NT_STATUS_OK;
}
+ /* First remove any existing ACE's with NFS style mode/uid/gid SIDs. */
+ status = remove_virtual_nfs_aces(*ppdesc);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_WARNING("failed to remove MS NFS style ACEs\n");
+ return status;
+ }
+
/* MS NFS style mode */
sid_compose(&sid, &global_sid_Unix_NFS_Mode, fsp->fsp_name->st.st_ex_mode);
init_sec_ace(&ace, &sid, SEC_ACE_TYPE_ACCESS_DENIED, 0, 0);
@@ -5741,24 +5797,53 @@ static NTSTATUS fruit_fget_nt_acl(vfs_handle_struct *handle,
static NTSTATUS fruit_fset_nt_acl(vfs_handle_struct *handle,
files_struct *fsp,
uint32_t security_info_sent,
- const struct security_descriptor *psd)
+ const struct security_descriptor *orig_psd)
{
NTSTATUS status;
bool do_chmod;
mode_t ms_nfs_mode = 0;
int result;
+ struct security_descriptor *psd = NULL;
+ uint32_t orig_num_aces = 0;
+
+ if (orig_psd->dacl != NULL) {
+ orig_num_aces = orig_psd->dacl->num_aces;
+ }
+
+ psd = security_descriptor_copy(talloc_tos(), orig_psd);
+ if (psd == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
DBG_DEBUG("fruit_fset_nt_acl: %s\n", fsp_str_dbg(fsp));
status = check_ms_nfs(handle, fsp, psd, &ms_nfs_mode, &do_chmod);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("fruit_fset_nt_acl: check_ms_nfs failed%s\n", fsp_str_dbg(fsp)));
+ TALLOC_FREE(psd);
return status;
}
+ /*
+ * If only ms_nfs ACE entries were sent, ensure we set the DACL
+ * sent/present flags correctly now we've removed them.
+ */
+
+ if (orig_num_aces != 0) {
+ /*
+ * Are there any ACE's left ?
+ */
+ if (psd->dacl->num_aces == 0) {
+ /* No - clear the DACL sent/present flags. */
+ security_info_sent &= ~SECINFO_DACL;
+ psd->type &= ~SEC_DESC_DACL_PRESENT;
+ }
+ }
+
status = SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("fruit_fset_nt_acl: SMB_VFS_NEXT_FSET_NT_ACL failed%s\n", fsp_str_dbg(fsp)));
+ TALLOC_FREE(psd);
return status;
}
@@ -5776,10 +5861,12 @@ static NTSTATUS fruit_fset_nt_acl(vfs_handle_struct *handle,
result, (unsigned)ms_nfs_mode,
strerror(errno)));
status = map_nt_error_from_unix(errno);
+ TALLOC_FREE(psd);
return status;
}
}
+ TALLOC_FREE(psd);
return NT_STATUS_OK;
}
--
Samba Shared Repository
Samba Shared Repository