We call filename_convert_dirfsp() on the old name. Use the parsing
done there, we don't need to scan for a ":" in reply_ntrename() where
filename_convert_dirfsp() already does it.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
See the comment at the top of this patch for a description of the data
format.
The lowerlevel xattr_multi routines now take the raw stream name
instead of the xattr name because they have to build up the real xattr
name attached to the file themselves.
The patch is a bit larger than I would like it, but the mechanics in
the _multi() routines don't make sense in isolation, and the rest is
mostly handling the raw_stream_name instead of the xattr_name.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
streams_xattr always appends a '\0'. We'll start to add meaning to
that byte and check it soon, so make the hand-crafted stream follow
that convention.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Oct 20 10:59:03 UTC 2025 on atb-devel-224
in a Spotlight query produces the following log message:
map_fts: Mapping fts [757378800] unexpected op [~]
However, when
elasticsearch:ignore unknown attribute = yes
is set, the parser will ignore the failed expression and continue
parsing given the expression is part of a larger expression like
"subexpression1 OR subexpression2". Avoid spamming the log and reduce
the loglevel when we hit this case.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Oct 17 12:16:23 UTC 2025 on atb-devel-224
Martin Schwenke [Thu, 16 Oct 2025 02:54:22 +0000 (13:54 +1100)]
ctdb-scripts: Avoid failing updateip when IP is not assigned
There is no use failing this when it could behave more like takeip.
Use old interface of "__none__" as a hint that ctdbd doesn't think the
IP is assigned either. In this case print a warning instead of an
error. Take some care to avoid spurious errors in updateip.
After commit 0536d7a98b832fc00d26b09c26bf14fb63dbf5fb (which improves
IP address state checking), this will almost certainly not occur on
platforms with getifaddrs(3) (e.g. Linux). This means it is only
likely to occur in 4.21 when net.ipv4.ip_nonlocal_bind=1.
Reported-by: Bailey Allison <ballison@45drives.com> Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Oct 17 06:28:30 UTC 2025 on atb-devel-224
Martin Schwenke [Wed, 15 Oct 2025 23:42:22 +0000 (10:42 +1100)]
ctdb-tests: Add an event script unit test for updateip
This illustrates the current failure where an unassigned public IP
address causes updateip to fail.
After commit 0536d7a98b832fc00d26b09c26bf14fb63dbf5fb (which improves
IP address state checking), this will almost certainly not occur on
platforms with getifaddrs(3) (e.g. Linux). This means it is only
likely to occur in 4.21 when net.ipv4.ip_nonlocal_bind=1.
Martin Schwenke [Wed, 15 Oct 2025 21:17:44 +0000 (08:17 +1100)]
ctdb-daemon: Fix a crash due to a failed updateip
This should really be a takeip. However, CTDB's weak check of the IP
address state (using bind(2)) incorrectly indicates that the IP
address is assigned to an interface so it is converted to an updateip.
After commit 0536d7a98b832fc00d26b09c26bf14fb63dbf5fb (which improves
IP address state checking), this will almost certainly not occur on
platforms with getifaddrs(3) (e.g. Linux). This means it is only
likely to occur in 4.21 when net.ipv4.ip_nonlocal_bind=1.
This commit fixes a situation in which vfs_streams_xattr could
write unitialized memory into alternate data streams if the
user writes to an offset that is beyond the current end of file
to insert a hole in it.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Oct 16 18:42:05 UTC 2025 on atb-devel-224
If AddressSanitizer is loaded it will detect alignment issues. The tool
is not ours, so ignore it.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Thu Oct 16 09:34:58 UTC 2025 on atb-devel-224
Martin Schwenke [Sat, 11 Oct 2025 06:52:32 +0000 (17:52 +1100)]
ctdb-tests: Don't hard code creation of $CTDB_BASE/events/legacy/
setup_ctdb_base() should always create from etc-ctdb/. That directory
may be changed to not include the legacy/ component subdirectory, so
don't hard-code this particular subdirectory.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 14 17:57:49 UTC 2025 on atb-devel-224
Martin Schwenke [Tue, 7 Oct 2025 11:27:06 +0000 (22:27 +1100)]
ctdb-tests: Improve setup_ctdb_base() to fix local_daemons.sh bug
$ ctdb/tests/local_daemons.sh foo onnode 0 ctdb event script list legacy
Unable to find event script installation directory: foo/node.0/share/events/legacy
This happens if the $CTDB_BASE/share/events/legacy/ directory does not
exist. This directory is (theoretically) for installed but not
necessarily enabled event scripts. ctdb/tests/etc-ctdb/ contains
events/legacy/ but setup_ctdb_base() currently does not ensure
creation of the corresponding directory under $CTDB_BASE/share/.
Ensure that an event script component installation subdirectory exists
for each corresponding configuration subdirectory.
An alternative would be to continue to allow the existing failure, but
create directory ctdb/tests/etc-ctdb/share/events/legacy/ specifically
to make local_daemons.sh work. However, it took 5 years to find the
current bug, so this may be too subtle for other users of
local_daemons.sh. Anyone wanting to test the failure case can remove
unwanted subdirectories after "local_daemons.sh setup".
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Ralph Boehme <slow@samba.org>
0x7d2f14452360 is located 736 bytes inside of 861-byte region [0x7d2f14452080,0x7d2f144523dd)
freed by thread T0 here:
#0 0x7faf16d208eb (/lib64/libasan.so.8+0x1208eb) (BuildId: 61b31c4760766f5f2552c32e175755894d8f6565)
#1 0x7faf14560a72 in _tc_free_poolmem ../../lib/talloc/talloc.c:1080
#2 0x7faf1455f71b in _tc_free_internal ../../lib/talloc/talloc.c:1215
#3 0x7faf1455ee1b in _tc_free_children_internal ../../lib/talloc/talloc.c:1669
#4 0x7faf1455ee1b in _tc_free_internal ../../lib/talloc/talloc.c:1184
#5 0x7faf14560315 in _talloc_free_internal ../../lib/talloc/talloc.c:1248
#6 0x7faf14560315 in _talloc_free ../../lib/talloc/talloc.c:1792
#7 0x7baf0a5c3883 in py_cli_notify_get_changes ../../source3/libsmb/pylibsmb.c:2274
#8 0x7faf165ba239 (/lib64/glibc-hwcaps/x86-64-v3/libpython3.13.so.1.0+0x1ba239) (BuildId: 3925b60e845f4803e4de04e1fdf7845f2e54ecb0)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Oct 14 12:35:37 UTC 2025 on atb-devel-224
Volker Lendecke [Mon, 13 Oct 2025 09:18:35 +0000 (11:18 +0200)]
vfs_fake_acls: Fix error path return in fake_acls_fstatat()
Thanks to Jeremy for pointing this out to me!
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Oct 14 08:27:39 UTC 2025 on atb-devel-224
Gary Lockyer [Sun, 12 Oct 2025 20:46:16 +0000 (09:46 +1300)]
s4:torture:vfs:fruit fix Clang compilation issue
Fix:
[4176/4995] Compiling source4/torture/vfs/fruit.c
../../source4/torture/vfs/fruit.c:7900:2: error: variable 'h' is used
uninitialized whenever 'if' condition is true
[-Werror,-Wsometimes-uninitialized]
7900 | CHECK_STATUS(status, NT_STATUS_OK);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Oct 13 04:42:16 UTC 2025 on atb-devel-224
Ralph Boehme [Sat, 27 Sep 2025 11:01:32 +0000 (13:01 +0200)]
smbtorture: add test "smb2.lease.lease-epoch"
Verifies the lease epoch is not incremented by the server (returns what the
client sent in the request) if a lease was not granted ie lease_level=NONE.
Test passes against Windows 2025.
From MS-SMB2 3.3.5.9.11 "Handling the SMB2_CREATE_REQUEST_LEASE_V2 Create
Context":
If the object store succeeds this request, Lease.LeaseState MUST be set to the
new caching state. The server MUST increment Lease.Epoch by 1.
Ralph Boehme [Fri, 28 Feb 2025 05:15:26 +0000 (06:15 +0100)]
smbtorture: correctly handle scale-out shares in smb2.durable-v2-open.create-blob
On a share with SMB2_SHARE_CAP_SCALEOUT capability the cluster doesn't
grant batch oplocks, at most level-II oplocks and it also doesn't
grant durable-handles (v1 or v2) as they require an RWH-lease.
With this change the test passes against Windows Server 2025.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Wed, 9 May 2018 06:25:51 +0000 (08:25 +0200)]
smbtorture: fix smb2.durable-v2-open.open-lease and smb2.durable-v2-open.persistent-open-lease
Only check the resulting lease state if we actually requested a lease and
correctly deal with SMB2_SHARE_CAP_SCALEOUT shares where the server grants at
most R leases and no Durable Handles.
With this change the test passes against Windows Server 2025.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Thu, 9 Oct 2025 13:27:31 +0000 (15:27 +0200)]
smbd: use op->global->open_global_id for the share_mode_entry.share_file_id
open_global_id is an uint32_t, share_file_id is an uint64_t.
For internal opens that don't have an smbXsrv_open_global.tdb entry, continue to
use a generation counter starting at UINT32_MAX + 1.
We don't expose internal opens via srvsrc, which imposes the requirement for
using an uint32_t, so we can use larger ids for the internal opens as srvsvc
never sees them (as they're not in smbXsrv_open_global.tdb and srvsvc as any
other component listing open files like smbstatus lists smbXsrv_open_global.tdb).
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Oct 10 11:43:16 UTC 2025 on atb-devel-224
Ralph Boehme [Thu, 9 Oct 2025 13:17:38 +0000 (15:17 +0200)]
smbd: move calling fsp_set_gen_id() to fsp_bind_smb()
No change in behaviour. fsp_set_gen_id() sets the primary key for the
share_mode_entry of the corresponding open file handle. None of the pathref fsp
needs that before being passed to SMB_VFS_CREATE_FILE().
As file_new() calls fsp_bind_smb(), all fsps will get an id when
create_file_unixpath() either calls file_new when creating files or it calls
fsp_bind_smb() when "converting" an pathref fsp that was passed into
SMB_VFS_CREATE_FILE() to an FSA fsp.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Thu, 18 Sep 2025 18:35:22 +0000 (20:35 +0200)]
smbd: hang directory pattern matching case sensitivity on the pathname
For the SMB3 POSIX client both posix_open=true and (fsp->fsp_name->flags &
SMB_FILENAME_POSIX_PATH) will always be the case, so this is no change in
behaviour for that case.
However, for the macOS client fruit will carefully setup both flags as
posix_open=true but SMB_FILENAME_POSIX_PATH will not be set.
This is a deliberate hack to give the macOS client POSIX behaviour for some
operations, but not for others, while also allowing the POSIX-ified macOS client
to continue to get case insensitive behavour.
Ralph Boehme [Thu, 18 Sep 2025 21:44:34 +0000 (23:44 +0200)]
smbd: hang posix brl per-handle check on the pathname
For the SMB3 POSIX client both posix_open=true and (fsp->fsp_name->flags &
SMB_FILENAME_POSIX_PATH) will always be the case, so this is no change in
behaviour for that case.
However, for the macOS client fruit will carefully setup both flags as
posix_open=true but SMB_FILENAME_POSIX_PATH will not be set.
This is a deliberate hack to give the macOS client POSIX behaviour for some
operations, but not for others, while also allowing the POSIX-ified macOS client
to continue to get case insensitive behavour.
Tags alls opens as POSIX by setting fsp_flags.posix_open to true.
POSIX handles have different behaviour compared to Windows:
Behaviour | POSIX | Windows | macOS |fruit:posix_opens = yes
-----------------------------------+------------+----------------------------------------
Deleting files with open handles | yes | no | yes | yes
Moving directories with open files | yes | no | yes | yes
Byterange locks behaviour | POSIX-ish | Window-ish | POSIX-ish | POSIX-ish
Sticky writetime | no | yes | no | no
Case sensitive | no | yes | yes | yes
Streams allowed | no | yes | yes | yes
macOS follows POSIX for the first four, but needs case insensitive behaviour
and needs streams.
By carefully setting fsp_flags.posix_open to true *after* going through the path
resolution logic, but before opens are added to locking.tdb, with
"fruit:posix_opens = yes" we get closest to macOS semantics.
Volker Lendecke [Sat, 4 Oct 2025 16:55:42 +0000 (18:55 +0200)]
vfs_fake_acls: Call fake_acls_fstatat() from fake_acls_[l]stat()
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Oct 10 09:26:47 UTC 2025 on atb-devel-224
Map the content of sdb_certificate_mappings to the hdb extension
HDB_Ext_CertificateMapping
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Jennifer Sutton <jsutton@samba.org>
Autobuild-Date(master): Fri Oct 10 02:30:06 UTC 2025 on atb-devel-224
Gary Lockyer [Thu, 28 Aug 2025 23:05:10 +0000 (11:05 +1200)]
config: add certificate backdating compensation
When preforming certificate based kerberos authentication (PKINIT) with
"strong certificate binding enforcement = compatibility"", for WEAK mappings
the certificate issue date must be after the date the user record was created.
This parameter relaxes that constraint by allowing the certificate to have been
issued up to the specified number of minutes before the user record was created.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
This parameter controls the enforcement of Windows Certificate bindings as
outlined in "KB5014754: Certificate-based authentication changes on Windows
domain controllers",
when preforming certificate based kerberos authentication (PKINIT)
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Gary Lockyer [Mon, 6 Oct 2025 01:28:19 +0000 (14:28 +1300)]
s4:dsdb:audit_log change action for auth info
Change the action logged for authentication information changes from
"Public key change" to "Auth info change". To reflect that it's not just
changes to public keys that get logged.
This doesn't require a JSON log format version change, because the
version was recently bumped in c9e752ab18f43758d704951f7f31e39dafa6fdb4
and there hasn't been a Samba release in the meantime.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Mon, 6 Oct 2025 00:06:12 +0000 (13:06 +1300)]
s4:dsdb:audit_log log auth info changes
Log changes to altSecurityIdentities, dNSHostName, msDS-additionalDnsHostNames
and servicePrincipal name in the same way that changes to mdDS-keyCredentialLink
changes are logged.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Sun, 5 Oct 2025 21:29:28 +0000 (10:29 +1300)]
tests:audit_log_pass_change refactor the tests
Refactor python/samba/tests/audit_log_pass_change.py to make it easier add tests
for the logging of changes to alternateSecurityIdentities, dNSHostName,
servicePrincipleName
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
projects / thirdparty / samba.git / log
