Gary Lockyer [Thu, 21 May 2020 21:52:12 +0000 (09:52 +1200)]
ldb: Bump version to 2.0.12
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Tue, 12 May 2020 22:56:56 +0000 (10:56 +1200)]
CVE-2020-10730: lib ldb: Check if ldb_lock_backend_callback called twice
Prevent use after free issues if ldb_lock_backend_callback is called
twice, usually due to ldb_module_done being called twice. This can happen if a
module ignores the return value from function a function that calls
ldb_module_done as part of it's error handling.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Mon, 18 May 2020 00:37:39 +0000 (12:37 +1200)]
CVE-2020-10730: s4 dsdb vlv_pagination: Prevent repeat call of ldb_module_done
Check the return code from vlv_results, if it is not LDB_SUCCESS
ldb_module_done has already been called, and SHOULD NOT be called again.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Mon, 18 May 2020 00:36:57 +0000 (12:36 +1200)]
CVE-2020-10730: s4 dsdb paged_results: Prevent repeat call of ldb_module_done
Check the return code from paged_results, if it is not LDB_SUCCESS
ldb_module_done has already been called, and SHOULD NOT be called again.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 6 May 2020 04:18:19 +0000 (16:18 +1200)]
CVE-2020-10730: dsdb: Ban the combination of paged_results and VLV
This (two different paging controls) makes no sense and fails against
Windows Server 1709.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Wed, 6 May 2020 05:05:30 +0000 (17:05 +1200)]
CVE-2020-10730: dsdb: Fix crash when vlv and paged_results are combined
The GUID is not returned in the DN for some reason in this (to be banned)
combination.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Wed, 6 May 2020 04:19:01 +0000 (16:19 +1200)]
CVE-2020-10730: selftest: Add test to show that VLV and paged_results are incompatible
As tested against Windows Server 1709
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Tue, 5 May 2020 04:34:11 +0000 (16:34 +1200)]
CVE-2020-10730: vlv: Another workaround for mixing ASQ and VLV
This is essentially an alternative patch, but without the correct
behaviour. Instead this just avoids a segfault.
Included in case we have something simialr again in
another module.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Tue, 5 May 2020 01:16:48 +0000 (13:16 +1200)]
CVE-2020-10730: selftest: Add test to confirm VLV interaction with ASQ
Tested against Windows 1709.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Tue, 5 May 2020 00:55:57 +0000 (12:55 +1200)]
CVE-2020-10730: vlv: Do not re-ASQ search the results of an ASQ search with VLV
This is a silly combination, but at least try and keep the results sensible
and avoid a double-dereference.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Tue, 5 May 2020 00:54:59 +0000 (12:54 +1200)]
CVE-2020-10730: vlv: Use strcmp(), not strncmp() checking the NULL terminated control OIDs
The end result is the same, as sizeof() includes the trailing NUL, but this
avoids having to think about that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14364
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Karolin Seeger [Wed, 24 Jun 2020 10:35:39 +0000 (12:35 +0200)]
VERSION: Bump version up to 4.11.11...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit
08a51254198537395e9a6ea7a98fd627a491bf15)
Karolin Seeger [Wed, 24 Jun 2020 10:34:59 +0000 (12:34 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.11.10 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Wed, 24 Jun 2020 10:34:26 +0000 (12:34 +0200)]
WHATSNEW: Add release notes for Samba 4.11.10.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Alexander Bokovoy [Thu, 18 Jun 2020 07:45:41 +0000 (10:45 +0300)]
ldb_ldap: fix off-by-one increment in lldb_add_msg_attr
Fix regression introduced by commit
ce2bf5c72b6423fff680b3d6a9042103a6cdda55
lldb_add_msg_attr() calls ldb_msg_add_empty() which, in turn, calls
calls _ldb_msg_add_el() which already increments msg->num_elements by one.
As a result, msg->num_elements is bigger than the actual number of
elements and any iteration over elements would step over elements array
boundary.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14413
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 19 08:35:33 UTC 2020 on sn-devel-184
(cherry picked from commit
990a0fc4a0481aed817fad7575d8df453fbe7af9)
Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-11-test): Wed Jun 24 12:39:28 UTC 2020 on sn-devel-184
Alexander Bokovoy [Thu, 18 Jun 2020 08:49:08 +0000 (11:49 +0300)]
lib/ldb: add unit test for ldb_ldap internal code
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14413
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
36bd6edd8a603f3aa34aff81c43ef26efd3ad4cf)
Jeremy Allison [Mon, 11 May 2020 22:58:27 +0000 (15:58 -0700)]
s3: libsmbclient: Finish unifing bad iconv behavior across CORE NT1 SMB2 protocols.
On bad name conversion, exit the directory listing with an error, but leave the
connection intact. We were already checking for finfo->name == NULL here,
but were ignoring it and not reporting an error.
Remove the knownfail.d/bad_iconv file as we now
behave the same across CORE/NT1/SMB2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14374
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 12 21:32:44 UTC 2020 on sn-devel-184
(cherry picked from commit
393da520e43bd3a28feb231bcd9fd5308a3daa4a)
Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-11-test): Thu Jun 4 11:47:26 UTC 2020 on sn-devel-184
Jeremy Allison [Mon, 11 May 2020 19:23:49 +0000 (12:23 -0700)]
s3: libsmb: In SMB2 return NT_STATUS_INVALID_NETWORK_RESPONSE if name conversion ended up with a NULL filename.
Can happen if namelen == 0.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14374
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
753115a8d19f6ac8cd28305748fc6d888679dccc)
Jeremy Allison [Mon, 11 May 2020 19:34:10 +0000 (12:34 -0700)]
s3: libsmb: In SMB1 old protocol - return NT_STATUS_INVALID_NETWORK_RESPONSE if name conversion ended up with a NULL filename.
Can happen if namelen == 0.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14374
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
b10de0bb64fe022e6b066584013dfb0bdf2ade96)
Jeremy Allison [Mon, 11 May 2020 22:37:00 +0000 (15:37 -0700)]
s3: selftest: Add test_smbclient_iconv.sh to check client behavior on bad name conversion.
SMB2 and NT1 fail this, CORE already returns NT_STATUS_INVALID_NETWORK_RESPONSE
on bad conversion.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14374
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(back-ported from commit
e016671d34c24c4768df774425ec743b88e30015)
Jeremy Allison [Mon, 11 May 2020 21:10:54 +0000 (14:10 -0700)]
s3: selftest: Add share definition [bad_iconv] in fileserver.
Creates a utf8 valid filename within that is invalid in CP850.
Useful to test smbclient list directory character set conversions.
https://bugzilla.samba.org/show_bug.cgi?id=14374
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(back-ported from commit
a9651d6bc2b6dea8adc859ce21c2431253868887)
Volker Lendecke [Fri, 15 May 2020 13:19:45 +0000 (15:19 +0200)]
winbindd: Fix a use-after-free when winbind clients exit
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14382
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue May 19 10:45:06 UTC 2020 on sn-devel-184
(cherry picked from commit
68380ebaa60c64311cc1081f700d571abbf69f4f)
Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-11-test): Fri May 22 14:40:24 UTC 2020 on sn-devel-184
Jeremy Allison [Fri, 15 May 2020 19:18:02 +0000 (12:18 -0700)]
s3: lib: Paranoia around use of snprintf copying into a fixed-size buffer from a getenv() pointer.
Post checks for overflow/error.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon May 18 23:42:57 UTC 2020 on sn-devel-184
(cherry picked from commit
dd1f750293ef4361455a5d5b63fc7a89495715b7)
Andreas Schneider [Wed, 6 May 2020 15:10:51 +0000 (17:10 +0200)]
s3:gencache: Allow to open gencache as read-only
This allows client tools to access the cache for ready-only operations
as a normal user.
Example:
net ads status
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14370
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri May 15 14:40:32 UTC 2020 on sn-devel-184
(cherry picked from commit
04f0c45475de383a0be4ca355ab9aa7784e61c27)
Andreas Schneider [Mon, 11 May 2020 10:50:11 +0000 (12:50 +0200)]
lib:util: Add test for path_expand_tilde()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14370
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(backported from commit
a15bd5493b696c66c6803d8ca65bc13f1cfcdf0a)
Andreas Schneider [Thu, 7 May 2020 10:25:24 +0000 (12:25 +0200)]
lib:util: Add path_expand_tilde()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14370
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
15457254be0ab1235c327bd305dfeee19b2ea7a1)
Andreas Schneider [Tue, 28 Apr 2020 15:25:35 +0000 (17:25 +0200)]
docs-xml: Fix usernames in pam_winbind manpages
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14358
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Apr 29 09:44:55 UTC 2020 on sn-devel-184
(cherry picked from commit
3abd92d7824e803f1ff53425088ebee30b58894b)
Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-11-test): Thu May 14 15:42:16 UTC 2020 on sn-devel-184
Volker Lendecke [Sat, 2 May 2020 13:18:07 +0000 (15:18 +0200)]
libsmb: Protect cli_oem_change_password() from rprcnt<2
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14366
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue May 5 17:12:04 UTC 2020 on sn-devel-184
(cherry picked from commit
f80c97cb8da64f3cd9904e2e1fd43c29b691166d)
Volker Lendecke [Sat, 2 May 2020 13:10:14 +0000 (15:10 +0200)]
libsmb: Protect cli_RNetServerEnum against rprcnt<6
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14366
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
ce8b70df7bd63e96723b8e8dc864f1690f5fad7b)
Volker Lendecke [Sat, 2 May 2020 12:59:07 +0000 (14:59 +0200)]
libsmb: Protect cli_RNetShareEnum() against rprcnt<6
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14366
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
4a9fe4efefa67d6f24efcbe29722a43fc4859fdc)
Volker Lendecke [Sat, 2 May 2020 12:54:01 +0000 (14:54 +0200)]
libsmb: Fix indentation in cli_RNetShareEnum()
Also remove a level of indentation with a "goto done;"
Best review with "git show -b", almost no code change
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14366
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
ae91d67a247424d4ddc89230f52365558d6ff402)
Ralph Boehme [Thu, 23 Apr 2020 14:10:23 +0000 (16:10 +0200)]
vfs_shadow_copy2: implement case canonicalisation in shadow_copy2_get_real_filename()
unix_convert() can't do this for us in snapdirseverywhere mode, so we do it
ourselves.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14350
Signed-off-by: Ralph Boehme <slow@samba.org>
(Similar to commit
a3d1ac2a597e2441d6855db566306298ae5db99b)
Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-11-test): Wed May 13 14:44:57 UTC 2020 on sn-devel-184
Ralph Boehme [Mon, 27 Apr 2020 12:38:28 +0000 (14:38 +0200)]
s3/lib: add is_gmt_token()
This is not present in master as master has been converted to use struct
smb_filename.twrp instead of @GMT string tokens as part of the path.
Signed-off-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Thu, 23 Apr 2020 14:09:16 +0000 (16:09 +0200)]
smbd: make get_real_filename_full_scan() public
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14350
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
aa5f19ddf1dec1ac4386441929bca94727f30ee6)
[Conflicts: source3/smbd/proto.h: more functions are missing in 4.12]
Ralph Boehme [Tue, 21 Apr 2020 11:06:03 +0000 (13:06 +0200)]
CI: add two tests for shadow_copy2 VFS module
Note that the test "fetch a previous version of a regular file via non-canonical
basepath" doesn't fail by "luck" because it runs into the "creating file"
optimisation in unix_convert().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14350
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
6557777c86d72a185b3fe4061a8b5791fd748924)
Gary Lockyer [Thu, 30 Apr 2020 21:15:49 +0000 (09:15 +1200)]
ldb: Bump version to 2.0.11
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14330
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Gary Lockyer [Tue, 31 Mar 2020 19:22:08 +0000 (08:22 +1300)]
lib ldb: lmdb init var before calling mdb_reader_check
Initilalise "stale" to zero before passing a pointer to it to
mdb_reader_check.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Apr 7 12:29:00 UTC 2020 on sn-devel-184
(cherry picked from commit
d1f4002b914efb31aa34a59e7c93d80f3174727c)
Gary Lockyer [Sun, 29 Mar 2020 23:08:30 +0000 (12:08 +1300)]
lib ldb: lmdb clear stale readers on write txn start
In use process failures and Bind9 shut downs leave stale entries in the
lmdb reader table. This can result in lmdb filling it's database file, as
the free list can not be reclaimed due to the stale reader.
In this fix we call mdb_reader_check at the start of each transaction,
to free any stale readers. As the default maximum number of readers is
127, this should not impact on performance to any great extent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14330
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 31 01:26:07 UTC 2020 on sn-devel-184
(cherry picked from commit
89041a6d18a1d091ea713e6986cac5ca66c2b481)
Gary Lockyer [Mon, 16 Mar 2020 02:18:12 +0000 (15:18 +1300)]
ldb tests: Confirm lmdb free list handling
Add cmocka tests to confirm lmdb's handling of the free list.
As a result of lmdb's MVCC (Multiversion Concurrency Control) long
running read transactions or stale readers (read transactions where the
process exited without ending the transaction) can cause the database to
run out of space.
Items in the free list are only reused when they would not be visible in
a read transaction. So long running read transactions prevent entries
in the free list being reused, and the database can run out of space.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
fc13304d1575ad6bc6e04cdb3eedf46d3c3678c7)
Karolin Seeger [Tue, 5 May 2020 11:41:52 +0000 (13:41 +0200)]
VERSION: Bump version up to 4.11.10...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 5 May 2020 11:41:00 +0000 (13:41 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.11.9 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 5 May 2020 11:40:29 +0000 (13:40 +0200)]
WHATSNEW: Add release notes for Samba 4.11.9.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Alexander Bokovoy [Tue, 28 Apr 2020 18:59:46 +0000 (21:59 +0300)]
s3: pass DCE RPC handle type to create_policy_hnd
Various RPC services expect policy handles of a specific type.
s3 RPC server did not allow to create policy handles with a specific
type while actually requiring that policy handle type itself in some
places.
Make sure we are able to specify the policy on-wire handle type when
creating the policy handle. The changes follow s4 DCE RPC server
implementation.
The original logic to always set on-wire handle type to 0 can be tracked
down to commit
fdeea341ed1bae670382e45eb731db1b5838ad21 when we didn't
really know about differences in on-wire handle types.
All but LSA trusted domain RPC calls do not check the on-wire handle
type in s3 RPC server.
Fixes trusted domain operations when Samba RPC client attempts to call
s3 RPC server to perform lsa_lsaRSetForestTrustInformation in FreeIPA.
This fix is a pre-requisite for FreeIPA-FreeIPA forest trust.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 28 22:55:29 UTC 2020 on sn-devel-184
(cherry picked from commit
c7a4578d06427a82ead287f0c5248c1a54cc9336)
Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-11-test): Mon May 4 11:35:51 UTC 2020 on sn-devel-184
Volker Lendecke [Thu, 16 Apr 2020 12:38:34 +0000 (14:38 +0200)]
ctdb: Fix a memleak
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14348
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Apr 17 08:32:35 UTC 2020 on sn-devel-184
(cherry picked from commit
ad4b53f2d95de3d3609f3a23d96602f3dd516705)
Volker Lendecke [Thu, 19 Mar 2020 10:01:41 +0000 (11:01 +0100)]
libsmb: Don't try to find posix stat info in SMBC_getatr()
This wrongly used "frame" instead of "fname", which can never have
worked. A first attempt to fix in
51551e0d53fa6 caused a few followup
patches in an attempt to clean up the test failures
51551e0d53fa6
introduced. They were reverted after a few discussions. So rather than
changing behaviour, just remove the code that introduced the valgrind
error again.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 20 05:06:07 UTC 2020 on sn-devel-184
(cherry picked from commit
39c910fd9cba3caf7414274b678b9eee33d7e20b)
Karolin Seeger [Tue, 28 Apr 2020 11:50:45 +0000 (13:50 +0200)]
VERSION: Bump version up to 4.11.9.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 28 Apr 2020 11:50:10 +0000 (13:50 +0200)]
Merge tag 'samba-4.11.8' into v4-11-test
samba: tag release samba-4.11.8
Karolin Seeger [Tue, 21 Apr 2020 11:23:38 +0000 (13:23 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.11.8 release.
o CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ
o CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 21 Apr 2020 11:23:09 +0000 (13:23 +0200)]
WHATSNEW: Add release notes for Samba 4.11.8.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Gary Lockyer [Tue, 7 Apr 2020 22:46:44 +0000 (10:46 +1200)]
CVE-2020-10704 libcli ldap: Check search request lengths.
Check the search request lengths against the limits passed to
ldap_decode.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Tue, 7 Apr 2020 20:49:23 +0000 (08:49 +1200)]
CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode
Add search request size limits to ldap_decode calls.
The ldap server uses the smb.conf variable
"ldap max search request size" which defaults to 250Kb.
For cldap the limit is hard coded as 4096.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Wed, 8 Apr 2020 03:32:22 +0000 (15:32 +1200)]
CVE-2020-10704: S4 ldap server: Limit request sizes
Check the size of authenticated and anonymous ldap requests and reject
them if they exceed the limits in smb.conf
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Mon, 6 Apr 2020 21:09:01 +0000 (09:09 +1200)]
CVE-2020-10704: smb.conf: Add max ldap request sizes
Add two new smb.conf parameters to control the maximum permitted ldap
request size.
Adds:
ldap max anonymous request size default 250Kb
ldap max authenticated request size default 16Mb
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Tue, 14 Apr 2020 01:32:32 +0000 (13:32 +1200)]
CVE-2020-10704: ldapserver tests: Limit search request sizes
Add tests to ensure that overly long (> 256000 bytes) LDAP search
requests are rejected.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Wed, 8 Apr 2020 03:30:52 +0000 (15:30 +1200)]
CVE-2020-10704: lib util asn1: Check parse tree depth
Check the current depth of the parse tree and reject the input if the
depth exceeds that passed to asn1_init
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Thu, 2 Apr 2020 02:25:53 +0000 (15:25 +1300)]
CVE-2020-10704: libcli ldap: test recursion depth in ldap_decode_filter_tree
Add tests to check that ASN.1 ldap requests with deeply nested elements
are rejected. Previously there was no check on the on the depth of
nesting and excessive nesting could cause a stack overflow.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Thu, 2 Apr 2020 23:18:03 +0000 (12:18 +1300)]
CVE-2020-10704: lib util asn1: Add ASN.1 max tree depth
Add maximum parse tree depth to the call to asn1_init, which will be
used to limit the depth of the ASN.1 parse tree.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Karolin Seeger [Fri, 17 Apr 2020 11:28:52 +0000 (13:28 +0200)]
CVE-2020-10700: ldb: Bump version up to 2.0.10.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andrew Bartlett [Wed, 11 Mar 2020 03:43:31 +0000 (16:43 +1300)]
CVE-2020-10700: dsdb: Do not permit the ASQ control for the GUID search in paged_results
ASQ is a very strange control and a BASE search can return multiple results
that are NOT the requested DN, but the DNs pointed to by it!
Thanks to Andrei Popa <andrei.popa@next-gen.ro> for finding,
reporting and working with us to diagnose this issue!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Wed, 11 Mar 2020 03:41:34 +0000 (16:41 +1300)]
CVE-2020-10700: ldb: Always use ldb_next_request() in ASQ module
We want to keep going down the module stack, and not start from the top again.
ASQ is above the ACL modules, but below paged_results and we do not wish to
re-trigger that work.
Thanks to Andrei Popa <andrei.popa@next-gen.ro> for finding,
reporting and working with us to diagnose this issue!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Mon, 30 Mar 2020 09:44:20 +0000 (09:44 +0000)]
CVE-2020-10700: dsdb: Add test for ASQ and ASQ in combination with paged_results
Thanks to Andrei Popa <andrei.popa@next-gen.ro> for finding,
reporting and working with us to diagnose this issue!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Karolin Seeger [Tue, 10 Mar 2020 09:55:01 +0000 (10:55 +0100)]
VERSION: Bump version up to 4.11.8...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit
46e19f9f40258855d84e747bcb02019262e72057)
Noel Power [Tue, 14 Apr 2020 10:21:22 +0000 (11:21 +0100)]
s3/librpc/crypto: Fix double free with unresolved credential cache
We free gse_ctx->k5ctx but then free it again in the
talloc dtor. This patch just lets the talloc dtor handle
things and removes the extra krb5_free_context
Failed to resolve credential cache 'DIR:/run/user/1000/krb5cc'! (No credentials cache found)
==30762== Invalid read of size 8
==30762== at 0x108100F4: k5_os_free_context (in /usr/lib64/libkrb5.so.3.3)
==30762== by 0x107EA661: krb5_free_context (in /usr/lib64/libkrb5.so.3.3)
==30762== by 0x7945D2E: gse_context_destructor (gse.c:84)
==30762== by 0x645FB49: _tc_free_internal (talloc.c:1157)
==30762== by 0x645FEC5: _talloc_free_internal (talloc.c:1247)
==30762== by 0x646118D: _talloc_free (talloc.c:1789)
==30762== by 0x79462E4: gse_context_init (gse.c:241)
==30762== by 0x794636E: gse_init_client (gse.c:268)
==30762== by 0x7947602: gensec_gse_client_start (gse.c:786)
==30762== by 0xBC87A3A: gensec_start_mech (gensec_start.c:743)
==30762== by 0xBC87BC6: gensec_start_mech_by_ops (gensec_start.c:774)
==30762== by 0xBC8167F: gensec_spnego_client_negTokenInit_step (spnego.c:633)
==30762== Address 0x17259928 is 40 bytes inside a block of size 496 free'd
==30762== at 0x4C2F50B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30762== by 0x79462CA: gse_context_init (gse.c:238)
==30762== by 0x794636E: gse_init_client (gse.c:268)
==30762== by 0x7947602: gensec_gse_client_start (gse.c:786)
==30762== by 0xBC87A3A: gensec_start_mech (gensec_start.c:743)
==30762== by 0xBC87BC6: gensec_start_mech_by_ops (gensec_start.c:774)
==30762== by 0xBC8167F: gensec_spnego_client_negTokenInit_step (spnego.c:633)
==30762== by 0xBC813E2: gensec_spnego_client_negTokenInit_start (spnego.c:537)
==30762== by 0xBC84084: gensec_spnego_update_pre (spnego.c:1943)
==30762== by 0xBC83AE5: gensec_spnego_update_send (spnego.c:1741)
==30762== by 0xBC85622: gensec_update_send (gensec.c:449)
==30762== by 0x551BFD0: cli_session_setup_gensec_local_next (cliconnect.c:997)
==30762== Block was alloc'd at
==30762== at 0x4C306B5: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30762== by 0x107EA7AE: krb5_init_context_profile (in /usr/lib64/libkrb5.so.3.3)
==30762== by 0xB853215: smb_krb5_init_context_common (krb5_samba.c:3597)
==30762== by 0x794615B: gse_context_init (gse.c:209)
==30762== by 0x794636E: gse_init_client (gse.c:268)
==30762== by 0x7947602: gensec_gse_client_start (gse.c:786)
==30762== by 0xBC87A3A: gensec_start_mech (gensec_start.c:743)
==30762== by 0xBC87BC6: gensec_start_mech_by_ops (gensec_start.c:774)
==30762== by 0xBC8167F: gensec_spnego_client_negTokenInit_step (spnego.c:633)
==30762== by 0xBC813E2: gensec_spnego_client_negTokenInit_start (spnego.c:537)
==30762== by 0xBC84084: gensec_spnego_update_pre (spnego.c:1943)
==30762== by 0xBC83AE5: gensec_spnego_update_send (spnego.c:1741)
==30762==
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14344
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Apr 14 22:55:51 UTC 2020 on sn-devel-184
(cherry picked from commit
34f8ab774d1484b0e60dbdec8ad2a1607ad92122)
Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-11-test): Wed Apr 15 14:34:51 UTC 2020 on sn-devel-184
Andreas Schneider [Fri, 3 Apr 2020 13:40:48 +0000 (15:40 +0200)]
testprogs: Add 'net ads join createupn' test also verifying the keytab
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14336
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Apr 6 19:09:53 UTC 2020 on sn-devel-184
(cherry picked from commit
c4be195da2845be4f64e47883e3c911dedd90e48)
Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-11-test): Tue Apr 7 10:51:07 UTC 2020 on sn-devel-184
Andreas Schneider [Fri, 3 Apr 2020 13:58:28 +0000 (15:58 +0200)]
s3:libads: Fix ads_get_upn()
This adds the userPrincipalName to ads_find_machine_acct() which
fetches the data for us.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14336
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
ec69752cb963ae850568d3f4905d2941e485627e)
Ralph Boehme [Sun, 15 Mar 2020 07:30:21 +0000 (08:30 +0100)]
smbd: let delayed update handler also update on-disk timestamps
Let delayed update handler also update on-disk timestamps by calling
trigger_write_time_update_immediate().
trigger_write_time_update_immediate() sets fsp->update_write_time_on_close to
false which prevents updating the write-time on close if there was ever only one
write to the file.
Besides resetting fsp->update_write_time_on_close and setting the on-disk timestamps
trigger_write_time_update_immediate() takes the same steps as the removed code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 19 03:05:40 UTC 2020 on sn-devel-184
(back ported from commit
81c1a14e3271aeed7ed4fe6311171b19ba963555)
Ralph Boehme [Sun, 15 Mar 2020 07:30:21 +0000 (08:30 +0100)]
smbd: let mark_file_modified() always call trigger_write_time_update()
Preperatory change: the next commit will reset fsp->update_write_time_on_close
in the event handler, so this change ensures it gets set again for any
subsequent write.
This will NOT always result in a write-time update because
trigger_write_time_update() has its own only-once logic using the internal
variable fsp->update_write_time_triggered.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
53de2da7acfc24513082190502d93306c12b7434)
Ralph Boehme [Sun, 15 Mar 2020 14:51:18 +0000 (15:51 +0100)]
smbd: remove stat call from mark_file_modified()
This stat dates back to
d03453864ab1bc5fd3b4a3abaf96176a006c102b where the call
to trigger_write_time_update() had been to the file IO codepath. It was present
there for other reasons: to setup the write-cache based on the file's size.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
2c19d27113036d607850f370bb9afd62856d671e)
Ralph Boehme [Wed, 22 Jan 2020 09:52:39 +0000 (10:52 +0100)]
smbd: avoid double chdir() in chdir_current_service()
Since
8e81090789e4cc3ba9e5aa792d4e52971909c894 we're doing chdir() twice, first
into conn->connectpath, then into conn->origpath.
Before commit
8e81090789e4cc3ba9e5aa792d4e52971909c894 if
chdir(conn->connectpath) succeeded, we wouldn't do the second chdir().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14256
RN: smbd does a chdir() twice per request
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Feb 6 11:44:07 UTC 2020 on sn-devel-184
(backported from commit
f705629a171c1411131164f3adff36175154c093)
Ralph Boehme [Thu, 12 Mar 2020 18:23:40 +0000 (19:23 +0100)]
smbd: flush pending writetime update when setting timestamps file
Cf the explanations in the previous commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(back-ported from commit
7b90fe69a865ae8648b6548eabbcf2fa8237ebd8)
Ralph Boehme [Thu, 12 Mar 2020 18:23:40 +0000 (19:23 +0100)]
smbd: flush pending writetime update when flushing file
Cf the explanations in the previous commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(back-ported from commit
d99d5bf2c6d0a818ef2f3920e0c93fac38761c36)
Ralph Boehme [Thu, 12 Mar 2020 15:52:34 +0000 (16:52 +0100)]
smbd: always flush pending write time update when setting filesize
We need to flush a pending write time update even when we're setting the
filesize to current filesize.
Note that we're already doing it this way in the relevant places listed my
dochelp@MS in
https://lists.samba.org/archive/cifs-protocol/2019-December/003364.html
Cleanup (= Close)
SetBasicInfo
SetAllocationInfo
SetEndOfFileInfo
SetValidDataLengthInfo
Flush
FSCTL_SET_ENCRYPTION
FSCTL_OFFLOAD_WRITE
Cleanup (= Close):
Already implemented by update_write_time_on_close() and friends.
SetBasicInfo:
Currently doesn't flush pending updates. Fixed by a subsequent commit.
SetAllocationInfo:
smb_set_file_allocation_info() when setting a file's allocation size.
SetEndOfFileInfo:
Currently doesn't flush pending updates. Fixed by a subsequent commit.
SetValidDataLengthInfo:
Not implemented, returns NT_STATUS_NOT_SUPPORTED which seems wrong btw, as
SetValidDataLengthInfo IS listed in MS-SMB2 2.2.39.
Flush:
Currently doesn't flush pending updates. Fixed by subsequent commit.
FSCTL_SET_ENCRYPTION:
Windows 2016 doesn't flush a pending writetime update, verified with a
smbtorture test.
FSCTL_OFFLOAD_WRITE:
NT_STATUS_NOT_IMPLEMENTED
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(back-ported from commit
79d7d6b9d01b8547f16b74a62926d0b471f18c39)
Günther Deschner [Fri, 27 Mar 2020 09:13:11 +0000 (10:13 +0100)]
nsswitch: fix use-after-free causing segfault in _pam_delete_cred
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14327
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Mar 30 13:01:20 UTC 2020 on sn-devel-184
(cherry picked from commit
047b0d8ab534c7a10a8572fd9f21e2456fd30710)
Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-11-test): Tue Mar 31 16:14:54 UTC 2020 on sn-devel-184
Martin Schwenke [Sun, 22 Mar 2020 02:46:46 +0000 (13:46 +1100)]
ctdb-recoverd: Avoid dereferencing NULL rec->nodemap
Inside the nested event loop in ctdb_ctrl_getnodemap(), various
asynchronous handlers may dereference rec->nodemap, which will be
NULL.
One example is lost_reclock_handler(), which causes rec->nodemap to be
unconditionally dereferenced in list_of_nodes() via this call chain:
list_of_nodes()
list_of_active_nodes()
set_recovery_mode()
force_election()
lost_reclock_handler()
Instead of attempting to trace all of the cases, just avoid leaving
rec->nodemap set to NULL. Attempting to use an old value is generally
harmless, especially since it will be the same as the new value in
most cases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14324
Reported-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Mar 24 01:22:45 UTC 2020 on sn-devel-184
(cherry picked from commit
716f52f68b248ae7cfd66479b3fc678c4a0d8b38)
Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-11-test): Mon Mar 30 11:22:26 UTC 2020 on sn-devel-184
Martin Schwenke [Tue, 25 Feb 2020 06:32:56 +0000 (17:32 +1100)]
ctdb-daemon: Don't allow attach from recovery if recovery is not active
Neither the recovery daemon nor the recovery helper should attach
databases outside of the recovery process.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
147afe77de372ddb9c180228d6fe1b04cca4610f)
Martin Schwenke [Mon, 24 Feb 2020 19:20:32 +0000 (06:20 +1100)]
ctdb-daemon: Remove more unused old client database functions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
052f1bdb9cf78f53f584edd32f81ae8e01e8e86e)
Martin Schwenke [Mon, 24 Feb 2020 08:51:19 +0000 (19:51 +1100)]
ctdb-recovery: Remove old code for creating missing databases
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
3a66d181b6f6199fca362fcb0aa06513645b589d)
Martin Schwenke [Mon, 24 Feb 2020 00:31:33 +0000 (11:31 +1100)]
ctdb-recovery: Create database on nodes where it is missing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
76a8174279f42486b36cc41d5831d4e6613f172e)
Martin Schwenke [Sun, 23 Feb 2020 23:26:34 +0000 (10:26 +1100)]
ctdb-recovery: Fetch database name from all nodes where it is attached
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
e6e63f8fb8194634135bf34cda18f6cc8ff69a7c)
Martin Schwenke [Fri, 21 Feb 2020 05:51:10 +0000 (16:51 +1100)]
ctdb-recovery: Pass db structure for each database recovery
Instead of db_id and db_flags.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
1bdfeb3fdc06947a607957ab3d114f97bad5d7d7)
Martin Schwenke [Fri, 21 Feb 2020 05:10:05 +0000 (16:10 +1100)]
ctdb-recovery: GET_DBMAP from all nodes
This builds a complete list of databases across the cluster so it can
be used to create databases on the nodes where they are missing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
c6f74e590f602e2ed38fe293468770a5e669aefa)
Martin Schwenke [Fri, 21 Feb 2020 01:24:39 +0000 (12:24 +1100)]
ctdb-recovery: Replace use of ctdb_dbid_map with local db_list
This will be used to build a merged list of databases from all nodes,
allowing the recovery helper to create missing databases.
It would be possible to also include the db_name field in this
structure but that would cause a lot of churn. This field is used
locally in the recovery of each database so can continue to live in
the relevant state structure(s).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
4c0b9c36050a0ed8a180d4ac1853224089528e8e)
Martin Schwenke [Wed, 26 Feb 2020 00:50:09 +0000 (11:50 +1100)]
ctdb-daemon: Respect CTDB_CTRL_FLAG_ATTACH_RECOVERY when attaching databases
This is currently only set by the recovery daemon when it attaches
missing databases, so there is no obvious behaviour change. However,
attaching missing databases can now be moved to the recovery helper as
long as it sets this flag.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
7e5a8a4884ea87bb985fe0e2b65ff130fc2ba8aa)
Martin Schwenke [Fri, 21 Feb 2020 00:13:05 +0000 (11:13 +1100)]
ctdb-recovery: Use CTDB_CTRL_FLAG_ATTACH_RECOVERY to attach during recovery
ctdb_ctrl_createdb() is only called by the recovery daemon, so this is
a safe, temporary change. This is temporary because
ctdb_ctrl_createdb(), create_missing_remote_databases() and
create_missing_local_databases() will all go away soon.
Note that this doesn't cause a change in behaviour. The main daemon
will still only defer attaches from non-recoverd processes during
recovery.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
98e3d0db2bc5f33217e26fab1dfb4bb91eae534f)
Martin Schwenke [Fri, 21 Feb 2020 00:04:14 +0000 (11:04 +1100)]
ctdb-protocol: Add control flag CTDB_CTRL_FLAG_ATTACH_RECOVERY
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
17ed0425904a98624284d351ab7617b3e02c0f7b)
Martin Schwenke [Wed, 26 Feb 2020 06:03:49 +0000 (17:03 +1100)]
ctdb-daemon: Remove unused old client database functions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
fc23cd1b9cdd1d70067491614b16e616291e8ff2)
Martin Schwenke [Thu, 20 Feb 2020 02:48:13 +0000 (13:48 +1100)]
ctdb-daemon: Fix database attach deferral logic
Commit
3cc230b5eeca749ab68d19cfda969f72c269f1f6 says:
Dont allow clients to connect to databases untile we are well past
and through the initial recovery phase
It is unclear what this commit was attempting to do. The commit
message implies that more attaches should be deferred but the code
change adds a conjunction that causes less attaches to be deferred.
In particular, no attaches will be deferred after startup is complete.
This seems wrong.
To implement what seems to be stated in the commit message an "or"
needs to be used so that non-recovery daemon attaches are deferred
either when in recovery or before startup is complete. Making this
change highlights that attaches need to be allowed during the
"startup" event because this is when smbd is started.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
c6c89495fbe9b6f238d10a538eccc92b937a69de)
Amitay Isaacs [Mon, 2 Mar 2020 05:16:26 +0000 (16:16 +1100)]
ctdb-recovery: Refactor banning a node into separate computation
If a node is marked for banning, confirm that it's not become inactive
during the recovery. If yes, then don't ban the node.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
1c56d6413f86cc15ebac232f39ef1e2a53ae4297)
Amitay Isaacs [Tue, 18 Feb 2020 05:17:00 +0000 (16:17 +1100)]
ctdb-recovery: Don't trust nodemap obtained from local node
It's possible to have a node stopped, but recovery master not yet
updated flags on the local ctdb daemon when recovery is started. So do
not trust the list of active nodes obtained from the local node. Query
the connected nodes to calculate the list of active nodes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
c6a0ff1bed0265e44fd6135d16bfc41919fe5bf5)
Amitay Isaacs [Mon, 2 Mar 2020 04:07:21 +0000 (15:07 +1100)]
ctdb-recovery: Consolidate node state
This avoids passing multiple arguments to async computation.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
6e2f8756f1bce4dfc7fdc435e082f400116e29ec)
Amitay Isaacs [Mon, 2 Mar 2020 02:59:42 +0000 (13:59 +1100)]
ctdb-recovery: Fetched vnnmap is never used, so don't fetch it
New vnnmap is constructed using the information from all the connected
nodes. So there is no need to fetch the vnnmap from recovery master.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
072ff4d12b8f34766120ddae888d772e97bca491)
Martin Schwenke [Fri, 27 Sep 2019 06:49:01 +0000 (16:49 +1000)]
ctdb-client: Factor out function client_db_tdb()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
439ef65d290357e513103530183091a9a6fed197)
Martin Schwenke [Tue, 30 Jul 2019 04:17:11 +0000 (14:17 +1000)]
ctdb-daemon: Implement DB_VACUUM control
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
41a41d5f3e2b8e16e25221e14939dc5962997ac7)
Martin Schwenke [Tue, 15 Oct 2019 05:36:44 +0000 (16:36 +1100)]
ctdb-vacuum: Only schedule next vacuum event if vacuuuming is scheduled
At the moment vacuuming is always scheduled.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
d462d64cdf001fd5d1cbf2a109df62e087ad0c49)
Martin Schwenke [Tue, 30 Jul 2019 04:16:13 +0000 (14:16 +1000)]
ctdb-daemon: Factor out code to create vacuuming child
This changes the behaviour for some failures from exiting to simply
attempting to schedule the next run.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
13cedaf0195c6bda3a3820aedb1ee65f36dfc23e)
Martin Schwenke [Fri, 4 Oct 2019 02:06:21 +0000 (12:06 +1000)]
ctdb-vacuum: Simplify recording of in-progress vacuuming child
There can only be one, so simplify the logic.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
5539edfdbe69d1d5f084d06753cce8ed6e524999)
Martin Schwenke [Tue, 30 Jul 2019 00:52:05 +0000 (10:52 +1000)]
ctdb-protocol: Add marshalling for control DB_VACUUM
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
496204feb0e2b6eb2f3d9a74e45596a3e74ad9b1)
Martin Schwenke [Tue, 30 Jul 2019 06:59:37 +0000 (16:59 +1000)]
ctdb-protocol: Add marshalling for struct ctdb_db_vacuum
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
a896486b62bbcf9915727ba7bfc768fb5383f0c7)
Martin Schwenke [Tue, 30 Jul 2019 00:34:03 +0000 (10:34 +1000)]
ctdb-protocol: Add new control CTDB_CONTROL_DB_VACUUM
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
b314835341e4028f0770fa7f9a37d2d21448ddfd)
Amitay Isaacs [Tue, 1 Oct 2019 05:05:10 +0000 (15:05 +1000)]
ctdb-vacuum: Avoid processing any more packets
All the vacuum operations if required have an event loop to ensure
completion of pending operations. Once all the steps are complete,
there is no reason to process any more packets.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
d0cc9edc05b6218a8e20a0a8009cbb9918ff4d02)