Jule Anger [Mon, 9 May 2022 10:09:18 +0000 (12:09 +0200)]
smbstatus: delete wrong EXCLUSIVE+BATCH oplock
It is not possible to have an EXCLUSIVE+BATCH oplock, because a BATCH
oplock includes an EXCLUSIVE oplock. Therefore, an EXCLUSIVE+BATCH-Oplock
and a BATCH-Oplock are the same thing.
Signed-off-by: Jule Anger <janger@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 3 Jun 2022 14:45:41 +0000 (16:45 +0200)]
vfs: Add struct vfs_open_how.resolve
This prepares the later introduction of VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS,
which will be used to make use of RESOLVE_NO_SYMLINKS on linux with openat2().
Right now all terminal VFS objects reject any resolve bits with ENOSYS.
So we only prepare the vfs layer for now without any real change.
But this will make backports to 4.17 much easier.
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 6 02:39:11 UTC 2022 on sn-devel-184
where "struct open_how" is defined in "linux/openat2.h". It is
designed to be extensible with further flags.
The "size" parameter is required because there is no type checking
between userland and kernelspace, so the way for Linux to find which
version of open_how is being passed in is looking at the size:
"open_how" is expected to only every grow with additional fields,
should a change be necessary in the future.
Samba does not have this problem, we can typecheck the struct and
pointers, we expect all VFS modules to be compiled against the current
vfs.h.
For now this adds no functionality, but it will make further patches
much smaller.
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: David Mulder <dmulder@suse.com>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Sat Aug 6 01:42:09 UTC 2022 on sn-devel-184
Jeremy Allison [Thu, 4 Aug 2022 18:32:05 +0000 (11:32 -0700)]
s3: smbd: Remove ugly SMB1-specific hack to filename_convert_dirfsp()
This was added due to the error code check in test_symlink_traversal_smb1_posix.sh.
After careful consideration I've realized the error code expected here
is incorrect, and not providing any security benefit.
We already check that trying to fetch a file/traverse through a
symlink that points outside of a share returns NT_STATUS_OBJECT_PATH_NOT_FOUND,
and this is enforced in the symlink checks already inside filename_convert_dirfsp().
If a symlink points to a directory within the share for which
the user has no permissions (as is tested here), then there's no
benefit in mapping the error code from NT_STATUS_ACCESS_DENIED
to NT_STATUS_OBJECT_PATH_NOT_FOUND, as we are not providing any
extra information about the filesystem state the user cannot already
obtain by normal SMB1+POSIX calls.
Change the error code expected in this single test from NT_STATUS_OBJECT_PATH_NOT_FOUND
to NT_STATUS_ACCESS_DENIED.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Aug 5 10:24:23 UTC 2022 on sn-devel-184
Jeremy Allison [Thu, 4 Aug 2022 16:52:17 +0000 (09:52 -0700)]
s3: smbd: Change srvstr_get_path_internal() to always call check_path_syntaxXXX(), even on DFS pathnames.
The original design decision to just copy a DFS path and let
parse_dfs_path() take care of it was a horrible mistake.
Fix srvstr_get_path_internal() to always return a
/server/share/path (i.e. a path separated with '/', not '\').
This is a more complex change than I like to allow
DFS path procesing in srvstr_get_path_internal() but
needed as clients (including Samba smbclient) have a
rather "fuzzy" idea of what constitutes a valid DFS path.
If we detect the DFS path isn't valid here we have to
fall back to treating it as a local path.
I also need to modify the DFS parsing in
filename_convert_smb1_search_path() to cope with only '/'
separators.
This also means parse_dfs_path() needs changing to
cope.
The changes here are best reviewed by just applying
the fix and looking at the modified functions:
srvstr_get_path_internal()
parse_dfs_path()
For parse_dfs_path() it's mostly removing bad code
and makes parse_dfs_path() much easier to read.
These changes will enable me to remove some ugly mistakes made
adding ucf_flags to extract_snapshot_token(), as
we can now always assume canonicalized paths.
This is a little messy, but has to be done in
one chunk as the change to srvstr_get_path_internal()
depends on the change to parse_dfs_path().
Thanks to Volker for the insight that made this
cleanup possible.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Tue, 2 Aug 2022 11:08:43 +0000 (13:08 +0200)]
smbd: Fix a "set but not used" warning
This is copy&paste from reply_negprot() where this variable was used
to set the remote architecture. This isn't used anymore in the
stripped down smb2 version of this.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 4 21:46:23 UTC 2022 on sn-devel-184
Volker Lendecke [Thu, 4 Aug 2022 14:44:44 +0000 (16:44 +0200)]
smbd: Security fix for systems without O_PATH
Further up we add O_PATH manually. Initial development versions of
this code did set the is_pathref, but then I found this potential
problem. I forgot to remove this incarnation of is_pathref=true, doing
it now.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 2 Aug 2022 21:06:44 +0000 (14:06 -0700)]
s3: smbd: Convert driver_unix_convert() to use filename_convert_dirfsp().
There is now only one user left of unix_convert(), inside
the MSDFS code. I have plans to get rid of this soon.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 4 18:10:43 UTC 2022 on sn-devel-184
Jeremy Allison [Tue, 2 Aug 2022 21:16:15 +0000 (14:16 -0700)]
s3: smbd: In reply_ntrename(), move the call to get_original_lcomp(..newname..) after the call to extract_snapshot_token(..newname..).
This was the last case where the snapshot TWRP token could be
passed into get_original_lcomp(). get_original_lcomp() can now
be changed to ignore TWRP tokens.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 3 Aug 2022 16:20:36 +0000 (09:20 -0700)]
s3: smbd: Allow extract_snapshot_token() to cope with MSDFS paths.
"raw" MSDFS paths are passed here as \server\share\path.
find_snapshot_token() only looks for a '/' as a separator
in SMB1 shapshot paths.
Allow extract_snapshot_token() to cope with SMB1 MSDFS paths by
converting in place, looking for the @GMT token with a '/'
separator via find_snapshot_token(), and then converting back.
Note, this a temporary measure until we handle DFS paths better
and will be removed in the next patchset.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Reviewed-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Aug 4 13:49:54 UTC 2022 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Thu Aug 4 10:11:30 UTC 2022 on sn-devel-184
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Wed Aug 3 14:00:36 UTC 2022 on sn-devel-184
Ralph Boehme [Fri, 19 Nov 2021 12:21:31 +0000 (13:21 +0100)]
mdssvc: don't trigger http reconnect if a search was cancelled
Calling tevent_req_error() triggers a HTTP reconnect in mds_es_search_done() as
mds_es_search_recv() returns the error so we call mds_es_reconnect_on_error().
slq (which is s->slq) or s->mds_es_ctx will be NULL if the user closed a search
or disconnected a share with an active mdssvc IPC pipe, no need to trigger a
HTTP reconnect for those cases.
Ralph Boehme [Fri, 19 Nov 2021 12:11:20 +0000 (13:11 +0100)]
mdssvc: fix check if search connection state is gone
This was dead code: before this patchset noone set s->mds_es_ctx->mds_ctx to
NULL. A previous commit changed that so now the mds_es_ctx destructor sets
s->mds_es_ctx to NULL if a search "s" was currently in-flight.
Ralph Boehme [Thu, 18 Nov 2021 15:51:36 +0000 (16:51 +0100)]
mdssvc: reapply default search destructor when marking a search non-pending
This is needed to ensure searches that are scheduled more then once to the
Elasticsarch server (because the first run didn't return all results) get
removed from the list of searches in case the user closes the query.
Ralph Boehme [Fri, 19 Nov 2021 12:29:54 +0000 (13:29 +0100)]
mdssvc: prevent a crash when pending search finishes after the client closed the search connection
When a search is in-flight and currently being processed against the
Elasticsearch server, we set s->pending. In the destructor of "s" we check "pending"
and reject deallocation of the object.
One instance where "s" is requested to be deallocated is when the client closes
the top-level per-share search connection. This will implicitly close all
searches associated with the mds_ctx from mds_ctx_destructor_cb():
while (mds_ctx->query_list != NULL) {
/*
* slq destructor removes element from list.
* Don't use TALLOC_FREE()!
*/
talloc_free(mds_ctx->query_list);
}
So when this happens the Elasticsearch backend query object stays around,
alongside with any active tevent_req request and a tevent_req timer set with
tevent_req_set_endtime() in mds_es_search_send().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14915
RN: mdssvc crashes when searches are pending and the client closes the mdssvc IPC pipe
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Ralph Boehme [Fri, 19 Nov 2021 12:28:17 +0000 (13:28 +0100)]
mdssvc: consolidate calls of mds_es_search_unset_pending()
Both codepaths were mds_es_search_unset_pending() is currently called end up
going through the higher level callback mds_es_search_done(). Moving the call to
mds_es_search_unset_pending() ensures we call it consistently and don't miss it
in some error code path.
Jeremy Allison [Thu, 28 Jul 2022 19:38:47 +0000 (12:38 -0700)]
s3: smbd: Convert smb_file_rename_information() to use filename_convert_dirfsp().
There is only one last user of filename_convert(), in filename_convert_smb1_search_path().
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 2 20:46:38 UTC 2022 on sn-devel-184
projects / thirdparty / samba.git / log
