[SCM] Samba Shared Repository - branch v4-2-test updated
Karolin Seeger
kseeger at samba.org
Wed Jul 22 00:31:10 UTC 2015
The branch, v4-2-test has been updated
via 20fba40 s3-auth: Fix a possible null pointer dereference
via d00db84 s3-smbd: Leave sys_disk_free() if dfree command is used
via 30fd8d1 ctdb-tests: Add some 10.interfaces VLAN tests
via 1168579 ctdb-tests: Add VLAN support to the "ip link" stub
via 215f15b ctdb-tests: Interface number in "ip link show" stub defaults to 42
via 27f1550 ctdb-scripts: Support monitoring of interestingly named VLANs on bonds
via fede929 ctdb-scripts: Fix regression in VLAN interface support
from 44fddac auth/credentials: if credentials have principal set, they are not anonymous anymore
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test
- Log -----------------------------------------------------------------
commit 20fba407d5dd2e771e317787db500eb99a286807
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jul 17 10:54:17 2015 +0200
s3-auth: Fix a possible null pointer dereference
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11404
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 109ff388fd5e1306189d680a8f964a69374f1b01)
Autobuild-User(v4-2-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-2-test): Wed Jul 22 02:30:04 CEST 2015 on sn-devel-104
commit d00db848baf44ed9f113a86f19bfc091ee0ef76e
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jul 17 09:35:11 2015 +0200
s3-smbd: Leave sys_disk_free() if dfree command is used
If we have a broken system which reports incorrect sizes we provide the
'dfree command'. This command makes sure Samba gets the correct values.
However after that we call the quota command which then reports the
broken values. The dfree command should take care to provide the correct
values and in case of quota's it should also calculate the quote
correctly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11403
Pair-Programmed-With: Michael Adam <obnox at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 48a4d5a4078ff2a66dd753323d6e5d76d34b9828)
commit 30fd8d1e3a48dd06d3243d4ee8b3826911c657e8
Author: Martin Schwenke <martin at meltin.net>
Date: Wed Jul 8 22:22:09 2015 +1000
ctdb-tests: Add some 10.interfaces VLAN tests
One without a bond, one with a bond.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11399
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 8ed0cacaf4aa9fc63b8c8d610a6164c5d01e473a)
commit 1168579a0ecbede2450f216d748f81ad8577b084
Author: Martin Schwenke <martin at meltin.net>
Date: Wed Jul 8 22:14:51 2015 +1000
ctdb-tests: Add VLAN support to the "ip link" stub
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11399
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 8e41cb1e4e7b4a7d92628771260649ded4432772)
commit 215f15b8becdcd3326b61a1b4f0f0f3638a41777
Author: Martin Schwenke <martin at meltin.net>
Date: Wed Jul 8 21:39:51 2015 +1000
ctdb-tests: Interface number in "ip link show" stub defaults to 42
It needs to have a default for the standalone case, when it is not run
in a loop inside "ip addr show".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11399
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 4f84d42b511a4c9a79bd835eeca0a80082e76227)
commit 27f1550155a8c1d0c6933c56bb55cdf8bb753525
Author: Martin Schwenke <martin at meltin.net>
Date: Wed Jul 8 21:23:48 2015 +1000
ctdb-scripts: Support monitoring of interestingly named VLANs on bonds
VLAN interfaces on bonds with a name other than <iface>.<id>@<iface>
are not currently supported. That is, where the VLAN name isn't based
on the underlying bond name. Such VLAN interfaces can be created with
the "ip link" command, as opposed to the "vconfig" command, or by
renaming a VLAN interface.
This is improved by determining the underlying interface name for a
VLAN from the output of "ip link".
No serious attempt is made to support VLANs with '@' in their name,
although this seems to be legal. Why would you do that?
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11399
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit bc71251433ce618c95c674d7cbe75b01a94adad9)
commit fede92918e55584f0c50e692e1dbe048d8a37888
Author: Martin Schwenke <martin at meltin.net>
Date: Tue Jul 7 20:49:38 2015 +1000
ctdb-scripts: Fix regression in VLAN interface support
Commit 6471541d6d2bc9f2af0ff92b280abbd1d933cf88 broke support for VLAN
interfaces. Releasing a public IP address depends on
ip_maskbits_iface() and for a VLAN interface this will return an
interface of the form <vlan>@<iface>, which can't be fed back into
"ip" commands.
Update ip_maskbits_iface() to drop the '@' and everything after it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11399
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Reported-by: Jan Schwaratzki <jschwaratzki at ddn.com>
(cherry picked from commit 87c5c96b767aa317dd620f89ac3e11bb40dae70f)
-----------------------------------------------------------------------
Summary of changes:
ctdb/config/events.d/10.interface | 28 +++++++++++-
ctdb/config/functions | 3 +-
.../tests/eventscripts/10.interface.monitor.017.sh | 20 +++++++++
.../tests/eventscripts/10.interface.monitor.018.sh | 20 +++++++++
ctdb/tests/eventscripts/stubs/ip | 50 +++++++++++++++++++++-
source3/auth/auth_ntlmssp.c | 4 +-
source3/smbd/dfree.c | 29 ++++++-------
7 files changed, 133 insertions(+), 21 deletions(-)
create mode 100755 ctdb/tests/eventscripts/10.interface.monitor.017.sh
create mode 100755 ctdb/tests/eventscripts/10.interface.monitor.018.sh
Changeset truncated at 500 lines:
diff --git a/ctdb/config/events.d/10.interface b/ctdb/config/events.d/10.interface
index 51d1b97..bcd5cf9 100755
--- a/ctdb/config/events.d/10.interface
+++ b/ctdb/config/events.d/10.interface
@@ -52,6 +52,30 @@ get_all_interfaces ()
all_interfaces=$(echo $all_interfaces $ctdb_ifaces | tr ' ' '\n' | sort -u)
}
+get_real_iface ()
+{
+ # Output of "ip link show <iface>"
+ _iface_info="$1"
+
+ # Extract the full interface description to see if it is a VLAN
+ _t=$(echo "$_iface_info" |
+ awk 'NR == 1 { iface = $2; sub(":$", "", iface) ; \
+ print iface }')
+ case "$_t" in
+ *@*)
+ # VLAN: use the underlying interface, after the '@'
+ echo "${_t##*@}"
+ ;;
+ *)
+ # Not a regular VLAN. For backward compatibility, assume
+ # there is some other sort of VLAN that doesn't have the
+ # '@' in the output and only use what is before a '.'. If
+ # there is no '.' then this will be the whole interface
+ # name.
+ echo "${_t%%.*}"
+ esac
+}
+
monitor_interfaces()
{
get_all_interfaces
@@ -65,7 +89,7 @@ monitor_interfaces()
# problem with an interface then set fail=true and continue.
for iface in $all_interfaces ; do
- ip link show $iface 2>/dev/null >/dev/null || {
+ _iface_info=$(ip link show $iface 2>&1) || {
echo "ERROR: Interface $iface does not exist but it is used by public addresses."
mark_down $iface
continue
@@ -74,7 +98,7 @@ monitor_interfaces()
# These interfaces are sometimes bond devices
# When we use VLANs for bond interfaces, there will only
# be an entry in /proc for the underlying real interface
- realiface=`echo $iface |sed -e 's/\..*$//'`
+ realiface=$(get_real_iface "$_iface_info")
bi=$(get_proc "net/bonding/$realiface" 2>/dev/null) && {
echo "$bi" | grep -q 'Currently Active Slave: None' && {
echo "ERROR: No active slaves for bond device $realiface"
diff --git a/ctdb/config/functions b/ctdb/config/functions
index e0270a3..6b38844 100755
--- a/ctdb/config/functions
+++ b/ctdb/config/functions
@@ -895,7 +895,8 @@ ip_maskbits_iface ()
ip addr show to "${_addr}/${_bits}" 2>/dev/null | \
awk -v family="${_family}" \
- 'NR == 1 { iface = $2; sub(":$", "", iface) } \
+ 'NR == 1 { iface = $2; sub(":$", "", iface) ; \
+ sub("@.*", "", iface) } \
$1 ~ /inet/ { mask = $2; sub(".*/", "", mask); \
print mask, iface, family }'
}
diff --git a/ctdb/tests/eventscripts/10.interface.monitor.017.sh b/ctdb/tests/eventscripts/10.interface.monitor.017.sh
new file mode 100755
index 0000000..6e30040
--- /dev/null
+++ b/ctdb/tests/eventscripts/10.interface.monitor.017.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+. "${TEST_SCRIPTS_DIR}/unit.sh"
+
+define_test "1 VLAN, link down"
+
+setup_ctdb
+
+iface=$(ctdb_get_1_interface)
+
+ethtool_interfaces_down "$iface"
+
+# This just exercises the VLAN checking code, which will allow us to
+# determine that real0 is not a bond.
+realiface="real0"
+ip link add link "$realiface" name "$iface" type vlan id 11
+ip link set "${iface}@${realiface}" up
+
+required_result 1 "ERROR: No link on the public network interface ${iface}"
+simple_test
diff --git a/ctdb/tests/eventscripts/10.interface.monitor.018.sh b/ctdb/tests/eventscripts/10.interface.monitor.018.sh
new file mode 100755
index 0000000..aac23b8
--- /dev/null
+++ b/ctdb/tests/eventscripts/10.interface.monitor.018.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+. "${TEST_SCRIPTS_DIR}/unit.sh"
+
+define_test "VLAN on bond, active slaves, link down"
+
+setup_ctdb
+
+iface=$(ctdb_get_1_interface)
+
+bond="bond0"
+
+setup_bond "$bond" "" "down"
+
+ip link add link "$bond" name "$iface" type vlan id 11
+ip link set "${iface}@${bond}" up
+
+required_result 1 "ERROR: public network interface ${bond} is down"
+
+simple_test
diff --git a/ctdb/tests/eventscripts/stubs/ip b/ctdb/tests/eventscripts/stubs/ip
index e8f17d8..2021758 100755
--- a/ctdb/tests/eventscripts/stubs/ip
+++ b/ctdb/tests/eventscripts/stubs/ip
@@ -23,15 +23,58 @@ ip_link ()
esac
;;
show) shift ; ip_link_show "$@" ;;
+ add*) shift ; ip_link_add "$@" ;;
del*) shift ; ip_link_delete "$@" ;;
*) not_implemented "$*" ;;
esac
}
+ip_link_add ()
+{
+ _link=""
+ _name=""
+ _type=""
+
+ while [ -n "$1" ] ; do
+ case "$1" in
+ link)
+ _link="$2"
+ shift 2
+ ;;
+ name)
+ _name="$2"
+ shift 2
+ ;;
+ type)
+ if [ "$2" != "vlan" ] ; then
+ not_implemented "link type $1"
+ fi
+ _type="$2"
+ shift 2
+ ;;
+ id) shift 2 ;;
+ *) not_implemented "$1" ;;
+ esac
+ done
+
+ case "$_type" in
+ vlan)
+ if [ -z "$_name" -o -z "$_link" ] ; then
+ not_implemented "ip link add with null name or link"
+ fi
+
+ mkdir -p "${FAKE_IP_STATE}/interfaces-vlan"
+ echo "$_link" >"${FAKE_IP_STATE}/interfaces-vlan/${_name}"
+ ip_link_set_down "$_name"
+ ;;
+ esac
+}
+
ip_link_delete ()
{
mkdir -p "${FAKE_IP_STATE}/interfaces-deleted"
touch "${FAKE_IP_STATE}/interfaces-deleted/$1"
+ rm -f "${FAKE_IP_STATE}/interfaces-vlan/$1"
}
ip_link_set_up ()
@@ -59,6 +102,11 @@ ip_link_show ()
exit 255
fi
+ if [ -r "${FAKE_IP_STATE}/interfaces-vlan/${dev}" ] ; then
+ read _link <"${FAKE_IP_STATE}/interfaces-vlan/${dev}"
+ dev="${dev}@${_link}"
+ fi
+
mac=$(echo $dev | md5sum | sed -r -e 's@(..)(..)(..)(..)(..)(..).*@\1:\2:\3:\4:\5:\6@')
_state="UP"
_flags=",UP,LOWER_UP"
@@ -66,7 +114,7 @@ ip_link_show ()
_state="DOWN"
_flags=""
fi
- echo "${n}: ${dev}: <BROADCAST,MULTICAST${_flags}> mtu 1500 qdisc pfifo_fast state ${_state} qlen 1000"
+ echo "${n:-42}: ${dev}: <BROADCAST,MULTICAST${_flags}> mtu 1500 qdisc pfifo_fast state ${_state} qlen 1000"
echo " link/ether ${mac} brd ff:ff:ff:ff:ff:ff"
}
diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index 14bce62..6d378c4 100644
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -198,7 +198,9 @@ NTSTATUS auth3_check_password(struct auth4_context *auth4_context,
user_info->client.account_name,
user_info->client.domain_name,
&server_info);
- *server_returned_info = talloc_steal(mem_ctx, server_info);
+ if (NT_STATUS_IS_OK(nt_status)) {
+ *server_returned_info = talloc_steal(mem_ctx, server_info);
+ }
return nt_status;
}
diff --git a/source3/smbd/dfree.c b/source3/smbd/dfree.c
index d02c1bd..09b00f4 100644
--- a/source3/smbd/dfree.c
+++ b/source3/smbd/dfree.c
@@ -98,7 +98,7 @@ uint64_t sys_disk_free(connection_struct *conn, const char *path, bool small_que
DEBUG (3, ("disk_free: Running command '%s'\n", syscmd));
lines = file_lines_pload(syscmd, NULL);
- if (lines) {
+ if (lines != NULL) {
char *line = lines[0];
DEBUG (3, ("Read input from dfree, \"%s\"\n", line));
@@ -122,22 +122,18 @@ uint64_t sys_disk_free(connection_struct *conn, const char *path, bool small_que
*dsize = 2048;
if (!*dfree)
*dfree = 1024;
- } else {
- DEBUG (0, ("disk_free: file_lines_load() failed for "
- "command '%s'. Error was : %s\n",
- syscmd, strerror(errno) ));
- if (sys_fsusage(path, dfree, dsize) != 0) {
- DEBUG (0, ("disk_free: sys_fsusage() failed. Error was : %s\n",
- strerror(errno) ));
- return (uint64_t)-1;
- }
- }
- } else {
- if (sys_fsusage(path, dfree, dsize) != 0) {
- DEBUG (0, ("disk_free: sys_fsusage() failed. Error was : %s\n",
- strerror(errno) ));
- return (uint64_t)-1;
+
+ goto dfree_done;
}
+ DEBUG (0, ("disk_free: file_lines_load() failed for "
+ "command '%s'. Error was : %s\n",
+ syscmd, strerror(errno) ));
+ }
+
+ if (sys_fsusage(path, dfree, dsize) != 0) {
+ DEBUG (0, ("disk_free: sys_fsusage() failed. Error was : %s\n",
+ strerror(errno) ));
+ return (uint64_t)-1;
}
if (disk_quotas(path, &bsize_q, &dfree_q, &dsize_q)) {
@@ -161,6 +157,7 @@ uint64_t sys_disk_free(connection_struct *conn, const char *path, bool small_que
*dfree = MAX(1,*dfree);
}
+dfree_done:
disk_norm(small_query,bsize,dfree,dsize);
if ((*bsize) < 1024) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list