Stefan Metzmacher [Wed, 14 Jul 2021 20:30:19 +0000 (22:30 +0200)]
tdb: version 1.4.4
- Fix a memory leak on error
- python: remove all 'from __future__ import print_function'
- Fix CID
1471761 String not null terminated
- Use hex_byte() in parse_hex()
- Use hex_byte() in read_data()
- fix studio compiler build
- Fix some signed/unsigned comparisons
- also use __has_attribute macro to check for attribute support
- Fix clang 9 missing-field-initializer warnings
- pytdb tests: add test for storev()
- pytdb: add python binding for storev()
- tdbtorture: Use ARRAY_DEL_ELEMENT()
- py3: Remove #define PyInt_FromLong PyLong_FromLong
- py3: Remove #define PyInt_AsLong PyLong_AsLong
- py3: Remove #define PyInt_Check PyLong_Check
- tdb: Align integer types
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 14 Jul 2021 20:28:19 +0000 (22:28 +0200)]
talloc: version 2.3.3
- python: Ensure reference counts are properly incremented
- Bug 9931: change pytalloc source to LGPL
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Isaac Boukris [Thu, 17 Sep 2020 09:12:53 +0000 (11:12 +0200)]
s3:winbind: Get rid of the winbind dc-connect child
The new code uses PING_DC to tell the child to try to go online.
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Tue, 13 Jul 2021 12:39:38 +0000 (14:39 +0200)]
s3:winbind: Remove trailing whitespaces in winbindd_dual.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Tue, 13 Jul 2021 12:37:17 +0000 (14:37 +0200)]
s3:winbind: Remove trailing whitespaces in winbindd_cm.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Tue, 13 Jul 2021 12:38:56 +0000 (14:38 +0200)]
s3:winbind: Remove trailing whitespaces in winbindd.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Fri, 4 Jun 2021 22:32:17 +0000 (00:32 +0200)]
s4-selftest: add net offlinejoin tests
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jul 14 17:38:21 UTC 2021 on sn-devel-184
Günther Deschner [Tue, 13 Apr 2021 16:45:56 +0000 (18:45 +0200)]
docs: document "net offlinejoin" set of commands
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Tue, 9 Mar 2021 12:52:51 +0000 (13:52 +0100)]
s3-net: add "net offlinejoin" command
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Tue, 9 Feb 2021 16:16:04 +0000 (17:16 +0100)]
s3-libnetapi: add djoin tool
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Tue, 9 Feb 2021 16:15:20 +0000 (17:15 +0100)]
s3-libnetapi: implement NetRequestOfflineDomainJoin_l
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 8 Feb 2021 14:35:31 +0000 (15:35 +0100)]
s3-libnetapi: add NetRequestOfflineDomainJoin example code
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 8 Feb 2021 14:50:21 +0000 (15:50 +0100)]
s3-libnetapi: add NetRequestOfflineDomainJoin to api
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 8 Feb 2021 12:59:40 +0000 (13:59 +0100)]
s3-libnetapi: add NetRequestOfflineDomainJoin() boilerplate.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 8 Feb 2021 12:44:54 +0000 (13:44 +0100)]
s3-libnetapi: add NetRequestOfflineDomainJoin to IDL
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Fri, 5 Feb 2021 12:05:45 +0000 (13:05 +0100)]
s3-libnetapi: implement NetProvisionComputerAccount_l
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Thu, 4 Feb 2021 21:03:54 +0000 (22:03 +0100)]
s3-libnetapi: add NetProvisionComputerAccount example code
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Thu, 4 Feb 2021 21:02:54 +0000 (22:02 +0100)]
s3-libnetapi: add NetProvisionComputerAccount to api.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Thu, 4 Feb 2021 20:41:27 +0000 (21:41 +0100)]
s3-libnetapi: add NetProvisionComputerAccount() boilerplate
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Wed, 3 Feb 2021 14:28:13 +0000 (15:28 +0100)]
s3-libnetapi: add NetProvisionComputerAccount() to IDL
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Thu, 18 Feb 2021 15:10:01 +0000 (16:10 +0100)]
s3-libnetapi: add netapi_save_file_ucs2() to example code
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Wed, 10 Feb 2021 11:21:31 +0000 (12:21 +0100)]
s3-libnetapi: add netapi_read_file helper
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 8 Feb 2021 13:01:42 +0000 (14:01 +0100)]
s3-libnetapi: add offline domain join related error codes (not WERRORs)
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Wed, 3 Feb 2021 14:08:03 +0000 (15:08 +0100)]
s3-libnetapi: add missing NetJoinFlags for netapi
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 15 Feb 2021 16:33:46 +0000 (17:33 +0100)]
s3-libnetapi: add libnetapi_set_logfile()
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Thu, 8 Apr 2021 20:14:41 +0000 (22:14 +0200)]
s3-libnetapi: add libnetapi_get_use_kerberos()
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 8 Feb 2021 14:59:32 +0000 (15:59 +0100)]
re-run make libnetapi ....
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Fri, 19 Feb 2021 14:00:24 +0000 (15:00 +0100)]
s3-libnet_join: always check config correctness while joining offline
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Fri, 19 Feb 2021 13:49:50 +0000 (14:49 +0100)]
s3-libnet_join: check for netbios name correctness as well
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Thu, 18 Feb 2021 15:58:42 +0000 (16:58 +0100)]
s3-libnet_join: set netbios name as well when modification is requested
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Tue, 16 Feb 2021 15:13:37 +0000 (16:13 +0100)]
s3-libnet_join: use dsgetonedcname to validate given DC
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Tue, 16 Feb 2021 15:11:14 +0000 (16:11 +0100)]
s3-dsgetdcname: add dsgetonedcname()
The idea is to run the same DC validation steps as for dsgetdcname()
just omit the query list of DCs via DNS/netbios step but instead
validate a given DC right away.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Tue, 11 May 2021 13:22:55 +0000 (15:22 +0200)]
s3-libnet_join: use joinprov3 struct in libnet_DomainOfflineJoin()
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 15 Feb 2021 19:57:56 +0000 (20:57 +0100)]
s3-libnet_join: add support for libnet_DomainOfflineJoin
libnet_DomainOfflineJoin will consume the provided offline domain join
blob and lay out libnet_Join information to properly store join metadata
in the local database.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Sat, 13 Feb 2021 21:11:52 +0000 (22:11 +0100)]
s3-dsgetdcname: return dcinfo also when delivering from the cache.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Sat, 13 Feb 2021 21:03:06 +0000 (22:03 +0100)]
s3-dsgetdcname: the returned dcinfo unc should always be prefixed
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 15 Feb 2021 19:43:37 +0000 (20:43 +0100)]
s3-libnet_join: add request_offline_join flag
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Sat, 13 Feb 2021 17:21:23 +0000 (18:21 +0100)]
s3-libnet_join: fully implement libnet_odj_compose_OP_JOINPROV3_PART
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 15 Feb 2021 16:34:55 +0000 (17:34 +0100)]
s3-librpc: add ODJ_PROVISION_DATA pointer to libnet_JoinCtx
It will be used later to pass in offline domain join structs to serve
request offline domain join requests.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Sat, 13 Feb 2021 17:20:53 +0000 (18:20 +0100)]
s3-libnet_join: return account rid in libnet_JoinCtx
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Tue, 11 May 2021 13:22:12 +0000 (15:22 +0200)]
s3-libnet_join: add libnet_odj_find_joinprov3()
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 15 Feb 2021 19:57:04 +0000 (20:57 +0100)]
s3-libnet_join: add libnet_odj_find_win7blob to libnet_offline_join
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Wed, 10 Feb 2021 14:56:43 +0000 (15:56 +0100)]
s3-libnet_join: add some libnet_JoinCtx-to-ODJ helpers
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Tue, 2 Mar 2021 16:45:46 +0000 (17:45 +0100)]
s3-libnet_join: return the allocated netr_DsRGetDCNameInfo struct
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Fri, 12 Feb 2021 22:56:10 +0000 (23:56 +0100)]
s3-rpc_client: add copy_netr_DsRGetDCNameInfo() helper
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Sat, 13 Feb 2021 01:27:03 +0000 (02:27 +0100)]
s3-libnet_join: let libnetjoin return a netr_DsRGetDCNameInfo
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Fri, 5 Feb 2021 12:23:50 +0000 (13:23 +0100)]
s3-libnet_join: add new provision_computer_account_only flag
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 8 Feb 2021 15:08:10 +0000 (16:08 +0100)]
s4-torture: add odj ndr testsuite
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Thu, 25 Feb 2021 22:19:25 +0000 (23:19 +0100)]
librpc: make sure the 4 byte _pad in ODJ_WIN7BLOB is never 0
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 8 Feb 2021 15:08:43 +0000 (16:08 +0100)]
librpc: more work on ODJ IDL
A lot of nested use of serialization stream pointers
([MS-RPCE] 2.2.6 Type Serialization Version 1).
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Mon, 8 Feb 2021 22:45:42 +0000 (23:45 +0100)]
librpc: add custom odj_switch_level_from_guid()
This function maintains an arbitrary mapping of GUID strings to
integers. This is required as only integers can be used as
discriminators for autogenerated ODJ unions.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Fri, 5 Feb 2021 18:19:36 +0000 (19:19 +0100)]
librpc: compile ODJ idl
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Fri, 5 Feb 2021 18:19:11 +0000 (19:19 +0100)]
librpc: add "Offline Domain Join" (ODJ) IDL
This IDL is based on
https://github.com/MicrosoftDocs/win32/blob/docs/desktop-src/NetMgmt/odj-idl.md
and has been licensed by Microsoft under the terms of the MIT License.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Wed, 10 Feb 2021 10:23:13 +0000 (11:23 +0100)]
librpc/ndr: do not print strings when NDR_SECRET is used
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 00:58:29 +0000 (17:58 -0700)]
s3: VFS: Update status of SMB_VFS_READ_DFS_PATHAT.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Jul 14 08:58:30 UTC 2021 on sn-devel-184
Jeremy Allison [Tue, 13 Jul 2021 00:56:13 +0000 (17:56 -0700)]
s3: smbd: In dfs_path_lookup(), use relative dirfsp, atname lookups in SMB_VFS_READ_DFS_PATHAT() for the pathname walk fallback.
Note that parent_pathref() must succeed before we call SMB_VFS_READ_DFS_PATHAT().
If parent_pathref() fails, just step back a component without calling
SMB_VFS_READ_DFS_PATHAT().
There are no longer any non-relative uses of SMB_VFS_READ_DFS_PATHAT().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 00:53:19 +0000 (17:53 -0700)]
s3: smbd: In dfs_path_lookup(), use relative dirfsp, atname lookups in SMB_VFS_READ_DFS_PATHAT() for the whole path optimization.
Note parent_pathref() must succeed before we can call SMB_VFS_READ_DFS_PATHAT().
Otherwise, just skip the whole path optimization and go onto the path walk code.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 00:44:10 +0000 (17:44 -0700)]
s3: smbd: In is_msdfs_link(), change to dirfsp, atname parameters.
Remember to update the smb_fname->st struct inside check_msdfs_link(),
as we now pass the atname to is_msdfs_link(), not the smb_fname.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 00:35:26 +0000 (17:35 -0700)]
s3: smbd: Add dirfsp, atname parameters to check_msdfs_link().
Replace the old connection_struct *conn parameter.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Mon, 12 Jul 2021 23:40:08 +0000 (16:40 -0700)]
s3: smbd: Pass dirfsp, atname down to mode_fn() passed to smbd_dirptr_get_entry().
Not yet used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Mon, 12 Jul 2021 23:32:23 +0000 (16:32 -0700)]
s3: smbd: In smbd_dirptr_get_entry(), postpone TALLOC_FREE(atname) as we're going to pass this to mode_fn().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 00:16:08 +0000 (17:16 -0700)]
s3: VFS: time_audit. In smb_time_audit_read_dfs_pathat(), cope with relative pathnames.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 00:09:51 +0000 (17:09 -0700)]
s3: VFS: shadow_copy2. In shadow_copy2_read_dfs_pathat(), cope with relative pathnames.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 00:04:59 +0000 (17:04 -0700)]
s3: VFS: glusterfs. In vfs_gluster_read_dfs_pathat(), cope with relative pathnames.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 00:01:34 +0000 (17:01 -0700)]
s3: VFS: full_audit. In smb_full_audit_read_dfs_pathat(), cope with relative pathnames.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Mon, 12 Jul 2021 23:58:05 +0000 (16:58 -0700)]
s3: VFS: ceph: In cephwrap_read_dfs_pathat(), cope with relative pathnames.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Mon, 12 Jul 2021 23:45:13 +0000 (16:45 -0700)]
s3: VFS: cap: Fix cap_read_dfs_pathat() to cope with relative paths.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 00:21:03 +0000 (17:21 -0700)]
s3: VFS: default. In vfswrap_read_dfs_pathat(), cope with relative pathnames.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 16:15:18 +0000 (09:15 -0700)]
s3: VFS: default. In vfswrap_read_dfs_pathat() use sys_fstatat().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Mon, 12 Jul 2021 22:24:30 +0000 (15:24 -0700)]
s2: VFS: default. Fix vfswrap_read_dfs_pathat() to use fsp_get_pathref_fd() not fsp_get_io_fd().
We don't need an io fd here, and we only get away
with it as we have the assert above:
SMB_ASSERT(dirfsp == dirfsp->conn->cwd_fsp);
This will be removed next.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 16:10:50 +0000 (09:10 -0700)]
s3: VFS: default. Fix vfswrap_readdir() to use sys_fstatat().
Change struct stat st -> SMB_STRUCT_STAT st
and just copy the struct on success, as sys_fstatat()
already does the init_stat_ex_from_stat() for us.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Mon, 12 Jul 2021 22:37:20 +0000 (15:37 -0700)]
s3: lib: Add sys_fstatat() wrapper.
Does the usual things we need with fake_dir_create_times.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Tue, 13 Jul 2021 16:03:31 +0000 (09:03 -0700)]
s3: expect fstatat() and dirfd()
FreeBSD, AIX and Solaris all have this.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sat, 3 Jul 2021 13:46:11 +0000 (15:46 +0200)]
vfs_shadow_copy2: ensure we call convert_sbuf() in shadow_copy2_*stat() on already converted paths with absolute path
shadow_copy2_strip_snapshot() will happily return without modifying the passed
timestamp=0 if the path is already converted and refers to an object in a
snapshot, eg (first debug line from extra debugging patch [1]):
[10 2021/07/02 08:19:28.811424 pid=738290 ../../source3/modules/vfs_shadow_copy2.c:1303 shadow_copy2_fstat]
shadow_copy2_fstat: fsp [test.txt {@GMT-2000.01.02-03.04.05}]
[10 2021/07/02 08:19:28.811449 pid=738290 ../../source3/modules/vfs_shadow_copy2.c:607 _shadow_copy2_strip_snapshot_internal]
_shadow_copy2_strip_snapshot_internal: [from shadow_copy2_fstat()] Path 'test.txt {@GMT-2000.01.02-03.04.05}'
[10 2021/07/02 08:19:28.811474 pid=738290 ../../source3/modules/vfs_shadow_copy2.c:619 _shadow_copy2_strip_snapshot_internal]
_shadow_copy2_strip_snapshot_internal: abs path '/gpfs0/smb_snapshots2/filesetone/.snapshots/@GMT-2000.01.02-03.04.05/test.txt'
[10 2021/07/02 08:19:28.811496 pid=738290 ../../source3/modules/vfs_shadow_copy2.c:1924 shadow_copy2_snapshot_to_gmt]
shadow_copy2_snapshot_to_gmt: match @GMT-%Y.%m.%d-%H.%M.%S: @GMT-2000.01.02-03.04.05
[10 2021/07/02 08:19:28.811536 pid=738290 ../../source3/modules/vfs_shadow_copy2.c:566 check_for_converted_path]
check_for_converted_path: path |/gpfs0/smb_snapshots2/filesetone/.snapshots/@GMT-2000.01.02-03.04.05/test.txt| is already converted. connect path = |/gpfs0/smb_snapshots2/filesetone/.snapshots/@GMT-2000.01.02-03.04.05|
As check_for_converted_path() detects an "already converted path",
_shadow_copy2_strip_snapshot_internal() just returns without modifying the value
of the timestamp.
By using shadow_copy2_strip_snapshot_converted() instead of
shadow_copy2_strip_snapshot() we can check if the path is in fact referring to a
VSS object by checking the "converted" bool.
An alternative way would have been directly checking fsp->fsp_name->twrp != 0,
but that would be a new semantic in the module, I'll leave this excersize for
the future when we clean up the usage of shadow_copy2_strip_snapshot() in the
whole module.
This change also switches to using the absolute paths in both place where
convert_sbuf() is called.
[1]
@@ -1309,8 +1348,16 @@ static int shadow_copy2_fstat(vfs_handle_struct *handle, files_struct *fsp,
saved_errno = errno;
}
+ DBG_DEBUG("fsp [%s]\n", fsp_str_dbg(fsp));
RN: vfs_shadow_copy2 fixinodes not correctly updating inode numbers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 6 Jul 2021 05:24:00 +0000 (07:24 +0200)]
selftest: add a test for shadow:fixinodes
This will fail with
Failed to open file \@GMT-2015.10.31-19.40.30\subdir\hardlink. NT_STATUS_ACCESS_DENIED
The open is failing in openat_pathref_fsp():
[2021/07/06 04:58:17.677104, 10, pid=95070, effective(1000, 1000), real(1000, 0)] ../../source3/smbd/files.c:541(openat_pathref_fsp)
openat_pathref_fsp: file [subdir/hardlink {@GMT-2015.10.31-19.40.30}] - dev/ino mismatch. Old (dev=64770, ino=
3826943444). New (dev=64770, ino=
1746568660).
[2021/07/06 04:58:17.677114, 10, pid=95070, effective(1000, 1000), real(1000, 0)] ../../source3/smbd/files.c:568(openat_pathref_fsp)
openat_pathref_fsp: Opening pathref for [subdir/hardlink {@GMT-2015.10.31-19.40.30}] failed: NT_STATUS_ACCESS_DENIED
The reason is subtle:
shadow_copy2 calculates inode numbers of snapshot files based on the path of the
file. The result of that when doing a path based stat() from filename_convert()
was
[2021/07/06 04:58:17.676159, 10, pid=95070, effective(1000, 1000), real(1000, 0)] ../../source3/smbd/filename.c:1945(filename_convert_internal)
filename_convert_internal: XXX smb_fname [subdir/hardlink {@GMT-2015.10.31-19.40.30}] (dev=64770, ino=
3826943444).
which is the "Old" inode shown above.
Later in the open code called from openat_pathref_fsp() -> fd_openat() ->
non_widelink_open() since 4.14 we call SMB_VFS_FSTAT() where fsp->fsp_name will
be set to the new relative *basename* of the file:
[2021/07/06 04:58:17.676917, 10, pid=95070, effective(1000, 1000), real(1000, 0), class=vfs] ../../source3/modules/vfs_default.c:1302(vfswrap_fstat)
vfswrap_fstat: XXX fsp [hardlink {@GMT-2015.10.31-19.40.30}] (dev=64770, ino=
3826943444)
So for stat() the hash function in called with the full path relative to the share
root:
subdir/hardlink
while for fstat() the hash function will used
hardlink
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 6 Jul 2021 05:22:40 +0000 (07:22 +0200)]
selftest: simplify snapshot directory creation in test_shadow_copy_torture.sh
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 6 Jul 2021 05:20:15 +0000 (07:20 +0200)]
selftest: enable "shadow:fixinodes" in "shadow_write" share
The existing tests don't care and this will be used in a subsequent commit to
demonstrate that this option is currently broken.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 6 Jul 2021 05:19:36 +0000 (07:19 +0200)]
selftest: pass smbclient arg to samba3.blackbox.shadow_copy_torture test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 7 Jul 2021 10:40:05 +0000 (12:40 +0200)]
smbd: update smb_fname statinfo from fsp
fd_openat() has done an FSTAT on the handle so update the smb_fname stat info
with "truth". from the handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 7 Jul 2021 09:48:34 +0000 (11:48 +0200)]
smbd: put back dev/ino stat/fstat check in openat_pathref_fsp()
This reverts commit
a6df051dd5e8c63f2fdfdb20ee01169d2bdb97dd:
"s3: smbd: In openat_pathref_fsp(), just check we're opening the same file type, not dev and inode."
The prior changes mean we can go back to checking dev/ino
matches.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 6 Jul 2021 07:04:26 +0000 (09:04 +0200)]
smbd: canonicalize SMB_VFS_FSTAT() stat buffer
This helps code inside any module implementing fstat() looking at
fsp->fsp_name->st instead of the passed in stat buf.
I only ran afoul of this in a DEBUG message I added while debugging some inode
related problem.
No change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 18:41:05 +0000 (11:41 -0700)]
s3: VFS: streams_xattr: In streams_xattr_stat() use synthetic_pathref() with basename
Remove my poor imitation of synthetic_pathref(), just call the real thing.
We need to go through the full VFS stack here to get
the ino correct to get the fsp handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 13 Jul 2021 18:40:09 +0000 (11:40 -0700)]
s3: VFS: fruit. In ad_get_meta_fsp(), we only need a handle on the base file, not the stream.
We'll be calling SMB_VFS_FGETXATTR() on the base fsp anyway.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14756
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Mon, 28 Jun 2021 20:54:52 +0000 (13:54 -0700)]
s3: smbd: Explicitly code the semantics of "dos filemode" into the chown code.
We actually don't need this to get the right semantics, as the open or the
set_sd() code catches the correct cases and returns ACCESS_DENIED, but it
makes me much happier to see the prerequisites needed expressed in code here
right at the point of use.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jul 13 08:11:36 UTC 2021 on sn-devel-184
Stefan Metzmacher [Sun, 9 May 2021 19:16:00 +0000 (21:16 +0200)]
libcli/smb: let smb2_negotiate_context_parse() only parse the expected number of contexts
Any garbage at the end needs to be ignored.
This fixes the Negotiate_SMB311_ContextID_NetName test from:
https://github.com/microsoft/WindowsProtocolTestSuites/blob/main/TestSuites/FileServer/src/SMB2/TestSuite/Negotiate/Negotiation.cs#L730
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jul 12 21:25:21 UTC 2021 on sn-devel-184
Ralph Boehme [Fri, 9 Jul 2021 16:20:30 +0000 (18:20 +0200)]
nsswitch: ensure the attrlist_t array is large enough for a NULL sentinel
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14754
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jul 12 15:11:42 UTC 2021 on sn-devel-184
David Mulder [Wed, 7 Jul 2021 14:00:36 +0000 (08:00 -0600)]
WHATSNEW: samba-tool without ad-dc
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): David Mulder <dmulder@samba.org>
Autobuild-Date(master): Thu Jul 8 14:43:11 UTC 2021 on sn-devel-184
Andrew Bartlett [Mon, 23 Nov 2020 07:54:29 +0000 (20:54 +1300)]
selftest: Print dns_update_cache path into the logs
This sometimes get stuck in a loop and this may help debug it.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 8 12:44:49 UTC 2021 on sn-devel-184
Samuel Cabrero [Fri, 31 Jul 2020 09:13:27 +0000 (11:13 +0200)]
lib/tsocket: Free subreq as soon as possible
This is not a memory leak as it is freed when the parent req's state is
freed, but will help in low memory situations.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 8 10:21:25 UTC 2021 on sn-devel-184
Stefan Metzmacher [Fri, 31 Jul 2020 09:27:25 +0000 (11:27 +0200)]
witness.idl: fix length calculation for witness_IPaddrInfoList
If r->num is 0, we should not dereference r->addr.
Using ndr_size_witness_IPaddrInfoList() also make this much simpler
and avoids the magic 12.
Credit Oss-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22175
REF: https://oss-fuzz.com/testcase-detail/
5686294157197312
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14452
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Stefan Metzmacher [Fri, 31 Jul 2020 09:27:10 +0000 (11:27 +0200)]
torture/ndr: reproduce a problem with witness_AsyncNotify
Credit Oss-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22175
REF: https://oss-fuzz.com/testcase-detail/
5686294157197312
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14452
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Stefan Metzmacher [Fri, 31 Jul 2020 11:23:19 +0000 (13:23 +0200)]
torture/ndr: add more details to the test names
We can have more than one blob for a given idl function
and we should avoid using the same name for all of them.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14452
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Stefan Metzmacher [Fri, 31 Jul 2020 11:20:09 +0000 (13:20 +0200)]
torture/ndr: make check functions typesafe
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14452
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Samuel Cabrero [Fri, 22 Jan 2021 13:04:35 +0000 (14:04 +0100)]
libcli: Move map_errno_from_nt_status from s3 lib to common libcli
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Samuel Cabrero [Thu, 30 Jul 2020 10:07:57 +0000 (12:07 +0200)]
s3:lib: Map ECANCELED to NT_STATUS_CANCELLED
Now map_nt_error_from_unix() returns the same value as
map_nt_error_from_unix_common().
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Tue, 22 Jun 2021 07:31:29 +0000 (09:31 +0200)]
auth:creds: Remove unused simple.c file
This code is tested by the cmocka unit test:
auth/credentials/tests/test_creds.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Wed, 7 Jul 2021 09:12:37 +0000 (11:12 +0200)]
lib:tdb: Fix a memory leak on error
Found by covscan.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Isaac Boukris [Thu, 8 Oct 2020 12:00:44 +0000 (14:00 +0200)]
selftest: Add test for one-way trust wbinfo auth
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul 7 15:01:22 UTC 2021 on sn-devel-184
Andreas Schneider [Fri, 9 Jun 2017 13:03:29 +0000 (15:03 +0200)]
selftest: fl2000dc: Add outgoing trust from fl2000dc to ad_dc
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Isaac Boukris [Tue, 6 Oct 2020 20:33:45 +0000 (22:33 +0200)]
selftest: Fix "outgoing" test in kinit_trust heimdal
Found by the test not failing in one-way trust.
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>