Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Nov 18 12:43:28 UTC 2024 on atb-devel-224
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Nov 16 13:26:05 UTC 2024 on atb-devel-224
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Wed Nov 13 15:47:40 UTC 2024 on atb-devel-224
Volker Lendecke [Mon, 21 Oct 2024 07:41:06 +0000 (09:41 +0200)]
smbd: Remove non_widelink_open()
Better look at the final code, not at the patch. The idea is to call
filename_convert_dirfsp() from fd_openat() and just have one place to
follow symlinks.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Nov 12 19:21:11 UTC 2024 on atb-devel-224
Volker Lendecke [Tue, 8 Oct 2024 15:40:41 +0000 (17:40 +0200)]
smbd: simplify open_stream_pathref_fsp()
Looks more complex, but we don't have to go through all of
fd_openat()/non_widelink_open() for opening streams. SMB_VFS_OPENAT
knows how to deal with this.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Looks more complex, but this avoids calling openat_pathref_fsp, which
eventually calls into non_widelink_open(). We need to open the pretty paranoid
SMB_ASSERT in openat_pathref_fsp_lcomp() a little bit.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 11 Oct 2024 12:56:21 +0000 (14:56 +0200)]
smbd: Add open_rootdir_pathref_fsp()
Get a pathref handle on the file system root. This will serve as
"basedir" for filename_convert_dirfsp_rel() to turn an absolute path
into one relative to the handle created here.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 10 Oct 2024 15:16:02 +0000 (17:16 +0200)]
smbd: Simplify OpenDir_from_pathref()
Use the /proc/self/fd trick to make get_real_filename_fullscan_at look
a bit nicer and faster in strace. Direct SMB_VFS_OPENAT also is
cheaper in user space, we don't need the full fd_openat and
non_widelink_open magic here.
Also avoid opening ".", which can fail where a full path open would
succeed: If the directory in question does not give "x" perms to the
user, we get a handle on the dir as such but can't cd into it.
I haven't seen real-world cases of this, but one of our tests creates
such a scenario. I have further refactoring in my local tree that make
this patch necessary.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
So far fd_openat needed to be called with cwd_fsp and "." if you
wanted to open the share root, this enables using the absolute share
path. The next patch will remove sending the "." with cwd_fsp as a
simplification. Enable that with this little change.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sat, 19 Oct 2024 15:29:01 +0000 (17:29 +0200)]
smbd: Tighten non_wide_link_open() for absolute root share open
Make it clear that non_widelink_open being called for absolute paths
is not done during regular operations, i.e. when we have passed our
pathnames through filename_convert_dirfsp and we work on a real
dirfsp.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sun, 20 Oct 2024 12:41:55 +0000 (14:41 +0200)]
smbd: Ignore twrp in chdir_below_conn()
We can't deal with snapdir paths in non_widelink_open fully with
snapdirseverywhere active: There is no way for
shadow_copy2_parent_pathname() to work when a snapshot directory is
below the directory that we want to calculate the parent for. What is
the parent directory supposed to point at? I don't know.
For me the only way out is to accept that we should ignore what
happens behind shadow_copy2's path manipulation in core
smbd. This *might* open symlink races, but the whole point of
snapshots is that they are r/o copies of the real active file system
and as such they should be immune to those races.
Found while trying to refactor code around fd_openat()
P.S: This code will go away pretty soon
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 21 Oct 2024 10:12:27 +0000 (12:12 +0200)]
vfs: Don't ever call openat(-1, ...) for relative paths
This is always a bug, we should never do this. In one iteration of my
code I was doing this, which led to an invalid fallback code, which
itself lead to an infinite recursion. Make this more obvious with an
assert.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Nov 12 15:13:03 UTC 2024 on atb-devel-224
Volker Lendecke [Mon, 11 Nov 2024 16:50:03 +0000 (17:50 +0100)]
vfs: Only call openat for valid params in fake_acls_stat
openat(-1, "relative path", ..) is invalid. I've tried to also tighten
this down to just relative paths (i.e. base_name[0] != '/'), but
non_widelink_open makes modifications further down that make this more
difficult.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 10 Oct 2024 15:14:10 +0000 (17:14 +0200)]
smbd: Fix an error resource leak in OpenDir_from_pathref()
We have to undo the fsp allocation and open we've done. Not noticed,
it's probably highly unlikely OpenDir_fsp() fails.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Nov 12 13:26:10 UTC 2024 on atb-devel-224
Thomas Klausner [Sun, 10 Nov 2024 07:37:17 +0000 (08:37 +0100)]
lib/replace: memset_explicit() only takes three arguments
Signed-off-by: Thomas Klausner <wiz@gatalith.at> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Nov 11 16:47:46 UTC 2024 on atb-devel-224
Volker Lendecke [Thu, 31 Oct 2024 17:05:00 +0000 (18:05 +0100)]
torture4: Use netlogon_pings_send/recv in bench-cldap
This slightly changes behaviour: It uses separate client sockets per
ping instead of just one, but it allows to compare CLDAP with LDAP and
LDAPS (spoiler: LDAPS is *much* slower...)
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Mon, 28 Oct 2024 12:20:56 +0000 (13:20 +0100)]
libads: Simplify ads_fill_cldap_reply()
Both callers now guarantee via the filter in netlogon_pings() that the
reply contains DCs that have the required flags set. Remove those
checks from ads_fill_cldap_reply()
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Fri, 25 Oct 2024 15:25:13 +0000 (17:25 +0200)]
ldap: Use netlogon_pings
This already requests the flags that ads_fill_cldap_reply() will later
check for, so netlogon_pings will only feed sufficient DCs into
ads_fill_cldap_reply.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 24 Oct 2024 11:55:35 +0000 (13:55 +0200)]
libads: Add netlogon_pings()
This encapsulates our logic that we send CLDAP requests on UDP/389,
sending them with 100msec timeouts until someone replies. It also
contains the code to do this over LDAP/389 or LDAPS/636.
It also contains code to filter for domain controller flags like
DS_ONLY_LDAP_NEEDED, this logic exists in several places right now.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
projects / thirdparty / samba.git / log
