Shweta Sodani [Wed, 25 Mar 2026 09:23:42 +0000 (14:53 +0530)]
vfs_ceph_new: fix errno handling in vfs_ceph_readdir
Signed-off-by: Shweta Sodani <ssodani@redhat.com> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: John Mulligan <jmulligan@redhat.com>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Thu Apr 2 05:49:13 UTC 2026 on atb-devel-224
Andréas Leroux [Fri, 13 Feb 2026 08:25:55 +0000 (09:25 +0100)]
s4/dns_server: truncate large dns packets over udp and set truncated flag
Large DNS response must be truncated over UDP, letting client retry over TCP. Current threshold is set to 1232 as it is regarded as a safe size.
Truncated packets have no answers nor record, only the packet header and initial question(s).
Signed-off-by: Andréas Leroux <aleroux@tranquil.it> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Jennifer Sutton <jsutton@samba.org>
Autobuild-Date(master): Wed Apr 1 05:08:14 UTC 2026 on atb-devel-224
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Tue Mar 31 09:18:43 UTC 2026 on atb-devel-224
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Tue Mar 31 00:41:46 UTC 2026 on atb-devel-224
Gary Lockyer [Thu, 26 Mar 2026 00:39:45 +0000 (13:39 +1300)]
tests:krb5 expired password handling
The windows ADDC checks password validity before password expiry. So an
incorrect expired password will return KDC_ERR_PREAUTH_REQUIRED not
KDC_ERR_KEY_EXPIRED.
The KDC behaviour fixes will be made to lorikeet-heimdal and then imported to
samba.
python:tests/krb5: Make PADATA_PK_AS_REP optional in non-strict mode
Commit c1433f821f7 added PADATA_PK_AS_REP (PA-PK-AS-REP, type 17) to
the expected padata list when check_rep_padata sees KDC_ERR_KEY_EXPIRED.
This reflects Samba's Heimdal KDC behaviour, which includes PKINIT hints
in expired-password error responses.
Samba with MIT KDC does not include PADATA_PK_AS_REP in KDC_ERR_KEY_EXPIRED
responses; it returns a METHOD-DATA with just the NTSTATUS payload (type 3) and
the FX-COOKIE (type 133). This causes test_pw_expired to fail intermittently
when the expired-password code path is exercised against MIT KDC.
Add PADATA_PK_AS_REP to the require_strict set alongside PADATA_PK_AS_REP_19,
so it is treated as optional in non-strict checking mode (STRICT_CHECKING=0)
while still being enforced in strict mode.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Mar 30 10:41:07 UTC 2026 on atb-devel-224
selftest: Add test_device_and_server_silo_restrictions to knownfail_mit_kdc
MIT KRB5 1.22 fixed a spurious FAST armor processing error. In
KRB5 1.21 this spurious error caused verify_access() with device FAST
armor to fail, which accidentally made the device silo restriction check
in test_device_and_server_silo_restrictions appear to work.
With KRB5 1.22 the spurious error is gone. Device authentication is
still not implemented in MIT Kerberos, so the second assertRaises block
(user has silo assigned, device does not) no longer raises NTSTATUSError
and the test fails.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
python:tests: Fix assertEqual placement in test_device_group_restrictions
The assertEqual calls checking the exception attributes were incorrectly
indented inside the 'with self.assertRaises()' block. When the expected
NTSTATUSError is raised by verify_access(), execution exits the block
immediately, so those lines were never reached.
When the exception is not raised (e.g. with MIT KRB5 1.22 where a spurious FAST
error was fixed), execution falls through to the assertEqual inside the block,
causing AttributeError because error.exception is only available after the
'with' block exits.
The exception returned is NT_STATUS_UNSUCCESSFUL with Heimdal.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Noel Power [Thu, 26 Mar 2026 12:03:55 +0000 (12:03 +0000)]
s3/librpc/crypto: Don't keep growing in memory keytab
When we have long living concurrent connections every rpc bind
ends up calling and subsequently adding keytab entries to the
memory keytab returned by 'gse_krb5_get_server_keytab(...)'. This is
happening because as long as there is a handle open for the
keytab named "MEMORY:cifs_srv_keytab" then we keep adding entries to
it.
Note: There is no leak of gensec_security nor the krb5_keytab
it contains. When rpc clients connected to the rpc worker process
exit the gensec_security and the krb5_keytab structures are
destructed as expected. However because we use a fixed name
"MEMORY:cifs_srv_keytab" clients end up with a handle to a
reference counted shared keytab. Destruction of the keytab results
in the associated reference count being decremented. When the
reference count reaches 0 the keytab is destroyed.
To avoid the keytab being extended the easiest solution is to ensure a
unique memory keytab is created for each client.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=16042 Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Mon Mar 30 09:36:45 UTC 2026 on atb-devel-224
Gary Lockyer [Tue, 24 Mar 2026 02:02:19 +0000 (15:02 +1300)]
quic:libquic:handshake fix clang-22 warning
Fix:
../../third_party/quic/libquic/handshake.c:567:56:
error: format specifies type 'unsigned int' but the argument has type
'size_t' (aka 'unsigned long') [-Werror,-Wformat]
567 quic_log_debug(" Read func: %u %u %u", level, htype, datalen);
~~ ^~~~~~~
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon Mar 30 01:49:56 UTC 2026 on atb-devel-224
wafsamba: Add -D_FORTIFY_SOURCE=3 when stack protector is enabled
The capability check in SAMBA_CONFIG_H() already tests that the compiler
accepts both -Wp,-D_FORTIFY_SOURCE and the stack protector flag
together, but only the stack protector flag was added to EXTRA_CFLAGS on
success.
The glibc normally silently downgrades to the supported level if the on
specified is not supported.
Note that -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 only sets it if not
already defined.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Mar 27 08:33:09 UTC 2026 on atb-devel-224
docs-xml: Sync pam_winbind with pam_winbind.conf manpage
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Mar 26 10:59:47 UTC 2026 on atb-devel-224
s3:winbind: Add support for krb5_ccache_type = DEFAULT
This will use the ccache_type defined in the krb5.conf.
Pair-Programmed-With: Pavel Filipenský <pfilipen@samba.org> Signed-off-by: Pavel Filipenský <pfilipen@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
lib:krb5_wrap: Add function to read the default_ccache_name config value
krb5_cc_default_name() expands the config value %{uid} is expanded to the
current id. However when we call this as winbind, it is expanded to root and not
the user we are authenticating. This functions reads directly from the config.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
s3:winbind: Also support %{uid} substitution for krb5_ccache_type
Pair-Programmed-With: Pavel Filipenský <pfilipen@redhat.com> Signed-off-by: Pavel Filipenský <pfilipen@redhat.com> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
Shachar Sharon [Sun, 22 Mar 2026 17:52:44 +0000 (19:52 +0200)]
vfs_ceph_new: do not set negative value in vfs_aio_state.error
Ceph uses negative error valuers but Samba's VFS expects error value as
non-negative values (errno style).
Signed-off-by: Shachar Sharon <ssharon@redhat.com> Reviewed-by: Avan Thakkar <athakkar@redhat.com> Reviewed-by: Shweta Sodani <ssodani@redhat.com> Reviewed-by: Vinit Agnihotri <vagnihot@redhat.com> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: John Mulligan <jmulligan@redhat.com>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Thu Mar 26 09:23:11 UTC 2026 on atb-devel-224
Pavel Filipenský [Wed, 11 Mar 2026 19:07:05 +0000 (20:07 +0100)]
auth: Remove talloc_set_name_const() if talloc_keep_secret() changes the talloc name
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Autobuild-User(timing): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(timing): Wed Mar 25 21:16:35 UTC 2026 on atb-devel-224
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Tue Mar 24 00:13:03 UTC 2026 on atb-devel-224
Gary Lockyer [Sun, 22 Mar 2026 19:43:39 +0000 (08:43 +1300)]
lib:util: Remove is_aligned prototype from alignment.h
is_aligned is now defined as static inline, so there's no need for the
prototype
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Mon Mar 23 08:23:50 UTC 2026 on atb-devel-224
Gary Lockyer [Wed, 18 Mar 2026 00:28:53 +0000 (13:28 +1300)]
s3:lib:netapi set talloc type for GROUP_INFO_x
Call talloc_set_type setting the type name after copying the GROUP_INFO to the
buffer. This will allow the client code to use talloc_get_type_abort, if needed
to suppress any cast-align warnings
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Volker Lendecke <vl@samba.org>
Shweta Sodani [Wed, 18 Mar 2026 14:30:21 +0000 (20:00 +0530)]
vfs_ceph_new: fix typecast error in vfs_ceph_flistxattr
Signed-off-by: Shweta Sodani <ssodani@redhat.com> Reviewed-by: Anoop C S <anoopcs@samba.org> Reviewed-by: John Mulligan <jmulligan@redhat.com>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Mar 20 06:35:12 UTC 2026 on atb-devel-224
Running it twice in a debugger didn't hit any SMB_ASSERT
and printed the expected values:
smbd version 4.25.0pre1-DEVELOPERBUILD started.
Copyright Andrew Tridgell and the Samba Team 1992-2026
daemon 'smbd' : Starting process ...
streams_xattr_connect: default_ext_prefix[0x5555555ed930][19][user.DosStreamExt.]
streams_xattr_connect: ext_prefix[0x5555555ed930][user.DosStreamExt.]
streams_xattr_connect: ext_prefix[0x5555555ed930][user.DosStreamExt.]
streams_xattr_connect: config->ext_prefix[0x5555555ed930][19][user.DosStreamExt.]
streams_xattr_connect: using stream ext prefix: user.DosStreamExt.
smbd version 4.25.0pre1-DEVELOPERBUILD started.
Copyright Andrew Tridgell and the Samba Team 1992-2026
daemon 'smbd' : Starting process ...
streams_xattr_connect: default_ext_prefix[0x5555555ed6d0][19][user.DosStreamExt.]
streams_xattr_connect: ext_prefix[0x5555555ed6d0][user.DosStreamExt.]
streams_xattr_connect: ext_prefix[0x5555555ed6d0][user.DosStreamExt.]
streams_xattr_connect: config->ext_prefix[0x5555555ed6d0][19][user.DosStreamExt.]
streams_xattr_connect: using stream ext prefix: user.DosStreamExt.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Mar 19 15:00:19 UTC 2026 on atb-devel-224
Martin Schwenke [Fri, 13 Mar 2026 06:38:43 +0000 (17:38 +1100)]
ctdb-tests: Tweak some NFS monitoring tests for portability
FreeBSD doesn't have an option to print time in nanoseconds.
We need to run something to produce fake "statistics" that are
guaranteed to change. I think this will do - the chances of getting
the same 256 bytes twice in a row seems small enough.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Mar 18 12:33:13 UTC 2026 on atb-devel-224
Martin Schwenke [Fri, 13 Mar 2026 06:12:38 +0000 (17:12 +1100)]
ctdb-scripts: Trim "wc -l" output for FreeBSD compatibility
tests/UNIT/eventscripts/10.interface.020.sh fails in case
"10.interface.script releaseip dev123 10.0.0.3 24" with:
--------------------------------------------------
Output (Exit status: 0):
--------------------------------------------------
Killed 10/10 TCP connections to released IP 10.0.0.3, using ss -K
--------------------------------------------------
Required output (Exit status: 0):
--------------------------------------------------
Killed 10/10 TCP connections to released IP 10.0.0.3, using ss -K
FAILED
==========================================================================
TEST FAILED: ./tests/UNIT/eventscripts/10.interface.020.sh (status 1) (duration: 1s)
==========================================================================
We have seen this type of thing before when output doesn't match
because FreeBSD wc -l space-pads output. For example, see commit c6c81ea287924c2924aebc6dc0cdea1dc4322ae2.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Anoop C S <anoopcs@samba.org>
Martin Schwenke [Fri, 13 Mar 2026 04:53:54 +0000 (15:53 +1100)]
ctdb-event: Fix the build on FreeBSD
FreeBSD does not have ENODATA. Sorry, I wasn't thinking about
portability when I made the changes that introduced the use of ENODATA
here. :-(
Use ENOMSG instead, for lack of anything better, to indicate a script
slot containing no result. ENOENT might seem more appropriate but it
is already involved in this code (where it is sometimes mapped to
ENOEXEC). The choice of error number only needs to be consistent
within the event code.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Tue, 3 Mar 2026 15:41:03 +0000 (16:41 +0100)]
smbd: Fix getting fs capabilities
The change from statvfs to fstatvfs has a bug: When this is called in
make_connection_snum, conn->cwd_fsp is not fully set up yet. So the
"This happens in create_conn_struct_as_root()" comment applies
everywhere. We need to look at the share rootdir, so open a pathref
fsp on it. This is called only once per tcon, so it's not in our hot
code path.
Found by a user who has "/" mounted readonly, and MacOS denied
writing.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Mar 4 10:01:41 UTC 2026 on atb-devel-224
[4102/5009] Compiling source4/torture/rpc/spoolss_notify.c
../../source4/torture/rpc/spoolss.c:3984:48: error: variable 'data' is
uninitialized when passed as a const pointer argument here
[-Werror,-Wuninitialized-const-pointer]
3984CHECK_NEEDED_SIZE_LEVEL(spoolss_PrinterData, &data, type, needed, 1);
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Tue Mar 3 05:55:25 UTC 2026 on atb-devel-224
Volker Lendecke [Tue, 17 Feb 2026 11:22:12 +0000 (12:22 +0100)]
vfs: Remove unused SMB_VFS_GETWD()
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Mar 1 21:22:24 UTC 2026 on atb-devel-224
Volker Lendecke [Mon, 16 Feb 2026 16:38:02 +0000 (17:38 +0100)]
torture: Use SINGLETON_CACHE_TALLOC in tests
GETWD_CACHE is on its way out. Despite not having _TALLOC in its name
nor it being marked as talloc in memcache.h, memcache_is_talloc()
shows it as being talloc'ed.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 15:55:58 +0000 (16:55 +0100)]
vfs: Significantly simplify vfs_ChDir_shareroot()
Now that we are sure we don't chdir to arbitrary paths, and nobody
except vfs_ChDir_shareroot() calls vfs_GetWd() anymore, we can get rid
of the getwd cache and replace the LastDir-check with a simple
if (conn == chdir_lastconn_cache) {
return 0;
}
The places where we reset LastDir to NULL, forcing a real chdir, are
replaced by a call to reset_chdir_lastconn_cache().
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 14:19:49 +0000 (15:19 +0100)]
smbd: Avoid the VFS' chdir() call in close_cnum()
The purpose of this call here is to make a file system
unmountable. For shares backed by a local file system, a direct
chdir(2) syscall to "/" will achieve the same, and shares like cephfs
backed by libraries without a local mount will not be affected
anyway. For them, a VFS level chdir("/") relative to a connection does
not make much sense anyway.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 14:12:59 +0000 (15:12 +0100)]
fss_srv: Use create_conn_struct_chdir()
This is the last user of the non-chdir create_conn_struct_tos(). While
I don't fully understand the code, this is an RPC server that *should*
not care about the current working directory. There are some tests for
this in the rpc.fsrvp group of tests, so I don't think this breaks too
badly.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 13:16:46 +0000 (14:16 +0100)]
smbd: Call create_conn_struct_chdir() in get_referred_path()
create_conn_struct_tos_cwd() provides an attempt to chdir() back to
where we came from. This is flawed, because SMB_VFS_CHDIR() is always
relative to a connection, and conn_struct_tos_destructor() calls
vfs_ChDir() on the fake connection, not the one we came from.
Remove the flawed attempt to chdir() back in get_referred_path(). The
one caller in vfswrap_get_dfs_referrals() changes back to the "real"
connection that issued the dfs call from SMB, and the RPC server
callers don't care. They rely on the chdir("/") in
conn_wrap_destructor().
This adds one chdir("/") in smbd's "get referral" calls, but those
should be rare enough not to cause performance problems.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 13:11:57 +0000 (14:11 +0100)]
dfssrv: Call create_conn_struct_chdir()
This is inside an rpc server, where we don't depend on an implicit
current working directory. We don't need the "jump back to old cwd"
that create_conn_struct_tos_cwd() provided.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 13:03:57 +0000 (14:03 +0100)]
srvsvc: Call create_conn_struct_chdir()
This is inside an rpc server, where we don't depend on an implicit
current working directory. We don't need the "jump back to old cwd"
that create_conn_struct_tos_cwd() provided.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 12:57:08 +0000 (13:57 +0100)]
eventlog: Use create_conn_struct_chdir()
I did not find any use of cwd-dependent calls in this code, the
eventlog tdb's are all relative to state_path(), which is absolute. As
this is in a rpc server we don't have to preserve any cwd.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 12:48:54 +0000 (13:48 +0100)]
printing: Call create_conn_struct_chdir()
This is only linked from rpcd_spoolss, where we don't depend on an
implicit current working directory. We don't need the "jump back to
old cwd" that create_conn_struct_tos_cwd() provided.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Volker Lendecke [Mon, 16 Feb 2026 12:14:24 +0000 (13:14 +0100)]
pysmbd: Use create_conn_struct_chdir()
pysmbd is the one user of fake connection_structs that depends on
not changing to "/" after the connection has been torn down. Add
special handling here.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
projects / thirdparty / samba.git / log
