[SCM] Samba Shared Repository - branch v4-1-test updated
Karolin Seeger
kseeger at samba.org
Wed May 20 10:45:04 MDT 2015
The branch, v4-1-test has been updated
via 13d1bdd libads: record service ticket endtime for sealed ldap connections
via 0372b33 s3: smbd: VFS: fake_acl module called get_full_smb_filename() with a stream path, then used the result to call XATTR functions directly.
via 8ac582e s3: smbd: VFS: For all EA and ACL calls use synthetic_smb_fname(), not synthetic_smb_fname_split().
via 178db7c s3: smbd: VFS: All the places that are currently calling vfs_stat_smb_fname() and vfs_lstat_smb_fname() should be calling vfs_stat_smb_basename().
via bb22fea s3: smbd: VFS: Add vfs_stat_smb_basename() - to be called when we *know* stream name parsing has already been done.
via 18536b8 vfs_gpfs: move failure label before END_PROFILE
via 007a5fd vfp_gpfs: ensure END_PROFILE is always called
via 3db0ad9 s3:selftest: run smb2.notify with --signing=required
via 1b2cf28 s3:smb2_sesssetup: remove unused smbd_smb2_session_setup_* destructors
via 3af2142 s3:smb2_sesssetup: add smbd_smb2_session_setup_wrap_send/recv()
via f28cbf0 s3:smb2_sesssetup: always assign smb2req->session when a session was created.
via bd03b6a s3:smb2_sesssetup: let smbd_smb2_logoff_* use smbXsrv_session_shutdown_*
via 6d611c6 s3:smbXsrv_session: cancel pending requests when we logoff a previous session
via 75b9a6f s3:smbXsrv_session: add smb2srv_session_shutdown_send/recv helper functions
via 749e6fd s3:smbXsrv_session: clear smb2req->session of pending requests in smbXsrv_session_logoff_all_callback()
via 21fd82d s3:smbXsrv_session: clear smb2req->session of pending requests in smbXsrv_session_destructor()
via 5e47040 s4:torture/smb2: add smb2.notify.session-reconnect test
via dcea20f s4:torture/smb2: add smb2.notify.invalid-reauth test
via 712d9e5 s4:torture/smb2: add smb2.notify.close test
via bc0966d s4:torture/smb2: verify STATUS_NOTIFY_CLEANUP return value
via 6caba46 s3:smbd: use STATUS_NOTIFY_CLEANUP on smb2 logoff (explicit and implicit) and tdis
via 2284593 s3:smbd: use STATUS_NOTIFY_CLEANUP when closing a smb2 directory handle
via f362fc9 s3:smbd: add a smbd_notify_cancel_by_map() helper function
via 33e1a4f smbd:smb2: fix error code when the header says the request is signed but we don't have a sesseion
via f687a77 s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if signing is required
from 87b7535 VERSION: Bump version up to 4.1.19...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -----------------------------------------------------------------
commit 13d1bdd98ac82741c0a0da492cc4be3310df9a87
Author: Uri Simchoni <urisimchoni at gmail.com>
Date: Sat May 9 22:59:17 2015 +0300
libads: record service ticket endtime for sealed ldap connections
When a ticket is obtained for binding a signed/sealed ldap connection,
its liftime should be recorded in the ads struct, in order to enable
reuse of the connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11267
Signed-off-by: Uri Simchoni <urisimchoni at gmail.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <rb at sernet.de>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed May 13 04:32:16 CEST 2015 on sn-devel-104
(cherry picked from commit 40eac8e4d8bc85f2329b8ed6c5ba96a141dc20a3)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-1-test): Wed May 20 18:44:55 CEST 2015 on sn-devel-104
commit 0372b33553d76b79ad3d1b139f4e60e517bec276
Author: Jeremy Allison <jra at samba.org>
Date: Mon May 4 19:56:39 2015 -0700
s3: smbd: VFS: fake_acl module called get_full_smb_filename() with a stream path, then used the result to call XATTR functions directly.
Ensure when pulling XATTR values, we don't allow a stream filename.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11249
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 0f23bf228ceb38b024a77fcf2916971ad4f6aa4d)
commit 8ac582e471753d44c25dd875a0969b90d418236f
Author: Jeremy Allison <jra at samba.org>
Date: Fri May 1 21:06:20 2015 -0700
s3: smbd: VFS: For all EA and ACL calls use synthetic_smb_fname(), not synthetic_smb_fname_split().
EA's and ACL paths are all post-stream name checks (and shouldn't
get stream names). This one took a *long* time to find.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11249
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit ccb4f791fd19d9b3af79a205a15c0219ed7240ea)
commit 178db7cea5f33144b438c5e49ef65024e10d0a0f
Author: Jeremy Allison <jra at samba.org>
Date: Fri May 1 13:09:36 2015 -0700
s3: smbd: VFS: All the places that are currently calling vfs_stat_smb_fname() and vfs_lstat_smb_fname() should be calling vfs_stat_smb_basename().
They are all post-stream name processing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11249
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 14f4e254bb8d1f456ebb8da728f2fb812a9b3034)
commit bb22feab1631c15a3630f53b313824b510b85389
Author: Jeremy Allison <jra at samba.org>
Date: Fri May 1 12:50:51 2015 -0700
s3: smbd: VFS: Add vfs_stat_smb_basename() - to be called when we *know* stream name parsing has already been done.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11249
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 044dabfd92d09de4f168a36a07ac3232f5647a1d)
commit 18536b8f7af69b6325f20464f229a47e4ae7646d
Author: Ralph Boehme <slow at samba.org>
Date: Thu Apr 30 12:29:57 2015 +0200
vfs_gpfs: move failure label before END_PROFILE
The label was added in 5e65ae14ddb74c648f31b4dfbacd4af9c02ca058 as part
of fix for bug 11244, but was wrongly placed behind END_PROFILE.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11244
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu May 7 19:22:00 CEST 2015 on sn-devel-104
(cherry picked from commit 3876e59826ad17466975ae9e9a65879c76737b2b)
commit 007a5fd308f9185ed12fe26ca7d01c843ef60ce0
Author: Ralph Boehme <slow at samba.org>
Date: Wed Apr 29 20:48:08 2015 +0200
vfp_gpfs: ensure END_PROFILE is always called
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11244
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Christof Schmitt <cs at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Apr 30 19:34:41 CEST 2015 on sn-devel-104
(cherry picked from commit 5e65ae14ddb74c648f31b4dfbacd4af9c02ca058)
commit 3db0ad945c0aa083c8acc464472bdff4c8e61d8e
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:26:41 2015 +0200
s3:selftest: run smb2.notify with --signing=required
This reproduces a bug withe implicit canceled requests.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(similar to commit c49ad3f89530d078fdd6ffcd1a6dc8c38be9169b)
commit 1b2cf28087197d8fc94de7358fe989e8b6aa542c
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:29:03 2015 +0200
s3:smb2_sesssetup: remove unused smbd_smb2_session_setup_* destructors
The cleanup of a failing session setup is now handled in
smbd_smb2_session_setup_wrap_*().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(similar to commit 5871d3da871349cba058bb91218ae58107cf05c8)
commit 3af2142f97e9b43a14c8a4e9d4869625e1137cde
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:21:25 2015 +0200
s3:smb2_sesssetup: add smbd_smb2_session_setup_wrap_send/recv()
The wrapper calls smbXsrv_session_shutdown_send/recv() in case of an error,
this makes sure a failing reauth shuts down the session like an explicit logoff.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 50aeb6b38b14d6c26229834ece3c32eb50f9e56a)
commit f28cbf0fe2a9f3b84e867e78cbc5f2b91b99823c
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:27:26 2015 +0200
s3:smb2_sesssetup: always assign smb2req->session when a session was created.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 8f0d4d1132b74615dc6198ab736590dec52effda)
commit bd03b6a5b151b982332dcb24b4677370f9bb4c32
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:20:06 2015 +0200
s3:smb2_sesssetup: let smbd_smb2_logoff_* use smbXsrv_session_shutdown_*
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(similar to commit 95057fe375348b918cb2ca58109f4c110a4a5f77)
commit 6d611c6c35008df23a48ad051c5764b30e530cb3
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:13:27 2015 +0200
s3:smbXsrv_session: cancel pending requests when we logoff a previous session
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(similar to commit cc9d52e10f4f1b192171e03674061d4e8e6bcc84)
commit 75b9a6f37f21e4ae610ce8ec1334ff38756ff1ca
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 09:57:03 2015 +0200
s3:smbXsrv_session: add smb2srv_session_shutdown_send/recv helper functions
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(similar to commit 4fceb4531ccd6bb1fd6ebd7b6eb5b894959bc010)
commit 749e6fd8ee8364cb23a84780488b80f5b181b750
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:17:34 2015 +0200
s3:smbXsrv_session: clear smb2req->session of pending requests in smbXsrv_session_logoff_all_callback()
smbXsrv_session_logoff_all_callback() is called when the last transport
connection is gone, which means we won't need to sign any response...
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(similar to commit b6c34a07760141bda3e78624d62eb556bb70da65)
commit 21fd82d124e04ced57357b76cd290cc57264b8dd
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:09:40 2015 +0200
s3:smbXsrv_session: clear smb2req->session of pending requests in smbXsrv_session_destructor()
This won't be needed typically needed as the caller is supposted to cancel
the requests already, but this makes sure we don't keep dangling pointers.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(similar to commit 7fea42110596e8e9da0155d726aaa72223107fbd)
commit 5e47040f9ebad25df547fb9cf2ce622124a6d197
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 09:57:03 2015 +0200
s4:torture/smb2: add smb2.notify.session-reconnect test
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit f435c89d61385272bf5b79f82f6e1373908d2b94)
commit dcea20fc28436f6de530cf5ac5ebb9236c1a26ca
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:20:50 2015 +0200
s4:torture/smb2: add smb2.notify.invalid-reauth test
An invalid reauth closes the session.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a8ec77e86b17213eeb6a51a835639d79e9486223)
commit 712d9e5ddbf85ef8092ee9ca4db7b27c88adf406
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:20:50 2015 +0200
s4:torture/smb2: add smb2.notify.close test
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 44f9e1052de81a0a3052997e7e19a01813fbec43)
commit bc0966d557f42e174b8d02ecb82388ac409668f9
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:19:42 2015 +0200
s4:torture/smb2: verify STATUS_NOTIFY_CLEANUP return value
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 4bfa6b024e530694741c7c07171fa09762578389)
commit 6caba46304e9e04b3186efd4ecc8efcb08892391
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:02:38 2015 +0200
s3:smbd: use STATUS_NOTIFY_CLEANUP on smb2 logoff (explicit and implicit) and tdis
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 5169e9b20c69092d04b596f48ca0e69a46af438f)
commit 228459327927a5dc33a8361e1d75048f78f3b5a1
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:02:38 2015 +0200
s3:smbd: use STATUS_NOTIFY_CLEANUP when closing a smb2 directory handle
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a5981d137461e5715c92a4fb4cdeaa650f34e999)
commit f362fc982320ed0af2b876a8c535dba458bca69f
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:04:55 2015 +0200
s3:smbd: add a smbd_notify_cancel_by_map() helper function
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 2c47fb16089602a42f62124520e58bdcd8c7d053)
commit 33e1a4ffb4e43820dc8893207f4f5bc9394441d2
Author: Michael Adam <obnox at samba.org>
Date: Wed Sep 25 23:18:56 2013 +0200
smbd:smb2: fix error code when the header says the request is signed but we don't have a sesseion
I.e. when the request is a session setup.
We replied with ACCESS_DENIED, but windows expects USER_SESSION_DELETED
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Oct 2 22:07:44 CEST 2013 on sn-devel-104
(cherry picked from commit c3a5fecdc1ff0320f4979fa21aa636aacaac8abe)
commit f687a770c6fe7f40e5b4b88668444775006fcb39
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Sep 23 20:51:30 2013 +0200
s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if signing is required
Windows (at least the test suites) may skip the SMB2_HDR_FLAG_SIGNED
in a reauth session setup, but still provide a valid signature.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
(cherry picked from commit 4a7b792bc6d463a3aa4e1150a271ed6b929276cc)
-----------------------------------------------------------------------
Summary of changes:
selftest/knownfail | 1 -
source3/libads/sasl.c | 23 +++
source3/modules/nfs4_acls.c | 4 +-
source3/modules/non_posix_acls.c | 2 +-
source3/modules/vfs_acl_common.c | 19 ++-
source3/modules/vfs_acl_tdb.c | 16 +-
source3/modules/vfs_fake_acls.c | 22 ++-
source3/modules/vfs_gpfs.c | 9 +-
source3/modules/vfs_recycle.c | 2 +-
source3/modules/vfs_solarisacl.c | 2 +-
source3/modules/vfs_xattr_tdb.c | 4 +-
source3/selftest/tests.py | 3 +
source3/smbd/close.c | 15 +-
source3/smbd/globals.h | 5 +
source3/smbd/notify.c | 33 +++-
source3/smbd/posix_acls.c | 2 +-
source3/smbd/proto.h | 2 +
source3/smbd/smb2_server.c | 4 +-
source3/smbd/smb2_sesssetup.c | 322 +++++++++++++++++++++++----------------
source3/smbd/smbXsrv_session.c | 191 ++++++++++++++++++++++-
source3/smbd/vfs.c | 26 ++++
source4/torture/smb2/notify.c | 235 ++++++++++++++++++++++++++++
22 files changed, 760 insertions(+), 182 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/knownfail b/selftest/knownfail
index 8d11dfe..104ddbd 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -187,7 +187,6 @@
^samba3.smb2.create.open
^samba3.smb2.create.leading-slash
^samba3.smb2.notify.valid-req
-^samba3.smb2.notify.dir
^samba3.smb2.notify.rec
^samba3.smb2.durable-open.lock-lease
^samba3.smb2.durable-open.reopen4
diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 1450ff1..901e5bd 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -458,6 +458,8 @@ static ADS_STATUS ads_sasl_spnego_gsskrb5_bind(ADS_STRUCT *ads, const gss_name_t
DATA_BLOB unwrapped;
DATA_BLOB wrapped;
struct berval cred, *scred = NULL;
+ uint32_t context_validity = 0;
+ time_t context_endtime = 0;
status = ads_init_gssapi_cred(ads, &gss_cred);
if (!ADS_ERR_OK(status)) {
@@ -652,6 +654,26 @@ static ADS_STATUS ads_sasl_spnego_gsskrb5_bind(ADS_STRUCT *ads, const gss_name_t
goto failed;
}
+ gss_rc =
+ gss_context_time(&minor_status, context_handle, &context_validity);
+ if (gss_rc == GSS_S_COMPLETE) {
+ if (context_validity != 0) {
+ context_endtime = time(NULL) + context_validity;
+ DEBUG(10, ("context (service ticket) valid for "
+ "%u seconds\n",
+ context_validity));
+ } else {
+ DEBUG(10, ("context (service ticket) expired\n"));
+ }
+ } else {
+ DEBUG(1, ("gss_context_time failed (%d,%u) -"
+ " this will be a one-time context\n",
+ gss_rc, minor_status));
+ if (gss_rc == GSS_S_CONTEXT_EXPIRED) {
+ DEBUG(10, ("context (service ticket) expired\n"));
+ }
+ }
+
if (ads->ldap.wrap_type > ADS_SASLWRAP_TYPE_PLAIN) {
uint32 max_msg_size = ADS_SASL_WRAPPING_OUT_MAX_WRAPPED;
@@ -677,6 +699,7 @@ static ADS_STATUS ads_sasl_spnego_gsskrb5_bind(ADS_STRUCT *ads, const gss_name_t
context_handle = GSS_C_NO_CONTEXT;
}
+ ads->auth.tgs_expire = context_endtime;
status = ADS_SUCCESS;
failed:
diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c
index 500cb47..c7542db 100644
--- a/source3/modules/nfs4_acls.c
+++ b/source3/modules/nfs4_acls.c
@@ -282,9 +282,9 @@ static int smbacl4_GetFileOwner(struct connection_struct *conn,
memset(psbuf, 0, sizeof(SMB_STRUCT_STAT));
/* Get the stat struct for the owner info. */
- if (vfs_stat_smb_fname(conn, filename, psbuf) != 0)
+ if (vfs_stat_smb_basename(conn, filename, psbuf) != 0)
{
- DEBUG(8, ("vfs_stat_smb_fname failed with error %s\n",
+ DEBUG(8, ("vfs_stat_smb_basename failed with error %s\n",
strerror(errno)));
return -1;
}
diff --git a/source3/modules/non_posix_acls.c b/source3/modules/non_posix_acls.c
index b1c2420..fca9979 100644
--- a/source3/modules/non_posix_acls.c
+++ b/source3/modules/non_posix_acls.c
@@ -32,7 +32,7 @@ int non_posix_sys_acl_blob_get_file_helper(vfs_handle_struct *handle,
struct xattr_sys_acl_hash_wrapper acl_wrapper = {};
struct smb_filename *smb_fname;
- smb_fname = synthetic_smb_fname_split(frame, path_p, NULL);
+ smb_fname = synthetic_smb_fname(frame, path_p, NULL, NULL);
if (smb_fname == NULL) {
TALLOC_FREE(frame);
errno = ENOMEM;
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index 57fc6c8..c9124a5 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -617,7 +617,24 @@ static NTSTATUS get_nt_acl_internal(vfs_handle_struct *handle,
}
psbuf = &fsp->fsp_name->st;
} else {
- int ret = vfs_stat_smb_fname(handle->conn,
+ /*
+ * https://bugzilla.samba.org/show_bug.cgi?id=11249
+ *
+ * We are currently guaranteed that 'name' here is
+ * a smb_fname->base_name, which *cannot* contain
+ * a stream name (':'). vfs_stat_smb_fname() splits
+ * a name into a base name + stream name, which
+ * when we get here we know we've already done.
+ * So we have to call the stat or lstat VFS
+ * calls directly here. Else, a base_name that
+ * contains a ':' (from a demangled name) will
+ * get split again.
+ *
+ * FIXME.
+ * This uglyness will go away once smb_fname
+ * is fully plumbed through the VFS.
+ */
+ int ret = vfs_stat_smb_basename(handle->conn,
name,
&sbuf);
if (ret == -1) {
diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c
index 80839e3..ec0aaa4 100644
--- a/source3/modules/vfs_acl_tdb.c
+++ b/source3/modules/vfs_acl_tdb.c
@@ -159,7 +159,7 @@ static NTSTATUS get_acl_blob(TALLOC_CTX *ctx,
status = vfs_stat_fsp(fsp);
sbuf = fsp->fsp_name->st;
} else {
- int ret = vfs_stat_smb_fname(handle->conn, name, &sbuf);
+ int ret = vfs_stat_smb_basename(handle->conn, name, &sbuf);
if (ret == -1) {
status = map_nt_error_from_unix(errno);
}
@@ -282,12 +282,7 @@ static int rmdir_acl_tdb(vfs_handle_struct *handle, const char *path)
struct db_context *db = acl_db;
int ret = -1;
- if (lp_posix_pathnames()) {
- ret = vfs_lstat_smb_fname(handle->conn, path, &sbuf);
- } else {
- ret = vfs_stat_smb_fname(handle->conn, path, &sbuf);
- }
-
+ ret = vfs_stat_smb_basename(handle->conn, path, &sbuf);
if (ret == -1) {
return -1;
}
@@ -347,12 +342,7 @@ static int sys_acl_set_file_tdb(vfs_handle_struct *handle,
struct db_context *db = acl_db;
int ret = -1;
- if (lp_posix_pathnames()) {
- ret = vfs_lstat_smb_fname(handle->conn, path, &sbuf);
- } else {
- ret = vfs_stat_smb_fname(handle->conn, path, &sbuf);
- }
-
+ ret = vfs_stat_smb_basename(handle->conn, path, &sbuf);
if (ret == -1) {
return -1;
}
diff --git a/source3/modules/vfs_fake_acls.c b/source3/modules/vfs_fake_acls.c
index 0e7ebb9..3887e86 100644
--- a/source3/modules/vfs_fake_acls.c
+++ b/source3/modules/vfs_fake_acls.c
@@ -115,8 +115,16 @@ static int fake_acls_stat(vfs_handle_struct *handle,
if (ret == 0) {
TALLOC_CTX *frame = talloc_stackframe();
char *path;
+ struct smb_filename smb_fname_base = {
+ .base_name = smb_fname->base_name
+ };
NTSTATUS status;
- status = get_full_smb_filename(frame, smb_fname, &path);
+ /*
+ * As we're calling getxattr directly here
+ * we need to use only the base_name, not
+ * the full name containing any stream name.
+ */
+ status = get_full_smb_filename(frame, &smb_fname_base, &path);
if (!NT_STATUS_IS_OK(status)) {
errno = map_errno_from_nt_status(status);
TALLOC_FREE(frame);
@@ -148,8 +156,16 @@ static int fake_acls_lstat(vfs_handle_struct *handle,
if (ret == 0) {
TALLOC_CTX *frame = talloc_stackframe();
char *path;
+ struct smb_filename smb_fname_base = {
+ .base_name = smb_fname->base_name
+ };
NTSTATUS status;
- status = get_full_smb_filename(frame, smb_fname, &path);
+ /*
+ * As we're calling getxattr directly here
+ * we need to use only the base_name, not
+ * the full name containing any stream name.
+ */
+ status = get_full_smb_filename(frame, &smb_fname_base, &path);
if (!NT_STATUS_IS_OK(status)) {
errno = map_errno_from_nt_status(status);
TALLOC_FREE(frame);
@@ -348,7 +364,7 @@ static int fake_acls_sys_acl_delete_def_file(vfs_handle_struct *handle, const ch
TALLOC_CTX *frame = talloc_stackframe();
struct smb_filename *smb_fname;
- smb_fname = synthetic_smb_fname_split(frame, path, NULL);
+ smb_fname = synthetic_smb_fname(frame, path, NULL, NULL);
if (smb_fname == NULL) {
TALLOC_FREE(frame);
errno = ENOMEM;
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index 2efac19..11e6506 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -115,8 +115,12 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp,
struct gpfs_config_data,
return -1);
- if (linux_set_lease_sighandler(fsp->fh->fd) == -1)
- return -1;
+ START_PROFILE(syscall_linux_setlease);
+
+ if (linux_set_lease_sighandler(fsp->fh->fd) == -1) {
+ ret = -1;
+ goto failure;
+ }
START_PROFILE(syscall_linux_setlease);
@@ -130,6 +134,7 @@ static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp,
unbecome_root();
}
+failure:
END_PROFILE(syscall_linux_setlease);
return ret;
diff --git a/source3/modules/vfs_recycle.c b/source3/modules/vfs_recycle.c
index 00d7f34..9af78fd 100644
--- a/source3/modules/vfs_recycle.c
+++ b/source3/modules/vfs_recycle.c
@@ -188,7 +188,7 @@ static bool recycle_directory_exist(vfs_handle_struct *handle, const char *dname
{
SMB_STRUCT_STAT st;
- if (vfs_stat_smb_fname(handle->conn, dname, &st) == 0) {
+ if (vfs_stat_smb_basename(handle->conn, dname, &st) == 0) {
if (S_ISDIR(st.st_ex_mode)) {
return True;
}
diff --git a/source3/modules/vfs_solarisacl.c b/source3/modules/vfs_solarisacl.c
index 9b3c4f6..efd2d75 100644
--- a/source3/modules/vfs_solarisacl.c
+++ b/source3/modules/vfs_solarisacl.c
@@ -167,7 +167,7 @@ int solarisacl_sys_acl_set_file(vfs_handle_struct *handle,
* that has not been specified in "type" from the file first
* and concatenate it with the acl provided.
*/
- if (vfs_stat_smb_fname(handle->conn, name, &s) != 0) {
+ if (vfs_stat_smb_basename(handle->conn, name, &s) != 0) {
DEBUG(10, ("Error in stat call: %s\n", strerror(errno)));
goto done;
}
diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c
index 43456cf..d72b50c 100644
--- a/source3/modules/vfs_xattr_tdb.c
+++ b/source3/modules/vfs_xattr_tdb.c
@@ -37,7 +37,7 @@ static int xattr_tdb_get_file_id(struct vfs_handle_struct *handle,
TALLOC_CTX *frame = talloc_stackframe();
struct smb_filename *smb_fname;
- smb_fname = synthetic_smb_fname_split(frame, path, NULL);
+ smb_fname = synthetic_smb_fname(frame, path, NULL, NULL);
if (smb_fname == NULL) {
TALLOC_FREE(frame);
errno = ENOMEM;
@@ -414,7 +414,7 @@ static int xattr_tdb_rmdir(vfs_handle_struct *handle, const char *path)
TALLOC_FREE(frame); return -1;
});
- if (vfs_stat_smb_fname(handle->conn, path, &sbuf) == -1) {
+ if (vfs_stat_smb_basename(handle->conn, path, &sbuf) == -1) {
TALLOC_FREE(frame);
return -1;
}
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 85d67d6..27883d3 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -358,6 +358,9 @@ for t in tests:
# test the dirsort module.
plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmpsort -U$USERNAME%$PASSWORD')
plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD')
+ elif t == "smb2.notify":
+ plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --signing=required')
+ plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD --signing=required')
else:
plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD')
diff --git a/source3/smbd/close.c b/source3/smbd/close.c
index f341c72..3f4af6d 100644
--- a/source3/smbd/close.c
+++ b/source3/smbd/close.c
@@ -1050,6 +1050,13 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
NTSTATUS status1 = NT_STATUS_OK;
const struct security_token *del_nt_token = NULL;
const struct security_unix_token *del_token = NULL;
+ NTSTATUS notify_status;
+
+ if (fsp->conn->sconn->using_smb2) {
+ notify_status = STATUS_NOTIFY_CLEANUP;
+ } else {
+ notify_status = NT_STATUS_OK;
+ }
/*
* NT can set delete_on_close of the last open
@@ -1159,8 +1166,8 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
* now fail as the directory has been deleted.
*/
- if(NT_STATUS_IS_OK(status)) {
- remove_pending_change_notify_requests_by_fid(fsp, NT_STATUS_DELETE_PENDING);
+ if (NT_STATUS_IS_OK(status)) {
+ notify_status = NT_STATUS_DELETE_PENDING;
}
} else {
if (!del_share_mode(lck, fsp)) {
@@ -1169,10 +1176,10 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
}
TALLOC_FREE(lck);
- remove_pending_change_notify_requests_by_fid(
- fsp, NT_STATUS_OK);
}
+ remove_pending_change_notify_requests_by_fid(fsp, notify_status);
+
status1 = fd_close(fsp);
if (!NT_STATUS_IS_OK(status1)) {
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index 0942e46..66358fb 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -394,6 +394,11 @@ NTSTATUS smbXsrv_session_create(struct smbXsrv_connection *conn,
NTTIME now,
struct smbXsrv_session **_session);
NTSTATUS smbXsrv_session_update(struct smbXsrv_session *session);
+struct tevent_req *smb2srv_session_shutdown_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct smbXsrv_session *session,
+ struct smbd_smb2_request *current_req);
+NTSTATUS smb2srv_session_shutdown_recv(struct tevent_req *req);
NTSTATUS smbXsrv_session_logoff(struct smbXsrv_session *session);
NTSTATUS smbXsrv_session_logoff_all(struct smbXsrv_connection *conn);
NTSTATUS smb1srv_session_table_init(struct smbXsrv_connection *conn);
diff --git a/source3/smbd/notify.c b/source3/smbd/notify.c
index 4842d6f..c90561c 100644
--- a/source3/smbd/notify.c
+++ b/source3/smbd/notify.c
@@ -350,6 +350,31 @@ static void change_notify_remove_request(struct smbd_server_connection *sconn,
TALLOC_FREE(req);
}
+static void smbd_notify_cancel_by_map(struct notify_mid_map *map)
+{
+ struct smb_request *smbreq = map->req->req;
+ struct smbd_server_connection *sconn = smbreq->sconn;
+ struct smbd_smb2_request *smb2req = smbreq->smb2req;
+ NTSTATUS notify_status = NT_STATUS_CANCELLED;
+
+ if (smb2req != NULL) {
+ if (smb2req->session == NULL) {
+ notify_status = STATUS_NOTIFY_CLEANUP;
+ } else if (!NT_STATUS_IS_OK(smb2req->session->status)) {
+ notify_status = STATUS_NOTIFY_CLEANUP;
+ }
+ if (smb2req->tcon == NULL) {
+ notify_status = STATUS_NOTIFY_CLEANUP;
+ } else if (!NT_STATUS_IS_OK(smb2req->tcon->status)) {
+ notify_status = STATUS_NOTIFY_CLEANUP;
+ }
+ }
+
+ change_notify_reply(smbreq, notify_status,
+ 0, NULL, map->req->reply_fn);
+ change_notify_remove_request(sconn, map->req);
+}
+
/****************************************************************************
Delete entries by mid from the change notify pending queue. Always send reply.
*****************************************************************************/
@@ -369,9 +394,7 @@ void remove_pending_change_notify_requests_by_mid(
return;
}
- change_notify_reply(map->req->req,
- NT_STATUS_CANCELLED, 0, NULL, map->req->reply_fn);
- change_notify_remove_request(sconn, map->req);
+ smbd_notify_cancel_by_map(map);
}
void smbd_notify_cancel_by_smbreq(const struct smb_request *smbreq)
@@ -389,9 +412,7 @@ void smbd_notify_cancel_by_smbreq(const struct smb_request *smbreq)
return;
}
- change_notify_reply(map->req->req,
- NT_STATUS_CANCELLED, 0, NULL, map->req->reply_fn);
- change_notify_remove_request(sconn, map->req);
+ smbd_notify_cancel_by_map(map);
}
/****************************************************************************
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index d187787..b926584 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -4747,7 +4747,7 @@ int posix_sys_acl_blob_get_file(vfs_handle_struct *handle,
};
struct smb_filename *smb_fname;
- smb_fname = synthetic_smb_fname_split(frame, path_p, NULL);
+ smb_fname = synthetic_smb_fname(frame, path_p, NULL, NULL);
if (smb_fname == NULL) {
TALLOC_FREE(frame);
errno = ENOMEM;
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 327b25d..2ff0f88 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -1158,6 +1158,8 @@ int vfs_stat_smb_fname(struct connection_struct *conn, const char *fname,
SMB_STRUCT_STAT *psbuf);
int vfs_lstat_smb_fname(struct connection_struct *conn, const char *fname,
SMB_STRUCT_STAT *psbuf);
+int vfs_stat_smb_basename(struct connection_struct *conn, const char *fname,
+ SMB_STRUCT_STAT *psbuf);
NTSTATUS vfs_stat_fsp(files_struct *fsp);
NTSTATUS vfs_chown_fsp(files_struct *fsp, uid_t uid, gid_t gid);
NTSTATUS vfs_streaminfo(connection_struct *conn,
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 1e4beda..a4e149f 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -1970,12 +1970,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
if (req->do_encryption) {
signing_required = false;
- } else if (flags & SMB2_HDR_FLAG_SIGNED) {
+ } else if (signing_required || (flags & SMB2_HDR_FLAG_SIGNED)) {
DATA_BLOB signing_key;
if (x == NULL) {
return smbd_smb2_request_error(
- req, NT_STATUS_ACCESS_DENIED);
+ req, NT_STATUS_USER_SESSION_DELETED);
}
signing_key = x->global->channels[0].signing_key;
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index a82d696..9f34a09 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -28,9 +28,8 @@
#include "../lib/tsocket/tsocket.h"
#include "../libcli/security/security.h"
#include "../lib/util/tevent_ntstatus.h"
-#include "lib/smbd_tevent_queue.h"
-static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
+static struct tevent_req *smbd_smb2_session_setup_wrap_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct smbd_smb2_request *smb2req,
uint64_t in_session_id,
@@ -38,7 +37,7 @@ static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
uint8_t in_security_mode,
uint64_t in_previous_session_id,
DATA_BLOB in_security_buffer);
-static NTSTATUS smbd_smb2_session_setup_recv(struct tevent_req *req,
+static NTSTATUS smbd_smb2_session_setup_wrap_recv(struct tevent_req *req,
uint16_t *out_session_flags,
TALLOC_CTX *mem_ctx,
DATA_BLOB *out_security_buffer,
@@ -88,14 +87,14 @@ NTSTATUS smbd_smb2_request_process_sesssetup(struct smbd_smb2_request *smb2req)
in_security_buffer.data = SMBD_SMB2_IN_DYN_PTR(smb2req);
in_security_buffer.length = in_security_length;
- subreq = smbd_smb2_session_setup_send(smb2req,
- smb2req->sconn->ev_ctx,
- smb2req,
- in_session_id,
- in_flags,
- in_security_mode,
- in_previous_session_id,
- in_security_buffer);
+ subreq = smbd_smb2_session_setup_wrap_send(smb2req,
+ smb2req->sconn->ev_ctx,
+ smb2req,
+ in_session_id,
+ in_flags,
--
Samba Shared Repository
More information about the samba-cvs
mailing list