[Pkg-samba-maint] [Git][samba-team/samba][master] 50 commits: VERSION: Bump version up to Samba 4.16.5...
Michael Tokarev (@mjt)
gitlab at salsa.debian.org
Thu Sep 8 10:46:49 BST 2022
Michael Tokarev pushed to branch master at Debian Samba Team / samba
Commits:
ae097717 by Jule Anger at 2022-07-27T12:49:29+02:00
VERSION: Bump version up to Samba 4.16.5...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger <janger at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
5fd138ad by Ralph Boehme at 2022-07-31T18:09:11+00:00
mdssvc: convert mds_init_ctx() to return NTSTATUS
No change in behavour. In preperation for returning a special error to signal
the caller that spotlight is disabled for a share.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
(cherry picked from commit 72468166b250de26747071cbbf3613c016ebfd42)
- - - - -
5598ddaa by Ralph Boehme at 2022-07-31T18:09:11+00:00
CI: fix check for correct mdsvc resonse when connecting to a share with Spotlight disabled
A Mac SMB server returns an all zero handle and an empty path if Spotlight is
disabled on a share. We must return the exact same error return in order to
trigger client-side searching.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086
pcap: https://www.samba.org/~slow/pcaps/mac-bigsur-smbserver-spotlight-disabled.pcapng.gz
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
(backported from commit 8e997bd6e9250499fd8e569d708edc29e304a0e8)
[slow at samba.org: conflicts in tests.py caused by unrelated tests]
- - - - -
e10ce26d by Ralph Boehme at 2022-07-31T18:09:11+00:00
mdssvc: return all-zero policy handle if spotlight is disabled
A Mac SMB server returns an all zero handle and an empty path if Spotlight is
disabled on a share. We must return the exact same error return in order to
trigger client-side searching.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086
pcap: https://www.samba.org/~slow/pcaps/mac-bigsur-smbserver-spotlight-disabled.pcapng.gz
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Tue Jul 12 15:42:52 UTC 2022 on sn-devel-184
(cherry picked from commit 23e6e50c0f82b997dea4a67069f65252045514c0)
- - - - -
529e8616 by Andreas Schneider at 2022-07-31T19:14:59+00:00
s3:rpcclient: Goto done in cmd_samr_setuserinfo_int()
We need to free the frame or we will run into:
smb_panic (why=0x7fa8c511aa88 "Frame not freed in order.")
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15124
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 2b32d932223e61935fc530eff1c05034ff817e21)
Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-16-test): Sun Jul 31 19:14:59 UTC 2022 on sn-devel-184
- - - - -
b75b5f60 by Michael Tokarev at 2022-08-08T10:32:22+00:00
s3/util/py_net.c: fix samba-tool domain join&leave segfault
We process python args using PyArg_ParseTupleAndKeywords(), and use "p"
type modifier there. According to documentation, this type modifier,
while works for a boolean type, expects an argument of type int. But in
py_net_join_member() and py_net_leave() we use argument of type uint8_t
(no_dns_update, keep_account, r->in.debug). So when PyArg_ParseTupleAndKeywords()
tries to assign a value to &no_dns_update, it updates subsequent, unrelated bytes
too, - which ones depends on the stack and structure layout used by the compiler.
Fix this by using int type for all relevant variables, and by introducing proxy
variable "debug" (of the same type) for r->in.debug.
While at it, also ensure all variables have sensible default values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15078
Signed-off-by: Michael Tokarev <mjt at tls.msk.ru>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed May 25 06:19:32 UTC 2022 on sn-devel-184
(backported from commit 976326fa2b6423ac5866af682605cf7584e4991a,
cherry-pick -x with BUG: line added)
Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-16-test): Mon Aug 8 10:32:22 UTC 2022 on sn-devel-184
- - - - -
f33ad1c1 by Joseph Sutton at 2022-08-23T07:45:16+00:00
libcli/smb: Ensure we call tevent_req_nterror() on failure
Commit 3594c3ae202688fd8aae5f7f5e20464cb23feea9 added a NULL check for
'inhdr', but it meant we didn't always call tevent_req_nterror() when we
should.
Now we handle connection errors. We now also set an error status if the
NULL check fails.
I noticed this when an ECONNRESET error from a server refusing SMB1
wasn't handled, and the client subsequently hung in epoll_wait().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15152
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 40d4912d841e6bcd7cd37810ef101d5f89268ee7)
- - - - -
f6afc5b3 by Joseph Sutton at 2022-08-23T07:45:16+00:00
libcli/smb: Set error status if 'iov' pointer is NULL
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15152
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Aug 22 09:03:29 UTC 2022 on sn-devel-184
(cherry picked from commit 75e03ea021afa66842b6e0dea21072b1b8026d58)
- - - - -
19f285e0 by Stefan Metzmacher at 2022-08-23T07:45:16+00:00
s3:smbd: share_mode_flags_set() takes SMB2_LEASE_* values
We currently only ever pass SMB2_LEASE_READ and both
have the same value of 0x1, so for now it's only cosmetic,
but that will change soon.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15148
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 7592aad4d7a84d0ac66a156a22af3ad77803e55c)
- - - - -
b910d9f6 by Stefan Metzmacher at 2022-08-23T07:45:16+00:00
s4:torture/smb2: add smb2.lease.v[1,2]_bug_15148
This demonstrates the bug that happens with a
write to a file handle holding an R lease,
while there are other openers without any lease.
When one of the other openers writes to the file,
the R lease of the only lease holder isn't broken to NONE.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15148
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 9e5ff607eb1b9c45c8836d3cff9d51b418740b87)
- - - - -
9cb40437 by Stefan Metzmacher at 2022-08-23T07:45:16+00:00
s3:smbd: only clear LEASE_READ if there's no read lease is left
If contend_level2_oplocks_begin_default() skips break it's
own lease, we should not clear SHARE_MODE_LEASE_READ
in share_mode_data->flags.
Otherwise that lease won't see any lease break notifications
for writes from other clients (file handles not using the same lease
key).
So we need to count the number existing read leases (including
the one with the same lease key) in order to know it's
safe to clear SMB2_LEASE_READ/SHARE_MODE_LEASE_READ.
Otherwise the next run (likely from another client)
will get the wrong result from file_has_read_lease().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15148
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Aug 18 19:41:33 UTC 2022 on sn-devel-184
(cherry picked from commit 96e2a82760ea06a89b7387b5cd3e864732afded3)
- - - - -
56e1a9fc by Jeremy Allison at 2022-08-23T07:45:16+00:00
s3/smbd: Use after free when iterating smbd_server_connection->connections
In SMB2 smbd_smb2_tree_connect() we create a new conn struct
inside make_connection_smb2() then move the ownership to tcon using:
tcon->compat = talloc_move(tcon, &compat_conn);
so the lifetime of tcon->compat is tied directly to tcon.
Inside smbXsrv_tcon_disconnect() we have:
908 ok = chdir_current_service(tcon->compat);
909 if (!ok) {
910 status = NT_STATUS_INTERNAL_ERROR;
911 DEBUG(0, ("smbXsrv_tcon_disconnect(0x%08x, '%s'): "
912 "chdir_current_service() failed: %s\n",
913 tcon->global->tcon_global_id,
914 tcon->global->share_name,
915 nt_errstr(status)));
916 tcon->compat = NULL;
917 return status;
918 }
919
920 close_cnum(tcon->compat, vuid);
921 tcon->compat = NULL;
If chdir_current_service(tcon->compat) fails, we return status without ever having
called close_cnum(tcon->compat, vuid), leaving the conn pointer left in the linked
list sconn->connections.
The caller frees tcon and (by ownership) tcon->compat, still leaving the
freed tcon->compat pointer on the sconn->connections linked list.
When deadtime_fn() fires and walks the sconn->connections list it
indirects this freed pointer. We must call close_cnum() on error also.
Valgrind trace from Noel Power <noel.power at suse.com> is:
==6432== Invalid read of size 8
==6432== at 0x52CED3A: conn_lastused_update (conn_idle.c:38)
==6432== by 0x52CEDB1: conn_idle_all (conn_idle.c:54)
==6432== by 0x5329971: deadtime_fn (smb2_process.c:1566)
==6432== by 0x5DA2339: smbd_idle_event_handler (util_event.c:45)
==6432== by 0x685F2F8: tevent_common_invoke_timer_handler (tevent_timed.c:376)
==6432== Address 0x19074b88 is 232 bytes inside a block of size 328 free'd
==6432== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==6432== by 0x5B38521: _tc_free_internal (talloc.c:1222)
==6432== by 0x5B39463: _tc_free_children_internal (talloc.c:1669)
==6432== by 0x5B38404: _tc_free_internal (talloc.c:1184)
==6432== by 0x5B39463: _tc_free_children_internal (talloc.c:1669)
==6432== by 0x5B38404: _tc_free_internal (talloc.c:1184)
==6432== by 0x5B39463: _tc_free_children_internal (talloc.c:1669)
==6432== by 0x5B38404: _tc_free_internal (talloc.c:1184)
==6432== by 0x5B39463: _tc_free_children_internal (talloc.c:1669)
==6432== by 0x5B38404: _tc_free_internal (talloc.c:1184)
==6432== by 0x5B385C5: _talloc_free_internal (talloc.c:1248)
==6432== by 0x5B3988D: _talloc_free (talloc.c:1792)
==6432== by 0x5349B22: smbd_smb2_flush_send_queue (smb2_server.c:4828)
==6432== Block was alloc'd at
==6432== at 0x4C332EF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==6432== by 0x5B378D9: __talloc_with_prefix (talloc.c:783)
==6432== by 0x5B37A73: __talloc (talloc.c:825)
==6432== by 0x5B37E0C: _talloc_named_const (talloc.c:982)
==6432== by 0x5B3A8ED: _talloc_zero (talloc.c:2421)
==6432== by 0x539873A: conn_new (conn.c:70)
==6432== by 0x532D692: make_connection_smb2 (smb2_service.c:909)
==6432== by 0x5352B5E: smbd_smb2_tree_connect (smb2_tcon.c:344)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15128
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
(cherry picked from commit 0bdfb5a5e60df214c088df0782c4a1bcc2a4944a)
- - - - -
d1bc0d0b by Jeremy Allison at 2022-08-23T07:45:16+00:00
s3/smbd: Use after free when iterating smbd_server_connection->connections
Change conn_free() to just use a destructor. We now
catch any other places where we may have forgetten to
call conn_free() - it's implicit on talloc_free(conn).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15128
Based on code from Noel Power <noel.power at suse.com>.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Wed Aug 17 09:54:06 UTC 2022 on sn-devel-184
(cherry picked from commit f92bacbe216d2d74ea3ccf3fe0df5c1cc9860996)
- - - - -
706c64c6 by Jeremy Allison at 2022-08-23T07:45:16+00:00
s3: smbd: Add "enum file_close_type close_type" parameter to close_cnum().
Not yet used, but needed so we can differentiate between
SHUTDOWN_CLOSE and ERROR_CLOSE in smbXsrv_tcon_disconnect()
if we fail to chdir. In that case we want to close the fd,
but not run any delete-on-close actions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15128
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
(cherry picked from commit 9203d17106c0e55a30813ff1ed76869c7581a343)
[npower at samba.org Adjusted for 4.15 filename change
smb2-service.c -> service.c]
- - - - -
a5cf33d4 by Jeremy Allison at 2022-08-23T07:45:16+00:00
s3: smbd: Add "enum file_close_type close_type" parameter to file_close_conn().
Not yet used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15128
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
(cherry picked from commit 7005a6354df5522d9f665fb30052c458dfc93124)
[npower at samba.org Adjusted for 4.15 filename change
smb2-service.c -> service.c]
- - - - -
ce464a83 by Jeremy Allison at 2022-08-23T07:45:16+00:00
s3: smbd: Plumb close_type parameter through close_file_in_loop(), file_close_conn()
Allows close_file_in_loop() to differentiate between SHUTDOWN_CLOSE
(previously it only used this close type) and ERROR_CLOSE - called
on error from smbXsrv_tcon_disconnect() in the error path. In that
case we want to close the fd, but not run any delete-on-close actions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15128
Signed-off-by: Jeremy Allison <jra at samba.org>
Reivewed-by: Noel Power <npower at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Thu Aug 18 14:10:18 UTC 2022 on sn-devel-184
(cherry picked from commit cf5f7b1489930f6d64c3e3512f116ccf286d4605)
- - - - -
df7d6f0c by Andreas Schneider at 2022-08-23T08:53:41+00:00
lib:replace: Only include <sys/mount.h> on non-Linux systems
Details at:
https://sourceware.org/glibc/wiki/Release/2.36#Usage_of_.3Clinux.2Fmount.h.3E_and_.3Csys.2Fmount.h.3E
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15132
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 766151bf5b7ef95ae4c8c98b8994e5c21c5bbec0)
Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-16-test): Tue Aug 23 08:53:41 UTC 2022 on sn-devel-184
- - - - -
3160ff28 by Volker Lendecke at 2022-09-06T07:54:13+00:00
smbd: Introduce fsp_is_alternate_stream()
To me this is more descriptive than "fsp->base_fsp != NULL". If this
turns out to be a performance problem, I would go and make this a
static inline in smbd/proto.h.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(backported from commit 21b380ca133417df096e2b262a5da41faff186ea)
[slow at samba.org: only backport the function, skip all changed callers]
- - - - -
20a425fc by Volker Lendecke at 2022-09-06T07:54:13+00:00
smbd: Introduce metadata_fsp()
Centralize the pattern
if (fsp->base_fsp != NULL) {
fsp = fsp->base_fsp;
}
with a descriptive name.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(backported from commit ac58b0b942cd73210100ee346816a0cf23900716)
[slow at samba.org: only backport the function, skip all updated callers]
- - - - -
56ab8361 by Ralph Boehme at 2022-09-06T07:54:13+00:00
smdb: use fsp_is_alternate_stream() in open_file()
No change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 0d3995cec10c5fae8c8b6a1df312062e38437e6f)
- - - - -
b83ff125 by Ralph Boehme at 2022-09-06T07:54:13+00:00
vfs_xattr_tdb: move close_xattr_db()
This just makes the diff of the next commit smaller and easier to digest.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit b26dc252aaf3f4b960bdfdb6a3dfe612b89fcdd5)
- - - - -
6d66f432 by Ralph Boehme at 2022-09-06T07:54:13+00:00
vfs_xattr_tdb: add a module config
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 451ad315a9bf32c627e1966ec30185542701c87e)
- - - - -
00ce8398 by Ralph Boehme at 2022-09-06T07:54:13+00:00
vfs_xattr_tdb: add "xattr_tdb:ignore_user_xattr" option
Allows passing on "user." xattr to the backend. This can be useful for testing
specific aspects of operation on streams when "streams_xattr" is configured as
stream filesystem backend.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 92e0045d7ca7c0b94efd0244ba0e426cad0a05b6)
- - - - -
3e656622 by Ralph Boehme at 2022-09-06T07:54:13+00:00
CI: add a test trying to delete a stream on a pathref ("stat open") handle
When using vfs_streams_xattr, for a pathref handle of a stream the system fd
will be a fake fd created by pipe() in vfs_fake_fd().
For the following callchain we wrongly pass a stream fsp to
SMB_VFS_FGET_NT_ACL():
SMB_VFS_CREATE_FILE(..., "file:stream", ...)
=> open_file():
if (open_fd):
-> taking the else branch:
-> smbd_check_access_rights_fsp(stream_fsp)
-> SMB_VFS_FGET_NT_ACL(stream_fsp)
This is obviously wrong and can lead to strange permission errors when using
vfs_acl_xattr:
in vfs_acl_xattr we will try to read the stored ACL by calling
fgetxattr(fake-fd) which of course faild with EBADF. Now unfortunately the
vfs_acl_xattr code ignores the specific error and handles this as if there was
no ACL stored and subsequently runs the code to synthesize a default ACL
according to the setting of "acl:default acl style".
As the correct access check for streams has already been carried out by calling
check_base_file_access() from create_file_unixpath(), the above problem is not
a security issue: it can only lead to "decreased" permissions resulting in
unexpected ACCESS_DENIED errors.
The fix is obviously going to be calling
smbd_check_access_rights_fsp(stream_fsp->base_fsp).
This test verifies that deleting a file works when the stored NT ACL grants
DELETE_FILE while the basic POSIX permissions (used in the acl_xattr fallback
code) do not.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 23bc760ec5d61208c2d8778991e3d7e202eab352)
- - - - -
9823e919 by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbd: use metadata_fsp() with SMB_VFS_FGET_NT_ACL()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(backported from commit c949e4b2a42423ac3851e86e489fd0c5d46d7f1f)
[slow at samba.org: context mismatch due to smbd_check_access_rights_fname() call in master]
- - - - -
11947a8e by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 4ab29e2a345b48ebba652d5154e96adf954a6757)
- - - - -
eab9c65b by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbd: use metadata_fsp() with SMB_VFS_FGET_DOS_ATTRIBUTES()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 03b9ce84736d536ab2dd8a5ce1a2656e6a90c8c8)
- - - - -
39129be4 by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbd: use metadata_fsp() with SMB_VFS_FSET_DOS_ATTRIBUTES()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 55e55804bb2d0f21c1bbe207257bb40555f3b7a2)
- - - - -
8d0581a8 by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbd: ignore request to set the SPARSE attribute on streams
As per MS-FSA 2.1.1.5 this is a per stream attribute, but our backends don't
support it in a consistent way, therefor just pretend success and ignore the
request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 3af8f8e8741cc8c889bbf416ccd38a1b702917ec)
- - - - -
2ae30934 by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbd: use metadata_fsp() in get_acl_group_bits()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(backported from commit 06555c6bcb5644fc9eea35b3cbae8d8801c65ab6)
[slow at samba.org: metadata_fsp(fsp) -> metadata_fsp(smb_fname->fsp)]
- - - - -
06b54381 by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbd: skip access checks for stat-opens on streams in open_file()
For streams, access is already checked in create_file_unixpath() by
check_base_file_access().
We already skip the access check in this function when doing an IO open of a
file, see above in open_file(), also skip it for "stat opens".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(backported from commit f0299abf1b28a14518328710d9f84bef17fd2ecf)
[slow at samba.org: smbd_check_access_rights_fsp(dirfsp) -> smbd_check_access_rights_fsp(parent_dir->fsp)]
- - - - -
e661087a by Ralph Boehme at 2022-09-06T07:54:13+00:00
vfs_streams_xattr: restrict which fcntl's are allowed on streams
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 51243e3849736acbbf1d8f52cc02cdec5995fde4)
- - - - -
a13748d2 by Ralph Boehme at 2022-09-06T07:54:13+00:00
vfs_default: assert all passed in fsp's and names are non-stream type
Enforce fsp is a non-stream one in as many VFS operations as possible in
vfs_default. We really need an assert here instead of returning an error, as
otherwise he can have very hard to diagnose bugs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Wed Aug 10 16:32:35 UTC 2022 on sn-devel-184
(backported from commit fc45fcfde51b0b0bdcd524c82a0f9eabf7273045)
[slow at samba.org: skip some hunks that are not applicable]
- - - - -
6ee18ad9 by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbtorture: rename smb2.streams.attributes to smb2.streams.attributes1
A subsequent commit adds another streams test named "attributes2", this change
avoids matching the new testname with the existing knownfail entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit b5848d391be4f7633745d9c36e432ac8b1c9dba2)
- - - - -
3d54c1b6 by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbtorture: add test smb2.stream.attributes2
Specifically torture the creation date is the same for the file and its streams.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit e74b10e17ee5df0f77ac5349242841be8d71c4e8)
- - - - -
5a9aa7aa by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbd: add and use vfs_fget_dos_attributes()
Commit d71ef1365cdde47aeb3465699181656b0655fa04 caused a regression where the
creation date on streams wasn't updated anymore on the stream fsp.
By adding a simple wrapper vfs_fget_dos_attributes() that takes care of
- passing only the base_fsp to the VFS, so the VFS can be completely agnostic of
all the streams related complexity like fake fds,
- propagating any updated btime from the base_fsp->fsp_name to the
stream_fsp->fsp_name
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(backported from commit 3f7d8db9945a325020e4d1574289dea9e8331c29)
[slow at samba.org: also update itime and file_id]
- - - - -
1d244421 by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbd: directly pass fsp to SMB_VFS_FGETXATTR() in fget_ea_dos_attribute()
We're now consistently passing the base_fsp to SMB_VFS_FSET_DOS_ATTRIBUTES(), so
we don't need to check for a stream_fsp here anymore.
Additionally vfs_default will assert a non-stream fsp inside
vfswrap_fgetxattr(), so in case any caller wrongly passes a stream fsp, this is
caught in vfs_default.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 968a5ae89f0d0da219e7dd05dd1f7f7c96dbb910)
- - - - -
d89294ec by Ralph Boehme at 2022-09-06T07:54:13+00:00
s4/libcli/smb2: avoid using smb2_composite_setpathinfo() in smb2_util_setatr()
smb2_composite_setpathinfo() uses SEC_FLAG_MAXIMUM_ALLOWED which can
have unwanted side effects like breaking oplocks if the effective access
includes [READ|WRITE]_DATA.
For changing the DOS attributes we only need SEC_FILE_WRITE_ATTRIBUTE. With this
change test_smb2_oplock_batch25() doesn't trigger an oplock break anymore.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15153
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 66e40690bdd41800a01333ce4243bd62ee2b1894)
- - - - -
6e091cc5 by Ralph Boehme at 2022-09-06T07:54:13+00:00
smbtorture: check required access for SMB2-GETINFO
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15153
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 9b2d28157107602fcbe659664cf9ca25f08bb30b)
- - - - -
bc81ebe3 by Ralph Boehme at 2022-09-06T07:54:14+00:00
smbd: implement access checks for SMB2-GETINFO as per MS-SMB2 3.3.5.20.1
The spec lists the following as requiring special access:
- for requiring FILE_READ_ATTRIBUTES:
FileBasicInformation
FileAllInformation
FileNetworkOpenInformation
FileAttributeTagInformation
- for requiring FILE_READ_EA:
FileFullEaInformation
All other infolevels are unrestricted.
We ignore the IPC related infolevels:
FilePipeInformation
FilePipeLocalInformation
FilePipeRemoteInformation
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15153
RN: Missing SMB2-GETINFO access checks from MS-SMB2 3.3.5.20.1
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Aug 23 12:54:08 UTC 2022 on sn-devel-184
(cherry picked from commit 6d493a9d568c08cfe5242821ccbd5a5ee1fe5284)
- - - - -
b807f362 by Ralph Boehme at 2022-09-06T07:54:14+00:00
smbtorture: add a test trying to create a stream on share without streams support
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15161
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(backported from commit 3dcdab86f13fabb7a8c6ce71c59a565287d11244)
[slow at samba.org: context changes from different tests]
- - - - -
7c83b778 by Ralph Boehme at 2022-09-06T07:54:14+00:00
smbd: return NT_STATUS_OBJECT_NAME_INVALID if a share doesn't support streams
This is what a Windows server returns. Tested with a share residing on a FAT
formatted drive, a Windows filesystem that doesn't support streams.
Combinations tested:
file::$DATA
file:stream
file:stream:$DATA
All three fail with NT_STATUS_OBJECT_NAME_INVALID.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15161
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 201e1969bf31af07e8bd52876ff7f4d72b48a848)
- - - - -
1761ad3d by Ralph Boehme at 2022-09-06T08:49:51+00:00
smbd: check for streams support in unix_convert()
Fixes a regression introduced by the fixes for bug 15126 where we crash in
vfs_default in vfswrap_stat():
assert failed: !is_named_stream(smb_fname)
The frontend calls into the VFS from build_stream_path() with a stream path
without checking if the share supports streams.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15161
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
[slow at samba.org: change from master adapted for unix_convert()]
Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-16-test): Tue Sep 6 08:49:51 UTC 2022 on sn-devel-184
- - - - -
c579b735 by Jule Anger at 2022-09-07T20:51:24+02:00
WHATSNEW: Add release notes for Samba 4.16.5.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
c034f061 by Jule Anger at 2022-09-07T20:52:07+02:00
VERSION: Disable GIT_SNAPSHOT for the 4.16.5 release.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
86846c6e by Michael Tokarev at 2022-09-08T12:14:22+03:00
New upstream version 4.16.5+dfsg
- - - - -
26b2d31f by Michael Tokarev at 2022-09-08T12:15:08+03:00
Update upstream source from tag 'upstream/4.16.5+dfsg'
Update to upstream version '4.16.5+dfsg'
with Debian dir c43afb5d9d65e18ec28254a096af9ec25c4c9811
- - - - -
c82b3ff9 by Michael Tokarev at 2022-09-08T12:16:57+03:00
removed fix-samba-tool-domain-join-segfault.patch (included upstream)
- - - - -
6e2b8497 by Michael Tokarev at 2022-09-08T12:17:56+03:00
d/gbp.conf: no need to filter orig.tar: uscan already does that
- - - - -
36584703 by Michael Tokarev at 2022-09-08T12:44:51+03:00
update changelog; upload 4.16.5+dfsg-1 to unstable
- - - - -
30 changed files:
- VERSION
- WHATSNEW.txt
- ctdb/doc/ctdb-etcd.7
- ctdb/doc/ctdb-script.options.5
- ctdb/doc/ctdb-statistics.7
- ctdb/doc/ctdb-tunables.7
- ctdb/doc/ctdb.1
- ctdb/doc/ctdb.7
- ctdb/doc/ctdb.conf.5
- ctdb/doc/ctdb.sysconfig.5
- ctdb/doc/ctdb_diagnostics.1
- ctdb/doc/ctdb_mutex_ceph_rados_helper.7
- ctdb/doc/ctdbd.1
- ctdb/doc/ctdbd_wrapper.1
- ctdb/doc/ltdbtool.1
- ctdb/doc/onnode.1
- ctdb/doc/ping_pong.1
- debian/changelog
- debian/gbp.conf
- − debian/patches/fix-samba-tool-domain-join-segfault.patch
- debian/patches/series
- docs/manpages/cifsdd.8
- docs/manpages/dbwrap_tool.1
- docs/manpages/eventlogadm.8
- docs/manpages/idmap_ad.8
- docs/manpages/idmap_autorid.8
- docs/manpages/idmap_hash.8
- docs/manpages/idmap_ldap.8
- docs/manpages/idmap_nss.8
- docs/manpages/idmap_rfc2307.8
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/856a99332f5f1403b95b017b0e3d8a6fc657cced...3658470314cc5a90e116c46831b756ebf052c0d5
--
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/856a99332f5f1403b95b017b0e3d8a6fc657cced...3658470314cc5a90e116c46831b756ebf052c0d5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20220908/531b2b23/attachment-0001.htm>
More information about the Pkg-samba-maint
mailing list