Volker Lendecke [Thu, 13 Jun 2019 10:58:02 +0000 (03:58 -0700)]
smbd: Ping dbwrap_watch on locking.tdb for in smbd_do_unlocking()
smbd_smb1_do_locks_send() watches the file's locking.tdb record for
changes, like the oplock code does. Unlocking a byte range thus must
trigger a retry.
With the share mode cache get_existing_share_mode_lock() is pretty
cheap. We have to write out the share mode record with the current
code, but an obvious optimization will be a share_mode_do_locked doing
all this without actually unmarshalling the locking.tdb entry. And --
there's precedence for this pattern in downgrade_lease()...
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 13 Jun 2019 10:38:57 +0000 (03:38 -0700)]
smbd: Add smbd_smb1_do_locks_send/recv()
This contains the SMB1-specific brlock logic. Right now our core
brlock code has specialized code to deal with pending locks. For
dealing with pending requests waiting for something nowadays we
recommend to use tevent_req. This code also provides the basis to
remove the SMB1 special case handling from the core logic, isolating
protocol features specific to SMB1 and not exposed in SMB2 in
SMB1-specific code.
The core brlock code will not see blocking locks anymore. Instead, the
code in this patch will always immediately fail and take care of the
retries and timeouts.
Retries are implemented by a dbwrap_watch_record_send on the
corresponding locking.tdb entry. A later commit will make unlocks
trigger wakeups there. I chose locking.tdb and not brlock itself to
simplify the implementation. We already have oplock break watchers on
locking.tdb, this will only add one more. This might lead to spurious
wakeups, but they are taken care of by careful retries. An advantage
of doing that is the implicit handling of a killed blocker PID through
dbwrap_watch, obsoleting brl_revalidate.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 20 Jun 2019 10:42:23 +0000 (12:42 +0200)]
smbd: Add some paranoia against NULL dereference
Quite a few callers set "psmblctx" to NULL, and I could not really
follow 100% that brl_lock only assigns that in the blocking lock
case. Too many layers :-)
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 20 Jun 2019 10:05:30 +0000 (12:05 +0200)]
smbd: Add "blocker_pid" to brl_lock()
Soon we will wait on a conflicting lock to become free via
dbwrap_watched_watch_send. That routine can take a server_id that
blocks us, watching it to go away. To use that, we need to know which
PID it is that blocks us.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 19 Jun 2019 15:50:54 +0000 (17:50 +0200)]
torture3: Run a blocking lock&x call with a subsequent read
Samba aborts the read&x after a blocked, but eventually successful
locking&x call. Both Windows and source4/ntvfs do the read properly,
source3/smbd does not. With later code, this will become possible much
easier. Lets see if it's worth it given that we've got away with this
forever.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 14 Jun 2019 11:39:04 +0000 (04:39 -0700)]
smbd: Add "lock_flav" to smbd_do_unlocking()
The next commits will pass all direct "do_unlock" calls through
smbd_do_unlocking(). Why? Unlocking will later on require that we take
the share mode lock for the file in question while the unlock is
happening, and this should be in one central place.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Thu Jun 20 17:14:50 UTC 2019 on sn-devel-184
Douglas Bagnall [Fri, 17 May 2019 02:42:24 +0000 (14:42 +1200)]
CVE-2019-12436 dsdb/paged_results: ignore successful results without messages
So that we don't dereference result->msgs[0] when it doesn't exist.
This can happen when the object has changed in such a way that it no
longer matches the original search query.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Wed Jun 19 08:16:39 UTC 2019 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 18 18:10:40 UTC 2019 on sn-devel-184
Lukas Slebodnik [Wed, 12 Jun 2019 10:27:04 +0000 (12:27 +0200)]
wafsamba: Use native waf timer
__main__:1: DeprecationWarning: time.clock has been deprecated in Python 3.3
and will be removed from Python 3.8: use time.perf_counter
or time.process_time instead
Björn Baumbach [Wed, 12 Jun 2019 19:02:43 +0000 (21:02 +0200)]
selftest: add tests for samba-tool ntacl changedomsid
Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Tue Jun 18 16:54:22 UTC 2019 on sn-devel-184
Björn Baumbach [Tue, 11 Jun 2019 13:11:20 +0000 (15:11 +0200)]
samba-tool: add ntacl changedomsid command
This tool is meant to locally change all entries in acl_xattr when the
machine's SID has accidentially changed or the data set has been copied
to another box either via backup/restore or rsync.
Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Wed, 12 Jun 2019 19:16:25 +0000 (21:16 +0200)]
python/ntacls: use correct "state directory" smb.conf option instead of "state dir"
samba-tool ntacl get testfile --xattr-backend=tdb --use-ntvfs Fixes: Unknown parameter encountered: "state dir" Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 13 Jun 2019 19:21:09 +0000 (12:21 -0700)]
smbd: Deprecate "blocking locks" parameter
This parameter adds complexity to our brlock implementation that I don't think
is justified. Not a lot of complexity, but if we would want to really support
it we'd need tests. Instead of doing those, I think removing the parameter is
the better choice.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 18 14:47:08 UTC 2019 on sn-devel-184
Volker Lendecke [Thu, 30 May 2019 09:42:16 +0000 (11:42 +0200)]
smbd: Slightly simplify reply_lockingX()
Make the data dependencies more obvious. "locks" and "ulocks" are used
only for short time spans. Any sane compiler will coalesce them to
just one stack variable.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 18 06:47:05 UTC 2019 on sn-devel-184
Gary Lockyer [Wed, 12 Jun 2019 20:49:16 +0000 (08:49 +1200)]
lib ldb ldb_key_value: csbuild unused parm ldb_kv
Fixes csbuild error.
Error: COMPILER_WARNING:
lib/ldb/ldb_key_value/ldb_kv_search.c: scope_hint: In
function ‘search_func’ lib/ldb/ldb_key_value/ldb_kv_search.c:308:47:
warning: unused parameter ‘ldb_kv’ [-Wunused-parameter]
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jun 13 08:27:12 UTC 2019 on sn-devel-184
Gary Lockyer [Fri, 7 Jun 2019 03:19:25 +0000 (15:19 +1200)]
lib ldb ldb_key_value: csbuild fix signed unsigned compare
Fixes csbuild error.
Error: COMPILER_WARNING:
lib/ldb/ldb_key_value/ldb_kv_index.c: scope_hint: In function
‘ldb_kv_index_add1’
lib/ldb/ldb_key_value/ldb_kv_index.c:2601:15: warning: comparison of
integer expressions of different signedness: ‘int’ and ‘unsigned int’
[-Wsign-compare]
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Error: COMPILER_WARNING:
lib/ldb/ldb_key_value/ldb_kv_index.c: scope_hint: In function
‘ldb_kv_key_dn_from_idx’
lib/ldb/ldb_key_value/ldb_kv_index.c:545:15: warning: comparison of
integer expressions of different signedness: ‘int’ and ‘unsigned int’
[-Wsign-compare]
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
torture: Use two connections in SMB2 sharemode tests
This allows using the unclist option to specify multiple targets, e.g.
for testing against multiple nodes in a clustered Samba environment.
Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 12 20:02:26 UTC 2019 on sn-devel-184
libcli/smb: harden smbXcli_session_shallow_copy against nonce reusage
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jun 12 13:56:19 UTC 2019 on sn-devel-184
libcli/smb: only fallback to the global smb2 signing key if we should sign
We should only sign if we're asked for it. The signing keys are
always generated, so we were always using global signing key
and signed with it when signing was not asked for.
By luck this was the correct signing key for the 1st channel.
But multi channel connections where broken is the server nor the client
require/desire signing. It seems the tests only ever run against
Windows domain controllers, which always require signing.
Note that the following code in smb2cli_req_create() makes
sure that we always sign session binds:
if (cmd == SMB2_OP_SESSSETUP &&
!smb2_signing_key_valid(session->smb2_channel.signing_key) &&
smb2_signing_key_valid(session->smb2->signing_key))
{
/*
* a session bind needs to be signed
*/
state->smb2.should_sign = true;
}
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 11 15:25:56 UTC 2019 on sn-devel-184
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Noel Power [Mon, 27 May 2019 15:47:54 +0000 (15:47 +0000)]
lib/tdb/common: clang: Fix 'Value stored to 'last_ptr' is never read'
Fixes
lib/tdb/common/freelistcheck.c:96:3: warning: Value stored to 'last_ptr' is never read <--[clang]
last_ptr = rec_ptr;
^ ~~~~~~~
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Gary Lockyer gary@catalyst.net.nz
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jun 11 13:31:01 UTC 2019 on sn-devel-184
Noel Power [Fri, 24 May 2019 14:08:58 +0000 (14:08 +0000)]
lib/util: clang: Fix dereference of a null pointer warning
Fixes:
lib/util/rbtree.c:170:8: warning: Access to field 'rb_parent_color' results in a dereference of a null pointer (loaded from variable 'other') <--[clang]
We could avoid accessing the NULL pointer but previously the code would
have crashed here. Given this is a rbtree probably better to preserve the
fatal nature of encountering a NULL pointer here while satisfying the static
checker.
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Gary Lockyer gary@catalyst.net.nz
projects / thirdparty / samba.git / log
