summaryrefslogtreecommitdiff
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
* s3:smbd: skip ctdb public ips in fsctl_network_iface_info()Stefan Metzmacher2020-07-081-0/+28
| | | | | | | | | | | | | Multi-Channel clients should not connect to ctdb public ip addresses (which move between nodes). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 8 17:16:40 UTC 2020 on sn-devel-184
* s3:smbd: disconnect the all client connections if a ctdb public ip droppedStefan Metzmacher2020-07-083-0/+36
| | | | | | | | | | | For now we keep it simple and any disconnect on a connection that used a ctdb public address, will disconnect all other remaining connections. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: make smbXsrv_client_connection_pass_loop() more robustStefan Metzmacher2020-07-081-9/+22
| | | | | | | | | Don't leak fds in the error paths. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: make sure smbXsrv_connection_disconnect_transport() closes the ↵Stefan Metzmacher2020-07-082-2/+7
| | | | | | | | | | | | socket fd I assumed that TALLOC_FREE(xconn->transport.fde) would close the socket, but until now we didn't use tevent_fd_set_auto_close(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: make sure we detect stale smbXsrv_connection pointers in ↵Stefan Metzmacher2020-07-082-0/+6
| | | | | | | | | | | | | | | | | | smbXsrv_session_auth0 Pointer values can be reused (yes, I hit that during my testing!). Introduce a channel_id to identify connections and also add some timestamps to make debugging easier. This makes smbXsrv_session_find_auth() much more robust. This is a similar change as 0cec96526bf4d3209caf36c4a19632ff5d5dd112: "smb2_server: make sure we detect stale smbXsrv_connection pointers in smbXsrv_channel_global" BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: fill in xconn->client early in smbd_add_connection()Stefan Metzmacher2020-07-081-2/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: handle NETWORK_ACCESS_DENIED in smbXsrv_client_connection_pass_loop()Stefan Metzmacher2020-07-081-0/+4
| | | | | | | | | | | | smbd_add_connection() may return a valid connection together with NT_STATUS_NETWORK_ACCESS_DENIED. We need additional cleanup for that case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: consistently use DLIST_ADD* to fill client->connections in ↵Stefan Metzmacher2020-07-081-1/+1
| | | | | | | | | | | | smbd_add_connection() We should not just overwrite the client->connections pointer if we reject the connection. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:ctdbd_conn: add ctdbd_control_get_public_ips() and ctdbd_find_in_public_ips()Stefan Metzmacher2020-07-083-0/+92
| | | | | | | | | | These will be used in the multi channel code in order to handle public ip addresses, which can move arround ctdb nodes. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:ctdbd_conn: make use of samba_sockaddr in ctdbd_connect()Stefan Metzmacher2020-07-081-9/+16
| | | | | | | | | | This avoids compiler warnings like this: dereferencing type-punned pointer might break strict-aliasing rules [-Wstrict-aliasing] BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:ctdbd_conn: make use of ctdbd_control_local() in ctdbd_register_ips()Stefan Metzmacher2020-07-081-4/+4
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: implement FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUTStefan Metzmacher2020-07-084-3/+98
| | | | | | | | | | | | This will be used by smbtorture in order to simulate channel failures without relying on iptables. 'smbd:FSCTL_SMBTORTURE = yes' is required in order to active this. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: make use of the new ack infrastructure for oplock/lease breaksStefan Metzmacher2020-07-081-17/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This finally implements the retry of failed oplock/lease breaks. Before smbd_smb2_break_send/recv completed directly after sendmsg() passed the pdu to the kernel. Now the completion is (at least) deferred until the the next smbXsrv_connection_ack_checker() run happens and smbd_smb2_send_queue_ack_bytes() found that all bytes of the break notification left the kernel send queue (and were TCP acked). If the connection is disconnected all pending break notifications are completed with an error, which is then returned by smbd_smb2_break_recv(). smbXsrv_pending_break_submit() will then submit another break notification via the next available connection/channel. The smbXsrv_connection_ack_checker() runs each rto_usecs (between 0.2s and 1.0s). smbd_smb2_break_send() will set a timeout of 6*rto_usecs (between 1.2s and 6s). If smbXsrv_connection_ack_checker() detects via smbd_smb2_send_queue_ack_bytes() that a pending break notification is pending for more than its timeout we'll disconnect the connection with NT_STATUS_IO_TIMEOUT. This will be handled as any other disconnect and will in turn also trigger the retry on the next channel. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: force multi-channel to be turned off without FreeBSD/Linux supportStefan Metzmacher2020-07-083-1/+30
| | | | | | | | | | | | | | | | | For now it's safer to disable multi-channel without having support for TIOCOUTQ/FIONWRITE on tcp sockets. Using a fixed retransmission timeout (rto) of 1 second would be ok, but we better require kernel support for requesting for unacked bytes in the kernel send queue. "force:server multi channel support = yes" can be used to overwrite the compile time restriction (mainly for testing). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: add infrastructure to wait for TCP acksStefan Metzmacher2020-07-083-1/+365
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will be the core of the logic that allows us to retry break notifications. When we start the "pending break cycle" we ask for the current retransmission timemout (rto) on the TCP connection and remember how many unacked bytes are in the kernel's send queue. Each time we send bytes into the kernel we add them to the unacked bytes. We use a timer using the rto interval in order to check the amount of unacked bytes again. The provides send_queu_entry.ack.req will be completed with tevent_req_done() when everything is completely acked, tevent_req_nterror(NT_STATUS_IO_TIMEOUT) when send_queu_entry.ack.timeout is expired or tevent_req_nterror(connection_error) when the connection gets disconnected. It works with support from the FreeBSD and Linux kernels. For other platforms we just have a fixed rto of 1 second. And pretend all bytes are acked when we recheck after 1 second. So only a connection error could trigger tevent_req_nterror(), but there's no timeout. A follow up commit will most likely disable support for multi-channel if we don't have kernel support. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: add logic to retry break notifications on all available channelsStefan Metzmacher2020-07-081-2/+116
| | | | | | | | | | | | | | | | For leases we need to use any available connection with the same client_guid. That means all connections in the client->connections list. We try the oldest connection first, as that's what windows is doing. For oplocks we implement the same as that's what the specification says. Windows behaves different and we have 'smb2 disable oplock break retry = yes' in order to behave like Windows. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: convert smbd_smb2_send_break() into async smbd_smb2_break_send/recv()Stefan Metzmacher2020-07-081-28/+91
| | | | | | | | | | | | | | This will make it possible to detect errors in order to retry sending the break on another connection. For now we always report NT_STATUS_OK, when we delivered the break notification to the kernel send queue. But that will change in the following commits. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: add smbd_smb2_send_queue.sendfile_body_sizeStefan Metzmacher2020-07-082-0/+2
| | | | | | | | | The following patches require the size of the full sendfile() pdu. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: introduce smbXsrv_pending_break infrastructureStefan Metzmacher2020-07-081-14/+67
| | | | | | | | | | | | This prepares support for oplock/lease break replay from the server to the client. We need some state in order to do replays later. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: avoid dereferencing client->connectionsStefan Metzmacher2020-07-084-9/+7
| | | | | | | | | There're typically better ways to get the same information. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: setup client->global->client_guid even without multichannel supportStefan Metzmacher2020-07-081-0/+6
| | | | | | | | | | It's too confusing if client->global->client_guid and client->connections->smb2.client.guid don't have the same value. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: pass down smbXsrv_client to smbd_smb2_send_{oplock,lease}_break()Stefan Metzmacher2020-07-084-18/+13
| | | | | | | | | Which connection is actually used should not matter to the main logic. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: pass smbXsrv_client to downgrade_lease()Stefan Metzmacher2020-07-083-10/+12
| | | | | | | | | | This prepares for multichannel support, where breaks are not bound to a single connection. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: add smbd_server_disconnect_client[_ex]()Stefan Metzmacher2020-07-082-0/+24
| | | | | | | | | | | | | | | | | | With multichannel things may not happen only on one connection. We may need to disconnect all connections of a client, when something bad happens. The first users of this will be the lease/oplock break code, if they are not able allocate memory or something similar we need to bail out. Having a special smbXsrv_client based function is better than calling exit_server*() directly. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: remove unused session,tcon parameters from ↵Stefan Metzmacher2020-07-083-28/+12
| | | | | | | | | | | | | smbd_smb2_send_oplock_break() They are no longer used. However we'll make use of op->compat->vuid in the next commits, as the session id should be part of oplock breaks. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: pass down session_id to smbd_smb2_send_break()Stefan Metzmacher2020-07-081-5/+12
| | | | | | | | | | Oplock break should contain a valid session id of the open file handle, as file handles are relative to a session. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: remove dead code from smbd_smb2_send_break()Stefan Metzmacher2020-07-081-55/+6
| | | | | | | | | | | Starting with commit 0a924d13cf4bb570cce3955cf0de9d8678b37dbe ("smbd: Send SMB2 oplock breaks unencrypted") we always passed in session=NULL and tcon=NULL. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:includes: change OPLOCK_BREAK_TIMEOUT from 30 to 35 secondsStefan Metzmacher2020-07-081-1/+1
| | | | | | | | | | | | This is what windows is using for normal oplock and lease breaks. Note that windows uses higher values for persistent handles, they use 60 seconds for oplocks and 180 seconds for leases. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:dbwrap_watch: avoid recursion into dbwrap_do_locked() from ↵Stefan Metzmacher2020-07-081-4/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | dbwrap_watched_do_locked_{storev,delete}() This avoids a lot of overhead! Using smbtorture3 //foo/bar -U% local-g-lock-ping-pong -o 500000 under valgrind --tool=callgrind... This change replaces this: 6,877,542,529 PROGRAM TOTALS 590,000,773 lib/tdb/common/lock.c:tdb_lock_list 479,000,608 lib/tdb/common/lock.c:tdb_unlock 446,500,532 lib/tdb/common/io.c:tdb_read 364,000,824 lib/tdb/common/hash.c:tdb_jenkins_hash 285,000,532 lib/tdb/common/io.c:tdb_write 262,054,669 /x86_64/multiarch/memmove-vec-unaligned-erms.S:__memcpy_avx_unaligned_erms 206,500,496 lib/tdb/common/mutex.c:tdb_mutex_lock 193,000,176 lib/tdb/common/tdb.c:tdb_find 160,000,256 lib/talloc/talloc.c:_talloc_get_type_abort 148,500,297 lib/tdb/common/tdb.c:tdb_storev 140,000,196 lib/tdb/common/lock.c:tdb_lock 130,000,858 lib/util/debug.c:debuglevel_get_class 128,003,722 lib/talloc/talloc.c:_talloc_free 128,000,118 lib/tdb/common/tdb.c:tdb_parse_record 126,000,576 lib/tdb/common/lock.c:tdb_brlock.part.3 121,000,272 lib/tdb/common/mutex.c:tdb_mutex_unlock 118,000,225 /nptl/pthread_mutex_lock.c:__pthread_mutex_lock_full 112,750,222 lib/tdb/common/freelist.c:tdb_allocate_from_freelist 108,500,168 lib/tdb/common/io.c:tdb_ofs_read 102,500,000 lib/tdb/common/io.c:tdb_parse_data by this: 5,706,522,398 PROGRAM TOTALS 434,000,617 lib/tdb/common/lock.c:tdb_lock_list 389,500,494 lib/tdb/common/io.c:tdb_read 359,000,488 lib/tdb/common/lock.c:tdb_unlock 285,000,532 lib/tdb/common/io.c:tdb_write 237,554,655 /x86_64/multiarch/memmove-vec-unaligned-erms.S:__memcpy_avx_unaligned_erms 208,000,668 lib/tdb/common/hash.c:tdb_jenkins_hash 206,500,496 lib/tdb/common/mutex.c:tdb_mutex_lock 160,000,256 lib/talloc/talloc.c:_talloc_get_type_abort 148,500,297 lib/tdb/common/tdb.c:tdb_storev 136,000,132 lib/tdb/common/tdb.c:tdb_find 130,000,858 lib/util/debug.c:debuglevel_get_class 126,000,576 lib/tdb/common/lock.c:tdb_brlock.part.3 121,000,272 lib/tdb/common/mutex.c:tdb_mutex_unlock 118,000,225 /nptl/pthread_mutex_lock.c:__pthread_mutex_lock_full 112,750,222 lib/tdb/common/freelist.c:tdb_allocate_from_freelist 112,000,168 lib/tdb/common/lock.c:tdb_lock 94,500,154 lib/tdb/common/io.c:tdb_ofs_read 94,000,188 /nptl/pthread_mutex_unlock.c:__pthread_mutex_unlock_full 86,000,086 lib/dbwrap/dbwrap.c:dbwrap_lock_order_lock 83,000,083 lib/dbwrap/dbwrap_tdb.c:db_tdb_do_locked time smbtorture3 //foo/bar -U% local-g-lock-ping-pong -o 5000000 gives: 902834 locks/sec real 0m11,103s user 0m8,233s sys 0m2,868s vs. 1037262 locks/sec real 0m9,685s user 0m6,788s sys 0m2,896s Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Jul 8 11:02:39 UTC 2020 on sn-devel-184
* s3:locking: convert share_mode_lock.c to generate_unique_u64()Stefan Metzmacher2020-07-082-16/+15
| | | | | | | | | | | | | | Instead of a sequence number that gets incremented we just need a value that's not reused. The is a similar change like the commit before at the g_lock.c layer. I expect a similar performance improvement here, but I don't know a specific benchmark test to check. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3:g_lock: avoid very expensive generate_random_buffer() in g_lock_parse()Stefan Metzmacher2020-07-081-19/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We don't require a sequence number that is incremented, we just need a value that's not reused. We use the new generate_unique_u64(), which is much cheaper! Using smbtorture3 //foo/bar -U% local-g-lock-ping-pong -o 500000 under valgrind --tool=callgrind... This change replaces this: 13,129,925,659 PROGRAM TOTALS 4,125,752,958 ???:_nettle_sha256_compress [/usr/lib/x86_64-linux-gnu/libnettle.so.6.4] 1,257,005,866 ???:_nettle_aes_encrypt [/usr/lib/x86_64-linux-gnu/libnettle.so.6.4] 590,000,773 bin/default/../../lib/tdb/common/lock.c:tdb_lock_list 571,503,429 ???:_nettle_aes_set_key [/usr/lib/x86_64-linux-gnu/libnettle.so.6.4] 479,000,608 bin/default/../../lib/tdb/common/lock.c:tdb_unlock ... by this: 6,877,826,377 PROGRAM TOTALS 590,000,773 bin/default/../../lib/tdb/common/lock.c:tdb_lock_list 479,000,608 bin/default/../../lib/tdb/common/lock.c:tdb_unlock ... 12,500,033 bin/default/../../lib/util/genrand_util.c:generate_unique_u64 ... 8,996,970 ???:_nettle_sha256_compress [/usr/lib/x86_64-linux-gnu/libnettle.so.6.4] time smbtorture3 //foo/bar -U% local-g-lock-ping-pong -o 5000000 gives: 537426 locks/sec real 0m19,071s user 0m15,061s sys 0m3,999s vs. 900956 locks/sec real 0m11,155s user 0m8,293s sys 0m2,860s Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3:smbcacls: Add support for DFS pathAnubhav Rakshit2020-07-071-4/+19
| | | | | | | | | | | | | | | | | smbcacls does not handle DFS paths correctly. This is beacuse once the command encounters a path which returns STATUS_PATH_NOT_COVERED, it does not attempt a GET REFERRAL. We use cli_resolve_path API to perform a DFS path resolution to solve the above problem. Additionally this removes the known fail against smbcacls tests Signed-off-by: Anubhav Rakshit <anubhav.rakshit@gmail.com> Reviewed-by: Noel Power <noel.power@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jul 7 23:03:00 UTC 2020 on sn-devel-184
* s3:wscript: vfs_gpfs needs kernel oplock supportStefan Metzmacher2020-07-071-1/+1
| | | | | | | | | | | | | | | It uses symbols, which are only available if we have HAVE_KERNEL_OPLOCKS_LINUX defined. This is not the case when building withing the Windows Subsystem for Liux (WSL). So we better don't try to build the vfs_gpfs module there. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Jul 7 09:37:37 UTC 2020 on sn-devel-184
* s3:smbd: check for stale pid in delay_for_oplock_fn() when leases_db_get() failsStefan Metzmacher2020-07-071-1/+36
| | | | | | | | | | | | | | | | | | If leases_db_get() failed the leases_db record might have been cleaned up for stale processes. Check if the share-mode-entry owner is stale in this case and return ignore the entry. In any other case, log a debug messages and panic. Commit 05d4466a6d1ad048fa86aea09ec0a56a7b961369 "smbd: check for stale pid in get_lease_type()" fixed only one half of this. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jul 7 02:47:46 UTC 2020 on sn-devel-184
* s3:leases: log errors with level 0 in leases_db_do_locked_fn()Stefan Metzmacher2020-07-071-4/+4
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: check for stale pid in get_lease_type()Ralph Boehme2020-07-021-2/+18
| | | | | | | | | | | | | If leases_db_get() failed the leases_db record might have been cleaned up for stale processes. Check if the share-mode-entry owner is stale in this case and return a 0 lease state. In any other case, log a debug messages and panic. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jul 2 16:45:42 UTC 2020 on sn-devel-184
* smbd: let get_lease_type() take a non-const share_mode_entryRalph Boehme2020-07-022-2/+2
| | | | | | | | | | We're going to add a call to share_entry_stale_pid(share_mode_entry) which takes a non-const pointer (in order to eventually set e->state = true). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* smbd: inverse if/else logic in get_lease_type()Ralph Boehme2020-07-021-17/+17
| | | | | | | | | No change in behaviour. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3/leases: log NDR decoding failure with level 0 in leases_db_get_fn()Ralph Boehme2020-07-021-2/+2
| | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Ralph Boehme <slow@samba.org>
* smbd: increase loglevel when leases_db_del() with anything then ↵Ralph Boehme2020-07-021-2/+7
| | | | | | | | | NT_STATUS_NOT_FOUND BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:smbd: make sure vfs_ChDir() always sets conn->cwd_fsp->fh->fd = AT_FDCWDStefan Metzmacher2020-07-021-0/+35
| | | | | | | | | This is what all consumers of conn->cwd_fsp->fh->fd expect! BUG: https://bugzilla.samba.org/show_bug.cgi?id=14427 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s3:smbd: reformat if statement for caching in vfs_ChDir()Stefan Metzmacher2020-07-021-2/+3
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14427 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s3:winbind:idmap_ad - make failure to get attrnames for schema mode fatalAndrew2020-07-021-0/+8
| | | | | | | | | | Add check for failure to resolve the OID array for the schema mode into names. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14425 Signed-off-by: Andrew <awalker@ixsystems.com> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* pdb_dsdb: Fix typosVolker Lendecke2020-07-021-3/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* s3: libsmb: Fix SMB2 client rename bug to a Windows server.Jeremy Allison2020-07-011-2/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix bug where renaming to a target name of one UCS2 character (name length 2 bytes) fails to a Windows 10 SMB2 server. The Windows 10 SMB2 server has a minimum length for a SMB2_FILE_RENAME_INFORMATION buffer of 24 bytes. It returns NT_STATUS_INFO_LENGTH_MISMATCH if the length is less. This isn't an alignment issue as Windows client happily 2-byte align for larget target name sizes. Also the Windows 10 SMB1 server doesn't have this restriction. If the name length is too short, pad out with zeros to 24 bytes. Hard to add a test for this as we don't want to add this silly restriction to the Samba server as it would break all non-Windows clients. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14403 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 1 18:59:53 UTC 2020 on sn-devel-184
* tls: Use NORMAL:-VERS-SSL3.0 as the default configurationAndreas Schneider2020-07-011-7/+1
| | | | | | | | | | | | | | | This seems to be really broken in GnuTLS and the documentation is also not correct. This partially reverts 53e3a959b958a3b099df6ecc5f6e294e96bd948e BUG: https://bugzilla.samba.org/show_bug.cgi?id=14408 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jul 1 14:56:33 UTC 2020 on sn-devel-184
* share_mode_lock.c: initialize out paramIsaac Boukris2020-06-301-3/+3
| | | | | | | | | | | detected by covscan: source3/locking/share_mode_lock.c:1563:6: warning: Branch condition evaluates to a garbage value Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: David Mulder <dmulder@suse.com> Autobuild-User(master): Isaac Boukris <iboukris@samba.org> Autobuild-Date(master): Tue Jun 30 09:42:33 UTC 2020 on sn-devel-184
* s3:smbd: fix the handling of the durable_v2_timeoutStefan Metzmacher2020-06-271-1/+1
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jun 27 05:42:05 UTC 2020 on sn-devel-184
* s3:smb2_lock: implement lock_sequence replay detectionStefan Metzmacher2020-06-271-0/+112
| | | | | | | | | | | | | | | | | | | | | | | | | While windows enables it only for resilient and persistent handles a SMB server SHOULD (according to MS-SMB2 section 3.3.5.14 ) activate processing of lock sequence numbers: ... if Open.IsResilient or Open.IsDurable or Open.IsPersistent is TRUE or if Connection.Dialect belongs to the SMB 3.x dialect family and Connection.ServerCapabilities includes SMB2_GLOBAL_CAP_MULTI_CHANNEL ... We only support durable handles or multichannel, so we only implement these according to the specification. But we have 'smb2 disable lock sequence checking = yes' to force to match the Windows Server bahavior, which only supports this for resilient and persistent handles. Pair-Programmed-With: Michael Adam <obnox@samba.org> Pair-Programmed-With: Guenther Deschner <gd@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_lock: pass in_lock_sequence to smbd_smb2_lock_send()Stefan Metzmacher2020-06-271-1/+10
| | | | | | | | | | Take the value from the client if the dialect is SMB2_10 or higher, otherwise default to 0. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
View Lorry Controller Status