Volker Lendecke [Fri, 9 Aug 2019 06:02:41 +0000 (08:02 +0200)]
mdssvc: Fix the clang build
clang complains about "%lu" not to match size_t on 32-bit FreeBSD
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Aug 9 07:34:05 UTC 2019 on sn-devel-184
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 8 21:43:14 UTC 2019 on sn-devel-184
Ralph Boehme [Mon, 6 May 2019 12:14:26 +0000 (14:14 +0200)]
s3:mdssvc: failing the RPC request if the mdssvc policy handle is not found
Turns out macOS mdssvc doesn't fail the RPC request if the policy handle is all
zero. Also, if it fails with a non-all-zero handle, it returns a different RPC
error, namely DCERPC_NCA_S_PROTO_ERROR, not DCERPC_FAULT_CONTEXT_MISMATCH (or
rather their mapped NT_STATUS codes).
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 6 May 2019 12:11:31 +0000 (14:11 +0200)]
s3:mdssvc: the open command must work on shares with Spotlight disabled
Move the implementation of this setting down to the actual search query
processing. macOS has no notion of "spotlight = false" at the DCERPC layer and
the open request will always succeed even on all shares.
When later the client issues search requests on such shares, we ensure we use
the noindex backend.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 16 Apr 2019 17:25:09 +0000 (19:25 +0200)]
s3:mdssvc: initialize the returned share_path with the empty string
macOS returns the empty path for an unknown share. This paves the way for that
change. Currently we still fail the RPC request if the share is not known with
DCERPC_FAULT_CANT_PERFORM, but this is wrong and is going to be changed in the
next commit.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 16 Apr 2019 12:17:11 +0000 (14:17 +0200)]
s3:mdssvc: fix error handling of mdssvc RPC requests
It seems for certain error cases macOS just sends an empty response
blob. So if our mdssvc request processing fails, we should just return an empty
response blob, but not fail the mdssvc request at the DCERPC layer.
Example, passing "xxx" as sharename which does not exist at the server:
This is basically the response from macOS mdssvc for a query that yields no
results: sl_filemeta_t is empty, the CNIDs array as well.
Looking at the raw packet data, the empty sl_filemeta_t container as a size of 8
bytes which fails the following check in sl_unpack_cpx():
case SQ_CPX_TYPE_FILEMETA:
...
if (tag.size < 16) {
*boom*
}
Only tag.size=0 is invalid, tag.size=8 denotes an empty container and tag.size>=16
denotes a sl_filemeta_t container with actual content must be unpacked by
calling sl_unpack(). Note that size is always a muliple of 8.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 17 Apr 2019 14:42:20 +0000 (16:42 +0200)]
s3:wscript: enable Spotlight by default
Now that we have a no-op backend that is always available, we can compile mdssvc
by default.
The new behaviour is:
option not used Default: build mdsvc with available backends
from autodetection
--disable-spotlight Do not build mdssvc
--enable-spotlight Build mdssvc and require a real backend
(currently Tracker, in the future also Elasticsearch)
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
==> /builds/samba-team/devel/samba/samba-o3.stderr <==
In file included from /usr/include/string.h:494,
from /usr/include/bsd/string.h:30,
from ../../lib/tevent/../replace/replace.h:164,
from ../../source3/include/includes.h:23,
from ../../source3/rpc_server/mdssvc/marshalling.c:21:
In function ‘strncpy’,
inlined from ‘sl_pack_string’ at ../../source3/rpc_server/mdssvc/marshalling.c:493:2,
inlined from ‘sl_pack_loop’ at ../../source3/rpc_server/mdssvc/marshalling.c:607:13:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output
truncated before terminating nul copying as many bytes from a string as its
length [-Werror=stringop-truncation]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../source3/rpc_server/mdssvc/marshalling.c: In function ‘sl_pack_loop’:
../../source3/rpc_server/mdssvc/marshalling.c:458:8: note: length computed here
458 | len = strlen(s);
| ^~~~~~~~~
cc1: all warnings being treated as errors
Marshalled strings are not 0 terminated.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 21 Apr 2019 06:38:23 +0000 (08:38 +0200)]
unittest: workaround dependency problem in test_lib_util_modules
waf somehow screws the dependencies and the module ends up with a bunch of
missing RPC related symbols once an RPC service has special dependencies like
the mdssvc RPC service.
Ralph Boehme [Tue, 16 Apr 2019 12:04:16 +0000 (14:04 +0200)]
s3:mdssvc: supposed status field is in fact a fragment indicator
Spotted this in mdssvc response that containied many results for a search
request: if the mdssvc response blob is larger then ~32k, the server fragments
the response in 32k fragments and sets the "fragment" field to 1.
Note that mdssvc implemenets result set "fragmentation" at the result set layer,
not at the marshalled response buffer layer. Therefor mdssvc always sets this
field to 0.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 14 Mar 2019 06:38:20 +0000 (07:38 +0100)]
s3-mdssvc: factor out Tracker backend logic
This moves all Tracker backend logic into a modularized component.
This should not result in any change in behaviour, it just paves the way
for adding additional backends. Currently the only available backend is
Gnome Tracker.
slq_destroy_send/recv is not needed anymore as the problem is solved now by
correctly checking if an async Tracker request was cancelled and we got
G_IO_ERROR_CANCELLED in tracker_con_cb() or tracker_query_cb() and avoid using
user_data in that the case.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
registry: Free memory at the end of each loop run to prevent mem leak
Found during torture test runs with enable address-sanitizer.
Signed-off-by: Swen Schillig <swen@linux.ibm.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Aug 8 06:44:12 UTC 2019 on sn-devel-184
Volker Lendecke [Thu, 1 Aug 2019 12:47:41 +0000 (14:47 +0200)]
torture: SMB1 unlink needs delay for a stream's SHARING_VIOLATION
Survives against W2k12R2
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 8 01:05:38 UTC 2019 on sn-devel-184
This is close to what Windows SMB1 does: Instead of waiting for the
share entry causing the SHARING_VIOLATION to disappear, retry every
200msec up to one second. Windows does it a little differently: Retry
up to 5 times. But up to one second should be close enough.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 2 Aug 2019 09:54:11 +0000 (11:54 +0200)]
smbd: Get "req->request_time" early in create_file_default()
This is necessary for the following case:
We want to delete a file with an open stream that is not open with
FILE_SHARE_DELETE. In SMB1, we need to defer the sharing violation
reply (we don't do that right now, test to follow). However, when we
move that sharing violation delay to where it belongs, into the outer
layers, only very deep in the nested open_streams_for_delete smb1
sharing violation delay handling call we will hit the sharing
violation in the 1-second retry case. However, that
open_streams_for_delete itself is INTERNAL_OPEN_ONLY and thus not
deferred itself. This means that it will not overwrite
req->request_time at all.
Exec summary: We only have one request_time now, set it properly as
early as possible.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 2 Aug 2019 12:33:22 +0000 (14:33 +0200)]
smbd: Do not exceed the req's max timeout in setup_poll_open()
This will become important in the next commits when the SMB1 sharing
violation delay will use this. We want to be able to reduce the
timeout to less than 200msec, see the next commits.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
smbd: Avoid exit_server() in setup_kernel_oplock_poll_open()
Failure to postpone a request is not really fatal: We just don't retry
as wanted but return an error to the client that might have resolved
itself after a few seconds. From my point of view such a spurious and
rare error, which is highly unlikely anyway does not justify to kill
that client's connection.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Thu, 1 Aug 2019 20:40:43 +0000 (13:40 -0700)]
s3: VFS: Make setxattr return errno = EROFS on a shadow copy path.
smbd has no business modifying a shadow copy filesystem, it should be read-only.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 7 17:59:25 UTC 2019 on sn-devel-184
Samuel Cabrero [Tue, 6 Aug 2019 16:21:12 +0000 (18:21 +0200)]
s4:librpc/rpc: Use generic roh_connect_channel_send/recv
The HTTP connection code is common to in and out channels.
Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 7 14:12:40 UTC 2019 on sn-devel-184
Ralph Boehme [Wed, 3 Apr 2019 12:33:12 +0000 (14:33 +0200)]
s4:lib/http: add support for http POST
Even though GET would work as well, only adding POST, as that's the only method
that's going to be exersized in code and tests (RPC mdssvc elasticsearch
backend).
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Samuel Cabrero <scabrero@suse.de>
Ralph Boehme [Tue, 9 Apr 2019 11:34:39 +0000 (13:34 +0200)]
charset: add tests for Unicode NFC <-> NFD conversion
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Aug 7 07:25:39 UTC 2019 on sn-devel-184
Ralph Boehme [Tue, 9 Apr 2019 09:21:57 +0000 (11:21 +0200)]
charset: add support for Unicode normalisation with libicu
This adds a direct conversion hook using libicu to perform NFC <-> NFD
conversion on UTF8 strings. The defined charset strings are "UTF8-NFC" and
"UTF8-NFD", to convert from one to the other the caller calls smb_iconv_open()
with the desired source and target charsets, eg
smb_iconv_open("UTF8-NFD", "UTF8-NFC");
for converting from NFC to NFD.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Michael Hanselmann <public@hansmi.ch> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
The "tiniparser_load" function is made into a wrapper for the newly
added "tiniparser_load_stream" function which accepts a FILE pointer.
This way no actual files have to be opened for fuzzing (memfd_create(2)
isn't readily available on all systems yet).
Signed-off-by: Michael Hanselmann <public@hansmi.ch> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
LibFuzzer, Honggfuzz and other programs implement simple interfaces for
fuzzing appropriately prepared code. Samba contains quite a lot of
parsing code, often a good target for fuzzing.
With this change the build system is amended to support building fuzzing
binaries (added in later changes).
Signed-off-by: Michael Hanselmann <public@hansmi.ch> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Volker Lendecke [Tue, 6 Aug 2019 15:27:12 +0000 (17:27 +0200)]
smbd: Assert that INTERNAL_OPEN_ONLY never gets real oplocks
Slightly simplify assumptions in the code
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 6 23:06:41 UTC 2019 on sn-devel-184
This hides a talloc off the NULL context: The caller needs to make sure
this is put on a real talloc context later. Make that more
obvious. Also, it passes down a boolean flag, making its purpose a bit
opaque to the caller sites.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Well, this is just a drive-by patch: We don't use "mtime" if we
exit early. So it's not really a worthwhile optimization, to me
it's more a code clarity thing.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
projects / thirdparty / samba.git / log
