Volker Lendecke [Mon, 12 Oct 2015 19:30:30 +0000 (21:30 +0200)]
lib: Push down unique generation one level
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 18:59:57 +0000 (20:59 +0200)]
lib: Remove unused global my_unique_id
The unique_id is now always attached to a messaging_context.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:37:14 +0000 (17:37 +0200)]
lib: Remove unused procid_is_me()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:28:14 +0000 (17:28 +0200)]
lib: Remove unused procid_self()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:26:34 +0000 (17:26 +0200)]
lib: Remove procid_self() from messages.c
This together with the removal of procid_self obsoletes the global
my_unique.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 16 Oct 2015 09:36:48 +0000 (11:36 +0200)]
lib: Fix pid_to_procid()
Putting in my_unique_id is just wrong. Now that we have
a cheap way to read everyone's unique ids out of the lockfile,
we can fix it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:21:55 +0000 (17:21 +0200)]
winbindd: Remove reference to procid_self()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:21:30 +0000 (17:21 +0200)]
fssd: Remove reference to procid_self()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 15:20:48 +0000 (17:20 +0200)]
auth: Remove procid_self() from auth_samba4
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 16 Oct 2015 22:13:47 +0000 (15:13 -0700)]
smbd: Fix file name buflen and padding in notify repsonse
The array is uint16, doubling the file name length consumes twice the space
required.
As we're hand assembling this as a series of concatinated individual data_blobs,
we must take care to ensure the correct 4 byte alignment that was
being masked by the previous doubling of the filename length.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10634
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Oct 18 01:56:41 CEST 2015 on sn-devel-104
Ralph Boehme [Mon, 24 Aug 2015 15:45:14 +0000 (17:45 +0200)]
vfs_streams_xattr: fix and simplify streams_xattr_get_name()
streams_xattr_get_name() fails to chop off the stream type in case
config->store_stream_type is false and the passed stream name contains a
stream type.
Eg when the passed in stream name is ":mystream:$DATA", but
config->store_stream_type is false, we must generate a xattr name of
"mystream" or "user.mystream".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11466
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 16 23:27:01 CEST 2015 on sn-devel-104
Ralph Boehme [Mon, 24 Aug 2015 15:43:40 +0000 (17:43 +0200)]
vfs_fruit: hide the Netatalk metadata xattr in streaminfo
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11466
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 24 Aug 2015 15:42:35 +0000 (17:42 +0200)]
vfs_fruit: add and use define for the Netatalk metadata xattr
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11466
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Anoop C S [Fri, 9 Oct 2015 11:32:52 +0000 (11:32 +0000)]
s3.lib: Remove invalid switch case from sysquotas_nfs
getquota_rslt structure from rquota.h defines the enum
named status whose values start from 1. But in
sysquotas_nfs.c we have an invalid check for status 0.
This change is to remove that particular switch case.
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Mon, 10 Aug 2015 00:40:13 +0000 (12:40 +1200)]
build: Build *_wrapper without -DNDEBUG for in-tree use
These binaires are not installed, so are only used in make test,
and there we need debug output.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Oct 16 16:36:22 CEST 2015 on sn-devel-104
Douglas Bagnall [Thu, 1 Oct 2015 04:24:02 +0000 (17:24 +1300)]
ntlm auth: spelling fixes
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Douglas Bagnall [Wed, 19 Aug 2015 22:00:11 +0000 (10:00 +1200)]
samba-tool --help: possessive pronoun "its" has no apostrophe
"it's" is reserved for the contraction of "it is".
This *is* somewhat illogical, which is how you know its proper
English.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Martin Schwenke [Wed, 14 Oct 2015 04:06:56 +0000 (15:06 +1100)]
ctdb-scripts: Lock debugging should print kernel stack for process in D state
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
Martin Schwenke [Thu, 8 Oct 2015 09:25:20 +0000 (20:25 +1100)]
ctdb-daemon: Change handling of default capabilities
Centrally define all the default capabilities to make the defaults
crystal clear. Capability-related command-line options now have a
direct correspondence rather than a reverse correspondence.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Fri, 16 Oct 2015 03:45:28 +0000 (14:45 +1100)]
ctdb-recovery: Update vnnmap before database recovery
Once the databases are recovered, all the pending calls are resent.
If the vnnmap is not updated, then the nodes can redirect calls to nodes
that are not part of the new vnnmap.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Oct 16 09:31:34 CEST 2015 on sn-devel-104
Anubhav Rakshit [Wed, 14 Oct 2015 12:46:06 +0000 (18:16 +0530)]
s4:torture: Add test case for Replay of Persistent Handle on a Single Channel.
Signed-off-by: Anubhav Rakshit <anubhav.rakshit@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 16 02:00:28 CEST 2015 on sn-devel-104
Jeremy Allison [Wed, 14 Oct 2015 18:20:08 +0000 (11:20 -0700)]
s3: test: Fix standalone valid users fileserver test.
Test was originally added for bug #11320. At the time
I remarked the only way I could get this to reproduce
the issue was to use "+WORKGROUP\userdup" instead of
just "+userdup" (which was the actual problem reported),
but I didn't investigage enough to discover the underlying
problem which is actually bug:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11555
(lookup_names() logic for unqualified (no DOMAIN\
component) names is incorrect). On a standalone
fileserver "WORKGROUP\name" should not resolve,
but "NETBIOS-NAME\name" and just "name" should.
This corrects the test now that lookups for unqualified
names are now being done correctly.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Thu Oct 15 22:58:54 CEST 2015 on sn-devel-104
Jeremy Allison [Thu, 15 Oct 2015 16:20:58 +0000 (09:20 -0700)]
s3: lsa: lookup_name() logic for unqualified (no DOMAIN\ component) names is incorrect.
Change so we only use unqualified name lookup logic if
domain component = "" and LOOKUP_NAME_ISOLATED flag is
passed in.
Remember to search for "NT Authority" *before* going
into unqualified name lookup logic.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11555
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Ralph Boehme [Thu, 15 Oct 2015 10:35:26 +0000 (12:35 +0200)]
s3:lib: validate domain name in lookup_wellknown_name()
If domain argument is not an empty string, only search the matching
wellknown domain name.
As the only wellknown domain with a name is "NT Authority", passing ""
to lookup_wellknown_name() will search all domains inlcuding "NT
Authority".
Passing "NT Authority" otoh will obviously only search that domain.
This change makes lookup_wellknown_name() behave like this:
in domain | in name | ok | out sid | out domain
========================================================
Dialup + S-1-5-1 NT Authority
NT Authority Dialup + S-1-5-1 NT Authority
Creator Authority Dialup - - -
Creator Owner + S-1-3-0 ""
Creator Authority Creator Owner - - -
NT Authority Creator Owner - - -
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11555
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Jeremy Allison [Tue, 13 Oct 2015 22:33:47 +0000 (15:33 -0700)]
s4: torture: Add SMB2 access-based enumeration test. Passes against Win2k12R2.
https://bugzilla.samba.org/show_bug.cgi?id=10252
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Oct 14 19:00:03 CEST 2015 on sn-devel-104
Jeremy Allison [Fri, 9 Oct 2015 22:08:05 +0000 (15:08 -0700)]
lib: cli: Add accessor function smb2cli_tcon_flags() to get tcon flags.
We need this to see if a share supports access-based enumeration.
https://bugzilla.samba.org/show_bug.cgi?id=10252
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Tue, 13 Oct 2015 23:49:41 +0000 (16:49 -0700)]
s3: smbd: Fix our access-based enumeration on "hide unreadable" to match Windows.
Torture test to follow.
https://bugzilla.samba.org/show_bug.cgi?id=10252
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Wed, 14 Oct 2015 09:21:52 +0000 (11:21 +0200)]
ctdb: fix typos in wscript comment.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Amitay Isaacs [Tue, 13 Oct 2015 23:09:08 +0000 (10:09 +1100)]
ctdb-tests: Fix CID
1327218-
1327221
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Oct 14 13:32:02 CEST 2015 on sn-devel-104
Ralph Boehme [Tue, 13 Oct 2015 17:08:00 +0000 (19:08 +0200)]
s3:lib/messages: fix error check in messaging_filtered_read_send()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Oct 14 10:21:09 CEST 2015 on sn-devel-104
Volker Lendecke [Tue, 13 Oct 2015 18:42:06 +0000 (20:42 +0200)]
ctdb: Fix CID
1327223 Unbounded source buffer
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 14 05:22:28 CEST 2015 on sn-devel-104
Volker Lendecke [Tue, 13 Oct 2015 18:40:54 +0000 (20:40 +0200)]
ctdb: Fix CID
1327224 Unbounded source buffer
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 13 Oct 2015 18:34:24 +0000 (20:34 +0200)]
lib: Fix CID
1327227 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 20:10:51 +0000 (22:10 +0200)]
libdap: Fix a '\0' vs NULL mixup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 14:52:49 +0000 (16:52 +0200)]
ctdbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Marc Muehlfeld [Mon, 12 Oct 2015 20:49:10 +0000 (22:49 +0200)]
Fixes for server role parameter in smb.conf manpage
The manpage says that the value for an AD DC is "ACTIVE DIRECTORY
DOMAIN CONTROLLER", not "DOMAIN CONTROLLER", like mentioned in
the example.
Additinally the correct value for BDC is "CLASSIC BACKUP DOMAIN CONTROLLER"
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Oct 13 09:38:01 CEST 2015 on sn-devel-104
Thomas Nagy [Sat, 3 Oct 2015 20:29:15 +0000 (22:29 +0200)]
build:wafsamba: Enable feature-compatible declaration for Waf 1.8
In Waf 1.8 the declaration is features='c', not features='cc'. These changes
prepare the replacement of Waf 1.5 by Waf 1.8 for Samba.
Signed-off-by: Thomas Nagy <tnagy@waf.io>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Thu, 1 Oct 2015 22:27:22 +0000 (00:27 +0200)]
Rely on /dev/urandom
This removes quite a bit of code. All reasonable systems have /dev/urandom
these days. Linux, Solaris and the BSDs do. In case we find a system
without /dev/urandom, we will have to go hunting in other libraries.
The main reason for this is speed: On Ubuntu 14.04 doing direct reads from
/dev/urandom is 2-3 times faster than our md4 based code. On virtualized
FreeBSD 10 the difference is even larger.
My first approach was to use fopen/fread. It was even faster, but less
than twice as fast. So I thought we could save the additional complexity
when having to deal with throwing away buffers when forking and the
additional memory footprint per process.
With this simple generate_random_buffer it will be easier to adapt new
syscalls to get randomness.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 13 04:25:39 CEST 2015 on sn-devel-104
Volker Lendecke [Fri, 2 Oct 2015 22:27:22 +0000 (00:27 +0200)]
lib: Add a little tool to perftest generate_random_buffer()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 13:57:34 +0000 (15:57 +0200)]
lib: Move sys_rw* to lib/util
genrand.c will require it soon
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 12 Oct 2015 10:28:04 +0000 (12:28 +0200)]
s3:locking: initialize lease pointer in share_mode_traverse_fn()
Initialize lease pointer to point to the share_mode_data leases array
entry at index lease_idx.
This fixes a bug in smbstatus where the lease info is not printed.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11549
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 13 01:14:09 CEST 2015 on sn-devel-104
Ralph Boehme [Sun, 11 Oct 2015 07:38:18 +0000 (09:38 +0200)]
s3:smbstatus: add stream name to share_entry_forall()
Add stream name argument to share_entry_forall machinery so smbstatus
can print the stream name of a file.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11550
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 7 Oct 2015 12:28:32 +0000 (14:28 +0200)]
s3:smbd: remove unused arg oplock_request
The use of oplock_request in calculate_open_access_flags() was removed
in
196da5925.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Fri, 9 Oct 2015 19:45:41 +0000 (08:45 +1300)]
pam_smbpass: REMOVE this PAM module
This pam module causes GPLv3, thread-unsafe Samba code to be directly loaded
into the address space of many system services. The code in question was not
expected to run in this context, and while using the Samba, rather than the system
password file is a admirable goal, this needs to be done over inter-process
communication, such as is done by pam_winbind.
pam_winbind is not a total replacement, as the migrate functionality used
to keep the Samba password up to date with the system password is not
present, but otherwise can provide essentially the same services.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 12 Oct 2015 10:17:56 +0000 (12:17 +0200)]
dynconfig: Fix deps, no talloc required
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Oct 12 17:06:04 CEST 2015 on sn-devel-104
Volker Lendecke [Mon, 12 Oct 2015 10:06:50 +0000 (12:06 +0200)]
talloc: Fix the O3 developer build
Compilers can't see that the child exits. Thus "exit_status" is
used uninitialized in the child.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 9 Oct 2015 10:18:53 +0000 (12:18 +0200)]
wbinfo: make --verbose --pam-logon print sids
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Oct 12 14:01:50 CEST 2015 on sn-devel-104
Richard Sharpe [Sun, 11 Oct 2015 00:58:59 +0000 (17:58 -0700)]
A small improvement to the DEBUG message when pass-through authentication
fails with ACCESS_DENIED. Increased it to log level 1 so it will print out
and pointed to Restrict NTLM as the setting so people know what to look for.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Sun Oct 11 06:28:05 CEST 2015 on sn-devel-104
Adrian Cochrane [Fri, 4 Sep 2015 00:59:57 +0000 (12:59 +1200)]
talloc: Test that talloc magic differs between processes.
Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 9 23:15:06 CEST 2015 on sn-devel-104
Adrian Cochrane [Fri, 9 Oct 2015 00:32:55 +0000 (13:32 +1300)]
talloc: Increment minor version due to added talloc_test_get_magic.
Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Adrian Cochrane [Fri, 4 Sep 2015 00:03:33 +0000 (12:03 +1200)]
talloc: Provide tests access to talloc_magic
Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Adrian Cochrane [Wed, 2 Sep 2015 01:30:31 +0000 (13:30 +1200)]
talloc: Test magic protection measures.
Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Tue, 24 Feb 2015 00:43:54 +0000 (13:43 +1300)]
lib/talloc: Provide multiple-loading detection for libtalloc via rand()
The use of rand() is strongly discrouanged, but here is it ideal, as we just want to select a different
set of random bytes if we are called again within the same process.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Wed, 16 Oct 2013 21:30:23 +0000 (10:30 +1300)]
lib/talloc: Disrupt buffer overflow attacks on Samba by using random magic
By setting the talloc magic to a random value, we make it much harder to overwrite a talloc_chunk
in a valid way with a simple buffer overflow.
The flags are placed before more senstive variables so they have to be overwritten first.
Inspired by the exploit in: http://blog.csnc.ch/wp-content/uploads/2012/07/sambaexploit_v1.0.pdf
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Tue, 24 Feb 2015 00:26:29 +0000 (13:26 +1300)]
build: Move __attribute__ ((destructor)) and ((constructor)) tests to wafsamba
This allows us to use them in talloc as well.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Thu, 8 Oct 2015 00:19:38 +0000 (17:19 -0700)]
Fix a few small spelling mistakes in DEBUG messages to reduce confusion
for those trying to debug stuff.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Thu Oct 8 08:48:06 CEST 2015 on sn-devel-104
Uri Simchoni [Wed, 7 Oct 2015 19:44:11 +0000 (22:44 +0300)]
vfs_commit: set the fd on open before calling SMB_VFS_FSTAT
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11547
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 8 02:56:41 CEST 2015 on sn-devel-104
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make messaging_send_iov_from return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make messaging_ctdbd_init return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 05:33:12 +0000 (22:33 -0700)]
lib: Use poll_intr_one_fd in ctdb_read_packet
This is an actual bug fix if someone sets "ctdb timeout" to something != 0
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 05:30:35 +0000 (22:30 -0700)]
lib: Remove messaging_tevent_context() dependency from ctdbd_conn.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdbd_probe return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdb_unwatch return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdb_watch_us return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdbd_control_local return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdbd_register_ips return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdbd_traverse return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdbd_parse return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdbd_migrate return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdbd_db_attach return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdbd_messaging_send_iov return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdbd_messaging_connection return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdbd_init_connection return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make ctdbd_register_msg_ctx return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make get_cluster_vnn return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:42:05 +0000 (20:42 -0700)]
lib: Make register_with_ctdbd return 0/errno
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:31:52 +0000 (20:31 -0700)]
lib: Rename ctdbd_control_unix to ctdbd_control
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:29:56 +0000 (20:29 -0700)]
lib: Remove ctdbd_control
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:08:53 +0000 (20:08 -0700)]
lib: Use ctdbd_control_unix in ctdbd_register_ips
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:08:53 +0000 (20:08 -0700)]
lib: Use ctdbd_control_unix in ctdbd_db_attach
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:08:53 +0000 (20:08 -0700)]
lib: Use ctdbd_control_unix in ctdbd_db_attach
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:08:53 +0000 (20:08 -0700)]
lib: Use ctdbd_control_unix in ctdbd_dbpath
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:06:59 +0000 (20:06 -0700)]
lib: Use ctdbd_control_unix in ctdbd_working
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:05:15 +0000 (20:05 -0700)]
lib: Rename a variable
We'll have "int ret" in the next commit
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:00:32 +0000 (20:00 -0700)]
lib: Use ctdbd_control_unix in get_cluster_vnn
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 03:00:32 +0000 (20:00 -0700)]
lib: Use ctdbd_control_unix in register_with_ctdbd
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 02:54:31 +0000 (19:54 -0700)]
lib: Add ctdbd_control_unix
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 3 Oct 2015 02:51:01 +0000 (19:51 -0700)]
lib: Fix error talloc leaks in ctdb_read_packet()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Amitay Isaacs [Tue, 6 Oct 2015 06:31:41 +0000 (17:31 +1100)]
ctdb-recoverd: Always check for recmaster before doing recovery
Recovery daemon checks if it is the recovery master before performing
certain checks. During those checks it's possible that re-election can
change the recmaster. In such a case, the recovery daemon should never
do a database recovery.
This is not complete fix since the recovery master can still change
while the recovery is going on. The correct fix is to abort recovery
if the recovery master changes.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Oct 7 17:55:05 CEST 2015 on sn-devel-104
Amitay Isaacs [Tue, 6 Oct 2015 03:46:48 +0000 (14:46 +1100)]
ctdb-recoverd: Get rid of connected-ness comparison in election
The reason for favouring more connected node is to create a larger
cluster in case of a split brain. In split brain condition, the nodes
are not communicating across partitions and each partition will run its
own election. Among all the partitions, the node which holds the recovery
lock will eventually "win". All the other nodes which won election but
could not grab recovery lock will end up banning themselves.
This also prevents the recovery master role from bouncing between nodes
during startup when the entire cluster is restarted.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Tue, 6 Oct 2015 00:52:06 +0000 (11:52 +1100)]
ctdb-recoverd: Do not freeze databases for election
If election occurs during SMB activity, then trying to freeze all the
databases can cause samba/ctdb deadlock which parallel database recovery
is trying to avoid.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 21 Sep 2015 07:12:25 +0000 (17:12 +1000)]
ctdb-call: Improve a log message
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 17 Sep 2015 06:22:38 +0000 (16:22 +1000)]
ctdb-recoverd: Add code for parallel database recovery
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 17 Sep 2015 06:14:51 +0000 (16:14 +1000)]
ctdb-daemon: Add parallel database recovery capability
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 17 Sep 2015 06:13:55 +0000 (16:13 +1000)]
ctdb-daemon: Use a define for default capabilities
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 17 Sep 2015 07:10:15 +0000 (17:10 +1000)]
ctdb-recoverd: Update flags on all nodes before database recovery
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 17 Sep 2015 06:07:37 +0000 (16:07 +1000)]
ctdb-recoverd: Update capabilities before the database recovery
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Thu, 17 Sep 2015 06:00:47 +0000 (16:00 +1000)]
ctdb-recovery: Factor out existing database recovery code
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 29 Jun 2015 04:56:53 +0000 (14:56 +1000)]
ctdb-recoverd: Add parallel database recovery helper
Parallel database recovery fixes the samba/ctdb deadlock during recovery.
Many times samba tries to grab multiple record locks in sequence.
Consider a case when samba is already holding a record lock on a database
and tries to get a record lock on second database. If the second record
is not available on the local node, samba asks ctdb to migrate the record.
If recovery occurs at this time (e.g. node becoming inactive), ctdb
cannot freeze all the databases since samba is already holding a lock
and waiting for the second lock. CTDB can process the second record
request only after the recovery is complete, thus causing a deadlock.
In parallel database recovery, each database is frozen and recovered
independent from each other. So as soon as the second database is
recovered, CTDB will resend all the pending migration requests and Samba
can get the second lock. Once samba releases both the locks, ctdb can
freeze the first database and recover it completing recovery process.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 9 Sep 2015 02:29:54 +0000 (12:29 +1000)]
ctdb-client: Add client API for new database controls
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>