[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Thu Feb 19 15:11:04 MST 2015 

The branch, master has been updated
       via  75dff77 s4: smbtorture: leases - show stat opens grant leases and can be broken.
       via  cec2a38 s3: smbd: leases - losen paranoia check. Stat opens can grant leases.
       via  2d3db5e s3: smbd: leases - new torture test shows stat opens can get leases.
       via  1cea6e5 s3: smbd: signing. Ensure we respond correctly to an SMB2 negprot with SMB2_NEGOTIATE_SIGNING_REQUIRED.
      from  7a46156 regedit: Rename variable to fix compile warning

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 75dff778c5f13c008419cf292d2ea73cf3a33d7b
Author: Jeremy Allison <jra at samba.org>
Date:   Wed Feb 18 11:51:53 2015 -0800

    s4: smbtorture: leases - show stat opens grant leases and can be broken.
    
    https://bugzilla.samba.org/show_bug.cgi?id=11102
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Ralph Böhme <slow at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Thu Feb 19 23:10:43 CET 2015 on sn-devel-104

commit cec2a38e971ac83260f3a9a5c4ac7095f8d23d65
Author: Jeremy Allison <jra at samba.org>
Date:   Wed Feb 18 11:49:27 2015 -0800

    s3: smbd: leases - losen paranoia check. Stat opens can grant leases.
    
    https://bugzilla.samba.org/show_bug.cgi?id=11102
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Ralph Böhme <slow at samba.org>

commit 2d3db5e7930af9dd2a70727b2f2828bd73a1ec3b
Author: Jeremy Allison <jra at samba.org>
Date:   Wed Feb 18 11:48:31 2015 -0800

    s3: smbd: leases - new torture test shows stat opens can get leases.
    
    Can also issue breaks on these leases.
    
    https://bugzilla.samba.org/show_bug.cgi?id=11102
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Ralph Böhme <slow at samba.org>

commit 1cea6e5b6f8c0e28d5ba2d296c831c4878fca304
Author: Jeremy Allison <jra at samba.org>
Date:   Wed Feb 18 21:27:37 2015 -0800

    s3: smbd: signing. Ensure we respond correctly to an SMB2 negprot with SMB2_NEGOTIATE_SIGNING_REQUIRED.
    
    Bug 11103:  - Samba does not set the required flags in the SMB2/SMB3 Negotiate Protocol Response when signing required by client
    
    https://bugzilla.samba.org/show_bug.cgi?id=11103
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Steve French <smfrench at gmail.com>

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/files.c          |  3 +-
 source3/smbd/open.c           | 11 +++---
 source3/smbd/smb2_negprot.c   |  3 +-
 source3/smbd/smb2_sesssetup.c |  4 ++-
 source4/torture/smb2/lease.c  | 79 +++++++++++++++++++++++++++++++++++++++++++
 5 files changed, 90 insertions(+), 10 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/files.c b/source3/smbd/files.c
index 19896a7..5b3741b 100644
--- a/source3/smbd/files.c
+++ b/source3/smbd/files.c
@@ -322,7 +322,8 @@ files_struct *file_find_dif(struct smbd_server_connection *sconn,
 			}
 			/* Paranoia check. */
 			if ((fsp->fh->fd == -1) &&
-			    (fsp->oplock_type != NO_OPLOCK)) {
+			    (fsp->oplock_type != NO_OPLOCK &&
+			     fsp->oplock_type != LEASE_OPLOCK)) {
 				DEBUG(0,("file_find_dif: file %s file_id = "
 					 "%s, gen = %u oplock_type = %u is a "
 					 "stat open with oplock type !\n",
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 06770e0..773b146 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -3099,7 +3099,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn,
 
 	if (file_existed) {
 		/*
-		 * stat opens on existing files don't get oplocks or leases.
+		 * stat opens on existing files don't get oplocks.
+		 * They can get leases.
 		 *
 		 * Note that we check for stat open on the *open_access_mask*,
 		 * i.e. the access mask we actually used to do the open,
@@ -3108,12 +3109,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn,
 		 * FILE_OVERWRITE and FILE_OVERWRITE_IF add in O_TRUNC,
 		 * which adds FILE_WRITE_DATA to open_access_mask.
 		 */
-		if (is_stat_open(open_access_mask)) {
-			if (lease) {
-				lease->lease_state = SMB2_LEASE_NONE;
-			} else {
-				oplock_request = NO_OPLOCK;
-			}
+		if (is_stat_open(open_access_mask) && lease == NULL) {
+			oplock_request = NO_OPLOCK;
 		}
 	}
 
diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 9a1ca9c..02f6882 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -221,7 +221,8 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
 	}
 
 	security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
-	if (lp_server_signing() == SMB_SIGNING_REQUIRED) {
+	if (lp_server_signing() == SMB_SIGNING_REQUIRED ||
+			(in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED)) {
 		security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED;
 	}
 
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 2f58e44..f918328 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -186,7 +186,9 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
 	struct smbXsrv_connection *xconn = smb2req->xconn;
 
 	if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
-	    lp_server_signing() == SMB_SIGNING_REQUIRED) {
+	    lp_server_signing() == SMB_SIGNING_REQUIRED ||
+	    (xconn->smb2.server.security_mode &
+			SMB2_NEGOTIATE_SIGNING_REQUIRED)) {
 		x->global->signing_required = true;
 	}
 
diff --git a/source4/torture/smb2/lease.c b/source4/torture/smb2/lease.c
index c1b6420..4b435a1 100644
--- a/source4/torture/smb2/lease.c
+++ b/source4/torture/smb2/lease.c
@@ -27,6 +27,7 @@
 #include "torture/smb2/proto.h"
 #include "torture/util.h"
 #include "libcli/smb/smbXcli_base.h"
+#include "libcli/security/security.h"
 #include "lib/param/param.h"
 
 #define CHECK_VAL(v, correct) do { \
@@ -912,6 +913,83 @@ done:
 	return ret;
 }
 
+static bool test_lease_statopen(struct torture_context *tctx,
+				   struct smb2_tree *tree)
+{
+	TALLOC_CTX *mem_ctx = talloc_new(tctx);
+	struct smb2_create io;
+	struct smb2_lease ls;
+	struct smb2_handle h1, h2;
+	NTSTATUS status;
+	const char *fname = "lease_statopen.dat";
+	bool ret = true;
+	uint32_t caps;
+
+	caps = smb2cli_conn_server_capabilities(
+		tree->session->transport->conn);
+	if (!(caps & SMB2_CAP_LEASING)) {
+		torture_skip(tctx, "leases are not supported");
+	}
+
+	smb2_util_unlink(tree, fname);
+
+	/* Create file. */
+	smb2_lease_create(&io, &ls, false, fname, LEASE1,
+			  smb2_util_lease_state("RWH"));
+	status = smb2_create(tree, mem_ctx, &io);
+	CHECK_STATUS(status, NT_STATUS_OK);
+	h1 = io.out.file.handle;
+	CHECK_CREATED(&io, CREATED, FILE_ATTRIBUTE_ARCHIVE);
+	CHECK_LEASE(&io, "RWH", true, LEASE1, 0);
+	smb2_util_close(tree, h1);
+
+	/* Stat open file with RWH lease. */
+	smb2_lease_create_share(&io, &ls, false, fname, 0, LEASE1,
+			  smb2_util_lease_state("RWH"));
+	io.in.desired_access = FILE_READ_ATTRIBUTES;
+	status = smb2_create(tree, mem_ctx, &io);
+	CHECK_STATUS(status, NT_STATUS_OK);
+	h2 = io.out.file.handle;
+	CHECK_LEASE(&io, "RWH", true, LEASE1, 0);
+
+	ZERO_STRUCT(break_info);
+
+	tree->session->transport->lease.handler	= torture_lease_handler;
+	tree->session->transport->lease.private_data = tree;
+
+	/* Ensure non-stat open doesn't break and gets same lease
+	   state as existing stat open. */
+	smb2_lease_create(&io, &ls, false, fname, LEASE1,
+			  smb2_util_lease_state(""));
+	status = smb2_create(tree, mem_ctx, &io);
+	CHECK_STATUS(status, NT_STATUS_OK);
+	h1 = io.out.file.handle;
+	CHECK_CREATED(&io, EXISTED, FILE_ATTRIBUTE_ARCHIVE);
+	CHECK_LEASE(&io, "RWH", true, LEASE1, 0);
+
+	CHECK_NO_BREAK(tctx);
+	smb2_util_close(tree, h1);
+
+	/* Open with conflicting lease. stat open should break down to RH */
+	smb2_lease_create(&io, &ls, false, fname, LEASE2,
+			  smb2_util_lease_state("RWH"));
+	status = smb2_create(tree, mem_ctx, &io);
+	CHECK_STATUS(status, NT_STATUS_OK);
+	h1 = io.out.file.handle;
+	CHECK_CREATED(&io, EXISTED, FILE_ATTRIBUTE_ARCHIVE);
+	CHECK_LEASE(&io, "RH", true, LEASE2, 0);
+
+	CHECK_BREAK_INFO("RWH", "RH", LEASE1);
+
+done:
+	smb2_util_close(tree, h2);
+	smb2_util_close(tree, h1);
+	smb2_util_unlink(tree, fname);
+	talloc_free(mem_ctx);
+	return ret;
+}
+
+
 static void torture_oplock_break_callback(struct smb2_request *req)
 {
 	NTSTATUS status;
@@ -3814,6 +3892,7 @@ struct torture_suite *torture_smb2_lease_init(void)
 				     test_lease_break_twice);
 	torture_suite_add_1smb2_test(suite, "nobreakself",
 				     test_lease_nobreakself);
+	torture_suite_add_1smb2_test(suite, "statopen", test_lease_statopen);
 	torture_suite_add_1smb2_test(suite, "upgrade", test_lease_upgrade);
 	torture_suite_add_1smb2_test(suite, "upgrade2", test_lease_upgrade2);
 	torture_suite_add_1smb2_test(suite, "upgrade3", test_lease_upgrade3);


-- 
Samba Shared Repository

More information about the samba-cvs mailing list