| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
CVE-2017-2619: Symlink race allows access outside share definition.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
|
| |
CVE-2017-2619: Symlink race allows access outside share definition.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
|
|
| |
utility function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
|
|
| |
existing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
|
|
| |
not supported on system.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
|
|
| |
just before retuning success.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
|
|
| |
Hardens OpenDir against TOC/TOU races.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
|
|
| |
failed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
|
|
| |
for making robust.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
|
|
| |
SMB2_CONTINUE_FLAG_REOPEN flag
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
|
|
|
| |
dptr_CloseDir() will close and invalidate the fsp's file descriptor, we
have to reopen it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12496
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
|
|
|
|
|
|
|
| |
and re-enable GIT_SNAPSHOTS.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit 520e1a58e1598f412698a38b7af2d6c2015ba056)
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
| |
Signed-off-by: Karolin Seeger <kseeger@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
requests
This is important for some applications to detect the
NT_STATUS_PASSWORD_MUST_CHANGE condition correctly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9048
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 81ccdad9d045a7a6d6a569d1685bb0bf4e64d12a)
Autobuild-User(v4-5-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-5-test): Tue Mar 7 12:29:45 CET 2017 on sn-devel-144
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9048
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 4738754e7d7216f6acf790827459bb5da6b0a110)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the send queue grows greater than xconn->smb2.credits.max/16,
smbd_smb2_request_next_incoming() doesn't allocate a new request in state->req.
After smbd_smb2_io_handler() is called, it marks the fd not readable as
state->req == NULL, and never marks it readable again.
Fix by calling smbd_smb2_request_next_incoming() to restart
reads inside smbd_smb2_flush_send_queue() which drains the
send queue.
Reported by <chen.yehua@h3c.com>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12608
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Mar 3 02:23:20 CET 2017 on sn-devel-144
(cherry picked from commit 1e0c79ddb34be9a2b9fa92d35387c443c4a381ae)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 0392ebcd1d48e9f472f2148b85316a77d9cc953b effectively
disabled the enumeration of trusts in other forests.
The fixes for https://bugzilla.samba.org/show_bug.cgi?id=11691
changed the way we fill domain->domain_flags for domains
in other forests.
Commit fffefe72fcc62d9688b45f53a5327667dc0b2fe6 readded the
ability to enumerate trusts of other forests again, in order to
fix https://bugzilla.samba.org/show_bug.cgi?id=11830
Now we have the problem that multiple domains
(even outside of our forest) are considert to be
our forest root, as they have the following flags:
NETR_TRUST_FLAG_TREEROOT and NETR_TRUST_FLAG_IN_FOREST.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12605
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Mar 2 17:53:14 CET 2017 on sn-devel-144
(cherry picked from commit f9aaddcdd8f9ea648c9c5ea804f56ee3ff6c4c67)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apple's SMB2 AAPL extension is enabled once per SMB2
connection. Unfortunately the (per se correct) fix for bug #12541
results in vfs_fruit checking a per tcon config state variable to
determine whether AAPL has been negotiated. This variable will be false
for all but the first tcon. We must make it a global variable.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12604
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Thu Mar 2 04:34:10 CET 2017 on sn-devel-144
(cherry picked from commit 41204a4972ea62b7b656ad81e24bd052990f7e87)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vfs_fruit only creates AppleDouble files itself when "fruit:resource" is
set to "file" (the default). It is only then the these AppleDouble files
should be treated as an internal representation and should be
inaccessible from clients.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12526>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 708767da8c366c021d6d15a3ae71d009357c3320)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This ensures a stream with illegal NTFS characters mapped to the Unicode
private range like
:foo\xef\x80\xa2bar:$DATA
that is stored as an xattr name
user.DosStream.foo:bar:$DATA
if "fruit:encoding = native" is set, is copied by the special fruit
copy_chunk request.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit c7a79a9b35225f41eeae961ab340882c7d49f0c4)
|
|
|
|
|
|
|
|
|
|
|
| |
This is also supposed to be valid in the VFS stack, so there's no need
to re-stat here.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit ffa727f33b06e71403303b53797a068f455b22f8)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 8b7e88f368ce793699fc57272e74d0815219a250)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit a2afd61906fbf36f75b2054abfd7384f220a14e3)
|
|
|
|
|
|
|
|
|
|
|
| |
Not used for now, but the next commit will add a test that makes use of
this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit bac79eac093e042f22a77fa8e468f8c92bb3c113)
|
|
|
|
|
|
|
|
|
|
|
|
| |
torture_suite_add_2ns_smb2_test wan't used, change it to use the default
share as share 1 and a second share taken from torture option
"torture:share2".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 08dc5b4673a955f365095824275e67b2ea8fc31e)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit b302444f5b0675f0cb0f26fa2ad53e298067f7ab)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit c8baf2760ad51a7739084a8e2617c58c287b651e)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 49723151b2107553559c397adadda90f7c4806f7)
|
|
|
|
|
|
|
|
|
|
| |
Verify IO on the resource fork works after a rename of the basefile.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 8ae4539e47bcaa37d5a052eaf443a95287d851e1)
|
|
|
|
|
|
|
|
|
|
| |
All the other tests ignore the return value of smb2_util_unlink().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit f555c2318eb06d1ceef32423dba9cd1a7c76f956)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 3227b891fcdd912b0c09398fed751fe8b53d01c9)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 9975c7569cf5af74c25ac03985a7c409164ac2ce)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit f7b0982826b58cfcdaf8782e15c2440f31a45ba2)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit d9ab40e0834c074ea26460347b035c52eb5eb0d7)
|
|
|
|
|
|
|
|
|
|
| |
vfs.fruit_netatalk
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit cc885223d79a7e8eb2177a351b745dceec0c9f5a)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 51189bd4758a140bad6abf3300c931302432a687)
|
|
|
|
|
|
|
|
|
|
| |
Use struct fio to denote a fsp handle is for a stream we care about.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit cc88132854ed47510e056ed451ed376770ee301e)
|
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit b3c0f785d753b26404f67acf8061be1cafde79a9)
|
|
|
|
|
|
|
|
|
|
| |
Use struct fio to denote a fsp handle is for a stream we care about.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit ae6199c5ef9022518a709bb9aff20b8b2d83e456)
|
|
|
|
|
|
|
|
|
|
| |
Use struct fio to denote a fsp handle is for a stream we care about.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit fcb9c840d7d082457c3136a44a23b489c98b0327)
|
|
|
|
|
|
|
|
|
|
| |
Use struct fio to denote a fsp handle is for a stream we care about.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 6537c56de5dae8a1d193a949910296aea1cb6a4e)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o factor out ad_open(), opens an fd to be used with IO on the metadata
streams
o rename ad_write() to ad_set() as this aligns nicely with the existing
ad_get. This is the pathname based version used to solely set metadata
on a file, there's also a handle based version:
o add ad_fset(), a handle based version that can be used to set metadata
and to update the AppleDouble header in a ._ AppleDouble file
o remove fruit_fsp_recheck(), looking at it more closely, it is not
needed
This commit *compiles*, but all callers in the VFS ops must now be
updated to use the new semantics, this comes next...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(backported from commit 1d1203574328570288806fffefabb550ecc4e95d)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The next commits will completely change handle based VFS ops. This
couldn't be done in a piecemeal fashion, I had to wipe the slate clean.
Disabling tests in order to not break git bisects.
Tests will be reenabled after a few commits that apply the larger change
in a somewhat digestible fashion.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 8703b8ef9d54c841d9da3f94b81195f247873dea)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Applying fcntl read locks requires an fd opened for reading. This means
we have to check the open flags of an fd and if the fd is not opened for
reading, we can't use it to set shared fctnl locks.
Iow we won't be applying interop locks with Netatalk for files openend
write-only.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12427
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
(cherry picked from commit 41a2b2f5cdf751e17bde60e5cfbe395450e67485)
|