Jeremy Allison [Tue, 14 Dec 2021 17:50:12 +0000 (09:50 -0800)]
s3: smbd: In call_trans2qfilepathinfo(), remove unneeded vfs_stat().
We know at this point that we have VALID_STAT(smb_fname->st).
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Dec 15 19:26:50 UTC 2021 on sn-devel-184
Jeremy Allison [Tue, 14 Dec 2021 00:54:07 +0000 (16:54 -0800)]
s3: smbd: Inside call_trans2setfilepathinfo(), for the TRANSACT2_SETPATHINFO case, we don't need to re-stat.
If we need a valid filesystem object, and we have a !VALID_STAT()
return from filename_convert(), the previous commit has already
errored out. We don't need a re-stat call here.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Jeremy Allison [Tue, 14 Dec 2021 00:48:14 +0000 (16:48 -0800)]
s3: smbd: Inside call_trans2setfilepathinfo(), for the TRANSACT2_SETPATHINFO case, ensure we have a VALID_STAT return from filename_convert().
Remember, filename_convert() can return NT_STATUS_OK
with !VALID_STAT() if the last component doesn't exist,
as this may be an object create.
For call_trans2setfilepathinfo(), there are only 4 info levels
for the TRANSACT2_SETPATHINFO (pathname) case that don't require
an existing filesystem object (i.e. a VALID_STAT()) in the return
from filename_convert() as they can create an object in the
filesystem.
If we don't get a VALID_STAT() and the info level isn't one of
those 4, error out.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Jeremy Allison [Mon, 13 Dec 2021 22:19:35 +0000 (14:19 -0800)]
s3: smbd: call_trans2setfilepathinfo(), TRANSACT2_SETFILEINFO case, use helper function vfs_stat().
This isn't a change in behavior, even though the
old comment says: "Always do lstat for UNIX calls".
A previous commit enforces POSIX pathname negotiation
before allowing UNIX info levels to be processed here,
so we can guarantee that SMB_FILENAME_POSIX_PATH is set
on smb_fname if we're allowing a UNIX info level.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Jeremy Allison [Mon, 13 Dec 2021 22:13:59 +0000 (14:13 -0800)]
s3: smbd: In call_trans2qfilepathinfo(), TRANSACT2_QPATHINFO, use helper function vfs_stat().
This isn't a change in behavior, even though the
old comment says: "Always do lstat for UNIX calls".
A previous commit enforces POSIX pathname negotiation
before allowing UNIX info levels to be processed here,
so we can guarantee that SMB_FILENAME_POSIX_PATH is set
on smb_fname if we're allowing a UNIX info level.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Jeremy Allison [Mon, 13 Dec 2021 22:09:33 +0000 (14:09 -0800)]
s3: smbd: In call_trans2qfilepathinfo(), TRANSACT2_QPATHINFO on a named stream case, use helper function vfs_stat().
This isn't a change in behavior, even though the
old comment says: "Always do lstat for UNIX calls".
A previous commit enforces POSIX pathname negotiation
before allowing UNIX info levels to be processed here,
so we can guarantee that SMB_FILENAME_POSIX_PATH is set
on smb_fname if we're allowing a UNIX info level.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Jeremy Allison [Mon, 13 Dec 2021 22:05:32 +0000 (14:05 -0800)]
s3: smbd: In call_trans2qfilepathinfo(), TRANSACT2_QFILEINFO case, use helper function vfs_stat().
This isn't a change in behavior, even though the
old comment says: "Always do lstat for UNIX calls".
A previous commit enforces POSIX pathname negotiation
before allowing UNIX info levels to be processed here,
so we can guarantee that SMB_FILENAME_POSIX_PATH is set
on smb_fname if we're allowing a UNIX info level.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Joseph Sutton [Tue, 14 Dec 2021 06:16:15 +0000 (19:16 +1300)]
tests/krb5: Add tests for AS-REQ to self with FAST
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Dec 15 04:33:11 UTC 2021 on sn-devel-184
Joseph Sutton [Tue, 14 Dec 2021 06:16:00 +0000 (19:16 +1300)]
tests/krb5: Correctly determine whether tickets are service tickets
Previously we expected tickets to contain a ticket checksum if the sname
was not the krbtgt. However, the ticket checksum should not be present
if we are performing an AS-REQ to our own account. Now we determine a
ticket is a service ticket only if the request is also a TGS-REQ.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Mon, 13 Dec 2021 16:49:51 +0000 (17:49 +0100)]
tdb: Raw performance torture to beat tdb_increment_seqnum
Running this on sn-devel-184 takes ~14 seconds with the atomic
ops. Without them I did not wait for it to finish. After reducing
NPROCS from 500 to 50 it still ran for more than a minute.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Dec 15 01:03:56 UTC 2021 on sn-devel-184
Volker Lendecke [Mon, 13 Dec 2021 16:42:12 +0000 (17:42 +0100)]
tdb: Use atomic operations for tdb_[increment|get]_seqnum
With locking.tdb now based on g_lock.c code, we change locking.tdb a
lot more often. I have a customer case where LDX tortures smbd very
hard with 800+ concurrent connections, which now completely falls over
where 4.12 still worked fine. Some debugging showed a thundering herd
on fcntl locking.tdb index 48 (TDB_SEQNUM_OFS). We still use fcntl for
the seqnum, back when we converted the chainlocks to mutexes we did
not consider it to be a problem. Now it is, but all we need to do with
the SEQNUM is to increment it, so an __atomic_add_fetch() of one is
sufficient.
I've taken a look at the C11 standard atomics, but I could not figure
out how to use them properly, to me they seem more general to be
initialized first etc. All we need is a X86 "lock incl 48(%rax)" to be
emitted, and the gcc __atomic_add_fetch seems to do this.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Bernd Kuhls [Sun, 12 Dec 2021 09:27:42 +0000 (10:27 +0100)]
lib/util: Add signal.h include
Fixes build error with samba-4.15.3 and uClibc:
../../source3/printing/samba-bgqd.c: In function ‘main’:
../../source3/printing/samba-bgqd.c:340:21: error: ‘SIGPIPE’ undeclared (first use in this function); did you mean ‘EPIPE’?
../../source3/printing/samba-bgqd.c:384:14: error: ‘SIGTERM’ undeclared (first use in this function)
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Dec 13 16:22:28 UTC 2021 on sn-devel-184
And remove the file knownfail.d/posix_infolevel_fails itself.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Dec 11 12:03:36 UTC 2021 on sn-devel-184
Jeremy Allison [Fri, 19 Nov 2021 20:15:06 +0000 (12:15 -0800)]
s4: torture: Fix unix.info2 test to actually negotiate SMB1+POSIX before using POSIX calls.
Cope with the minor difference in wildcard search return when
we're actually using SMB1+POSIX on the server (SMB1+POSIX treats
all directory search paths as wildcards).
Remove the following entries in knownfail.d/posix_infolevel_fails.
Jeremy Allison [Sun, 21 Nov 2021 04:17:11 +0000 (20:17 -0800)]
s3: smbclient: Give a message if we try and use any POSIX command without negotiating POSIX first.
Ensure we only use a POSIX command if POSIX is set up.
Issue the message: Command "posix" must be issued before the "XXXX" command can be used.
After the parameter parsing has been done.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Dec 11 08:07:14 UTC 2021 on sn-devel-184
Jeremy Allison [Fri, 3 Dec 2021 18:35:09 +0000 (10:35 -0800)]
s3: smbd: Add filename_convert_smb1_search_path() - deals with SMB1 search pathnames.
SMB1search and trans2 findfirst are unique in that
they are the only passed in pathnames that can contain
a terminal wildcard component.
Deal with these two special cases with this new function
that strips off the terminal wildcard and returns as
the mask, and pass the non-wildcard parent directory
component through the standard filename_convert().
Uses new helper function strip_gmt_from_raw_dfs().
When SMB1search and trans2 findfirst have been
converted to use this function, we can strip all
wildcard handling out of filename_convert() as
we now know it will only ever be given valid
pathnames.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Sat, 4 Dec 2021 00:14:08 +0000 (16:14 -0800)]
s3: smbd: Allow dfs_redirect() to return a TWRP token it got from a parsed pathname.
This one is subtle. If an SMB1 request has both a DFS path and a @GMT token,
the unix_convert() inside the DFS path processing will remove the @GMT
token, not allowing the subsequent unix_convert() inside filename_convert()
to see it. By returning it from dfs_redirect() we can ensure it's correctly
added to the smb_filename returned from filename_convert().
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 3 Dec 2021 18:19:38 +0000 (10:19 -0800)]
s3: smbd: filename_convert() is now a one-to-one wrapper around filename_convert_internal().
Remove filename_convert() and rename filename_convert_internal() -> filename_convert().
Move the old DEBUG(..) statements to DBG_XXX() so they don't print the wrong name.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 10 Dec 2021 00:14:40 +0000 (16:14 -0800)]
s3: smbd: Comment out the old unlink_internals(). Rename do_unlink() -> unlink_internals().
One parameter needs changing position. The logic inside unlink_internals()
is no longer needed if it doesn't accept wildcards. filename_convert()
already handles mangled names just fine, so we don't need this logic.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 10 Dec 2021 00:08:07 +0000 (16:08 -0800)]
s3: smbd: Move setting of dirtype if FILE_ATTRIBUTE_NORMAL to do_unlink().
Now we don't use wildcards when calling in unlink_internals()
the logic inside it serves no purpose and can be replaced with
a direct call to do_unlink() (which we will rename to unlink_internals()).
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
source3/torture/torture.c:4309:17: error: ‘pname’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
4309 | printf("qfilename gave different name? [%s] [%s]\n",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4310 | fname, pname);
| ~~~~~~~~~~~~~
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Dec 11 00:25:46 UTC 2021 on sn-devel-184
Jeremy Allison [Thu, 30 Sep 2021 23:05:49 +0000 (16:05 -0700)]
WHATSNEW. Added section about samba-dcerpcd.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Dec 10 14:52:54 UTC 2021 on sn-devel-184
Volker Lendecke [Fri, 18 Jun 2021 17:11:19 +0000 (19:11 +0200)]
s3:rpc_server: Activate samba-dcerpcd
This is the big switch to use samba-dcerpcd for the RPC services in
source3/. It is a pretty big and unordered patch, but I don't see a
good way to split this up into more manageable pieces without
sacrificing bisectability even more. Probably I could cut out a few
small ones, but a major architechtural switch like this will always be
messy.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 16 Jun 2021 06:31:56 +0000 (08:31 +0200)]
s3:printing: Move pcap_cache_loaded() to load.c
A future patch will remove the PRINTING dependency from smbd, but in
delete_and_reload_printers() we still reference it.
Maybe at some later stage we can remove reload_printers() overall, we
don't really need to load the full printer list into every smbd. All
we need is to load them on-demand for explicit listing functions, but
there we can throw them away again. And when someone connects to the
printer, we can also load them on demand.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Helper routine to connect to bind to a locally started rpcd_* process's
rpc interface.
Based upon local_np_connect() to start samba-dcerpcd on demand if it's
not there, designed to replace our internal RPC interfaces where the
RPC server runs in the same process. This will be called from winbindd_cm.c
and source3/rpc_server/rpc_ncacn_np.c
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>