[SCM] Samba Shared Repository - branch v4-4-test updated
Karolin Seeger
kseeger at samba.org
Tue Sep 13 14:05:07 UTC 2016
The branch, v4-4-test has been updated
via 87a42e6 ctdb-daemon: Don't steal control structure before synchronous reply
via f91cc13 ctdb-daemon: Handle failure immediately, do housekeeping later
via ed7a8f4 ctdb-daemon: Schedule running of callback if there are no event scripts
via 438a79e s3-util: Fix asking for username and password in smbget.
via 88c1b5c ctdb-daemon: When releasing an IP, update PNN in callback
via d17bc0c ctdb-daemon: Rename takeover_callback_state -> release_ip_callback_state
via 80fce45 ctdb-daemon: Use release_ip_post() when releasing all IP addresses
via f981ea8 ctdb-daemon: Factor out new function release_ip_post()
via 471eeec ctdb-daemon: Do not copy address for RELEASE_IP message
via c215783 ctdb-daemon: Do not update the VNN state on RELEASE_IP failure
via 6d24dd8 ctdb-daemon: Try to release IP address even if interface is unknown
via 5bbb0c6 ctdb-takeover: Inform clients when dropping all IP addresses
via 11055aa ctdb-takeover: Do not kill smbd processes on releasing IP
via e0deedd idmap: centrally check that unix IDs returned by the idmap backends are in range
via 9a320f6 idmap: don't generally forbid id==0 from idmap_unix_id_is_in_range()
via c6ac876 smbd: allow reading files based on FILE_EXECUTE access right
via 59eb36d smbd: look only at handle readability for COPYCHUNK dest
via fda7740 s4-smbtorture: pin copychunk exec right behavior
via 5ba3f0c seltest: allow opening files with arbitrary rights in smb2.ioctl tests
via 577b459 seltest: implicit FILE_READ_DATA non-reporting
via 5580e5f s4-selftest: add test for read access check
via f2f8df9 s4-selftest: add functions which create with desired access
via c0154e8 s4-smbtorture: use standard macros in smb2.read test
via c3169bc selftest: add tests for dfree with inherit owner enabled
via 3d0a4f3 selftest: add definition of smbcacls to selftesthelpers.py
via adb3987 selftest: refactor test_dfree_quota.sh - add share parameter
via 475131c smbd: use owner uid for free disk calculation if owner is inherited
via f776b51 smbd: get a valid file stat to disk_quotas
via 1a07eec quotas: small cleanup
via a8accc7 s3: oplock: Fix race condition when closing an oplocked file.
via fc5f102 smbd: oplock: Factor out internals of remove_oplock() into new remove_oplock_under_lock().
via 13c24a8 smbd: oplock: Fixup debug messages inside remove_oplock().
via 52efd0c gensec/spnego: work around missing server mechListMIC in SMB servers
via 7aaf3f58 dbcheck: Abandon dbcheck if we get an error during a transaction
via 3f19982 dsdb: Allow missing a mandatory attribute from a dbcheck fix
from 28d8230 script/release.sh: use 8 byte gpg key ids
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-4-test
- Log -----------------------------------------------------------------
commit 87a42e6c10ab4e31ecbf16d16cadd32e252f305c
Author: Martin Schwenke <martin at meltin.net>
Date: Wed Aug 31 08:29:13 2016 +1000
ctdb-daemon: Don't steal control structure before synchronous reply
If *async_reply isn't set then the calling code will reply to the
control and free the control structure. In some places the control
structure pointer is stolen onto state before a synchronous exit due
to an error condition. The error handling then frees state and
returns an error. The calling code will access-after-free when trying
to reply to the control.
To make this easier to understand, the convention is that any
(immediate) error results in a synchronous reply to the control via an
error return code AND *async_reply not being set. In this case the
control structure pointer should never be stolen onto state. State is
never used for a synchronous reply, it is only ever used by a
callback.
Also initialise state->c to NULL so that any premature call to a
callback (e.g. in an immediate error path) is more obvious.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12180
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 9d975b860d52030a702723c70791c6a2829107c0)
Autobuild-User(v4-4-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-4-test): Tue Sep 13 16:04:10 CEST 2016 on sn-devel-144
commit f91cc13ab7a9a4115604260167c404ea262f685f
Author: Martin Schwenke <martin at meltin.net>
Date: Fri Aug 26 16:38:56 2016 +1000
ctdb-daemon: Handle failure immediately, do housekeeping later
The callback should never be called before an immediate return. The
callback might reply to a control and the caller of
ctdb_event_script_callback_v() may not have assigned/stolen the
pointer to control structure into the private data. Therefore,
calling the callback can dereference an uninitialised pointer to the
control structure when attempting to reply.
An event script isn't being run until the child has been forked. So
update relevant state and set the destructor after this.
If the child can't be forked then free the state and return with an
error. The callback will not be called and the caller will process
the error correctly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12180
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 582518c7e89b279e34147bdb0b04b73056fac048)
commit ed7a8f45039d2998b0e18522f3ec34e160c2a65b
Author: Martin Schwenke <martin at meltin.net>
Date: Fri Aug 26 16:29:47 2016 +1000
ctdb-daemon: Schedule running of callback if there are no event scripts
The callback should never be called before an immediate return. The
callback might reply to a control and the caller of
ctdb_event_script_callback_v() may not have assigned/stolen the
pointer to control structure into the private data. Therefore,
calling the callback can dereference an uninitialised pointer to the
control structure when attempting to reply.
ctdb_event_script_callback_v() must succeed when there are no event
scripts. On success the caller will mark the call as asynchronous and
expect the callback to be called. Given that it can't be called
before return then it needs to be scheduled.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12180
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 9076c44f35bf309b9e183bae98829f7154b93f33)
commit 438a79ede0f658313a51bee5df507d996c079636
Author: Andreas Schneider <asn at samba.org>
Date: Thu Aug 25 14:24:08 2016 +0200
s3-util: Fix asking for username and password in smbget.
If the user specified the username in the URI with with:
smb://DOMAIN;user:secret@server/share
the tool should not prompt for the username nor the password.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12175
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit f5401ff3146aabc5fb2dac25e4856c6c3756c8f7)
commit 88c1b5caeb547a1a3ebe94614fa827dc473cb64c
Author: Martin Schwenke <martin at meltin.net>
Date: Fri Aug 19 16:38:50 2016 +1000
ctdb-daemon: When releasing an IP, update PNN in callback
When an error occurs so an IP address is not released then the PNN in
the VNN is currently incorrectly updated.
Instead, update the PNN in the callback when the release is
successful. Also, explicitly update the PNN on redundant releases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Sun Aug 21 22:45:33 CEST 2016 on sn-devel-144
(cherry picked from commit 6dc75c7d24325d2070eb7feab5399dbfda50da96)
commit d17bc0c596c2ef772f9eefbfc181556aa4e0c542
Author: Martin Schwenke <martin at meltin.net>
Date: Fri Aug 19 16:30:46 2016 +1000
ctdb-daemon: Rename takeover_callback_state -> release_ip_callback_state
Many years ago takeover_callback_state was used for both IP takeover
and release. Now it is only used when releasing an IP so rename it to
improve clarity.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 976a50af6f045765c7bf1961e26efc3cba17f3ba)
commit 80fce45f3f95f7648dadf5f7954a387ae5c79a94
Author: Martin Schwenke <martin at meltin.net>
Date: Thu Aug 11 14:07:44 2016 +1000
ctdb-daemon: Use release_ip_post() when releasing all IP addresses
This has the advantage of using common code. Also, if there was
previously a failed attempt to release the IP address as part of a
delete, then this will finish processing the delete.
Extra care needs to be taken when a VNN is actually deleted.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit d2a91394f55a2e0152bf470dac2608618db13b1f)
commit f981ea8f677d0f48402c9af2014f833876196081
Author: Martin Schwenke <martin at meltin.net>
Date: Thu Aug 11 13:57:43 2016 +1000
ctdb-daemon: Factor out new function release_ip_post()
This contains the cleanup that needs to be done after an IP address is
released from an interface.
state->vnn is set to the return value from release_ip_post(), which is
either the original VNN, or NULL if it was deleted. This allows
correct handling of the in-flight flag in the destructor for state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 46c5136e4e4bd291cbb96395374c9b133f5d8ad8)
commit 471eeecd5afc6b3d0b8ae75c25b16e127478bb0c
Author: Martin Schwenke <martin at meltin.net>
Date: Thu Aug 11 13:41:12 2016 +1000
ctdb-daemon: Do not copy address for RELEASE_IP message
If there's an allocation failure then the implicit early return in
CTDB_NO_MEMORY_VOID() means that no reply is sent to the control.
ctdb_daemon_send_message() makes a copy of the data, so don't copy it
here and remove an unnecessary chance of failure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit e653c8bb4a7bd712351a4ead3997c61b22c46f8d)
commit c21578317eaa8e64c0ce2303bcca9e7516608c80
Author: Martin Schwenke <martin at meltin.net>
Date: Sat Jul 30 11:12:19 2016 +1000
ctdb-daemon: Do not update the VNN state on RELEASE_IP failure
If RELEASE_IP fails then updating the VNN makes it inconsistent with
reality. Instead, log the failure and move on to the next IP
address.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit ca22373231918dab4e94cf1bab03253aadd61993)
commit 6d24dd8f23f75ef46167a49250bcc06b62741b9a
Author: Martin Schwenke <martin at meltin.net>
Date: Mon Aug 8 07:09:38 2016 +1000
ctdb-daemon: Try to release IP address even if interface is unknown
The "releaseip" event in 10.interface will determine the interface and
do the right thing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 509491a868ed01bfc5a970bd36eea4b01130853a)
commit 5bbb0c64cd786d0ebebef7e6c0ca153cdc34f46e
Author: Amitay Isaacs <amitay at gmail.com>
Date: Sat Mar 5 14:05:21 2016 +1100
ctdb-takeover: Inform clients when dropping all IP addresses
CTDB releases all IPs in following cases: starting up, shutting down,
node gets banned, node does not come out of recovery for a long time.
Always inform samba when CTDB releases IP addresses.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 00b9e76904bb1108e0f06d0dba4df89394d58252)
commit 11055aacc820640f80ec876d32da3c7d0f0440ae
Author: Amitay Isaacs <amitay at gmail.com>
Date: Fri Mar 4 15:04:13 2016 +1100
ctdb-takeover: Do not kill smbd processes on releasing IP
CTDB already notifies Samba with RELEASE_IP message. Samba can take
appropriate action based on that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12158
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit b8272d835d6e5186568237cd8b7a2105884c0515)
commit e0deeddc948cbf2a32ac5ca99962827001102025
Author: Michael Adam <obnox at samba.org>
Date: Tue Aug 9 18:25:12 2016 +0200
idmap: centrally check that unix IDs returned by the idmap backends are in range
Note: in the long run, it might be good to move this kind of
exit check (before handing the result back to the client)
to the parent winbindd code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12155
Signed-off-by: Michael Adam <obnox at samba.org>
(Backported from master commit b2bf61307cffd8ff7b6fb9852c107ab763653119.)
commit 9a320f60cf52bc5266b221874a805ed3dfdd6c62
Author: Michael Adam <obnox at samba.org>
Date: Mon Aug 15 23:07:33 2016 +0200
idmap: don't generally forbid id==0 from idmap_unix_id_is_in_range()
If the range allows it, then id==0 should not be forbidden.
This seems to have been taken in from idmap_ldap when the
function was originally created.
See 634cd2e0451d4388c3e3f78239495cf595368b15 .
The other backends don't seem to have had that
extra check for id == 0.
The reasoning for this change is that the range check should
apply to all cases. If the range includes the 0, then it
should be possible to get it as result. In particular,
this way, the function becomes applicable also to the
passdb backend case, e.g. in a samba4-ad-dc setup where
the Admin gets uid == 0.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12155
Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit c21976d4b1c604699299f2c0f768c1add93b349d)
commit c6ac8764649fe47226f115d1ae18a0220400e932
Author: Uri Simchoni <uri at samba.org>
Date: Thu Aug 4 14:59:23 2016 +0300
smbd: allow reading files based on FILE_EXECUTE access right
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Thu Aug 18 18:58:22 CEST 2016 on sn-devel-144
(backported from commit a6073e6130d39dac58f1e6ea9f41ec4ab34c3e29)
commit 59eb36dedc8fe4e7069e13a2f3a1f57c64774da9
Author: Uri Simchoni <uri at samba.org>
Date: Sat Aug 13 00:19:33 2016 +0300
smbd: look only at handle readability for COPYCHUNK dest
This commits sets the stage for a change of behavior
in a later commit.
When checking FILE_READ_DATA on the COPYCHUNK dest handle,
only check the handle readability and not the extra right
that may have been added due to the FILE_EXECUTE right.
The check for FILE_READ_DATA always seemed strange for the
dest handle, which is not read. It turns out that in Windows,
this check is not done at the SMB layer, but at a lower layer
that processes the IOCTL request - the IOCTL code has bits
that specify what type of access check needs to be done.
Therefore, this lower layer is unaware of the SMB layer's
practice of granting READ access based on the FILE_EXECUTE
right, and it only checks the handle's readability.
This subtle difference has observable behavior - the
COPYCHUNK source handle can have FILE_EXECUTE right instead
of FILE_READ_DATA, but the dest handle cannot.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Tue Aug 16 15:21:03 CEST 2016 on sn-devel-144
(cherry picked from commit 3e42b69d5e1216b6af570a09d58040d281bbbf17)
commit fda774086caddb245b4abf0b082570dd0fa2a823
Author: Uri Simchoni <uri at samba.org>
Date: Thu Aug 4 13:12:58 2016 +0300
s4-smbtorture: pin copychunk exec right behavior
Add tests that show copychunk behavior when the
source and dest handles have execute right instead
of read-data right.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
(cherry picked from commit 5bf11f6f5b4dab4cba4b00674bcb76138fb55974)
commit 5ba3f0c48f98008406a996950c7cd4821faca33f
Author: Uri Simchoni <uri at samba.org>
Date: Mon Aug 15 23:39:50 2016 +0300
seltest: allow opening files with arbitrary rights in smb2.ioctl tests
Separate file creation (which requires write access) from the
opening of the file for the test (which might be without write
access).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
(cherry picked from commit 6ce0304eda4b464972defcecd591fab03428bd03)
commit 577b459d29323b6fb2d005aab1ce125ac7dc1131
Author: Uri Simchoni <uri at samba.org>
Date: Sat Aug 13 21:23:34 2016 +0300
seltest: implicit FILE_READ_DATA non-reporting
This test (passes against Windows Server 2012R2) shows
that the implicit FILE_READ_DATA that is added whenever
FILE_EXECUTE is granted, is not reported back when querying
the handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
(cherry picked from commit 7dc9f582066d500bf57000891560610e8d2e208c)
commit 5580e5f2e8ed6b024208173fda0ce927eb995144
Author: Uri Simchoni <uri at samba.org>
Date: Sun Jul 31 14:29:37 2016 +0300
s4-selftest: add test for read access check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
(backported from commit 55a9d35cabaea6e98211fc058b788cedf9b7b22a)
commit f2f8df9cc08e03c00457af4f73d082e6620891a9
Author: Uri Simchoni <uri at samba.org>
Date: Sun Jul 31 14:26:24 2016 +0300
s4-selftest: add functions which create with desired access
Add functions which create a file or a directory with
specific desired access.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
(cherry picked from commit 1b06acafa4e9ea91a50e5ed85da881187057da6e)
commit c0154e8ebf3a569154439e11c33841d03c71484f
Author: Uri Simchoni <uri at samba.org>
Date: Thu Aug 4 12:59:38 2016 +0300
s4-smbtorture: use standard macros in smb2.read test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
(cherry picked from commit 20b9a5bd74fafbca4b7cc7952c27033edcf0eeb8)
commit c3169bc37cb64f0d823dc69fd40c707690b80228
Author: Uri Simchoni <uri at samba.org>
Date: Thu Aug 11 23:54:22 2016 +0300
selftest: add tests for dfree with inherit owner enabled
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit b6931d5edc381d64ba0fbcd85538cd65e90a2560)
commit 3d0a4f34bd739a595ffef24033242ef4ff644dc5
Author: Uri Simchoni <uri at samba.org>
Date: Sun Aug 14 14:54:11 2016 +0300
selftest: add definition of smbcacls to selftesthelpers.py
This facilitates cherry-picking of the next patch.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit adb3987bd36fba61aaa8433ff97dadf353e8f683
Author: Uri Simchoni <uri at samba.org>
Date: Wed Jan 20 21:54:24 2016 +0200
selftest: refactor test_dfree_quota.sh - add share parameter
Add a share parameter to individual disk-free tests. This will
allow running tests on shares other than dfq share.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(backported from commit f20d57eceacccb365892dec816cbe57e2ddda8b9)
commit 475131c89819a2ad77c2e9c7896ea8dbd0f5fc70
Author: Uri Simchoni <uri at samba.org>
Date: Thu Aug 11 23:37:42 2016 +0300
smbd: use owner uid for free disk calculation if owner is inherited
If "inherit owner" is enabled, then new files created under a
directory shall consume the quota of the directory's owner, so
the free disk calculation should take that quota into account,
not the quota of the user creating the file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(backported from commit ea73bcd87b6113f77ccda683d15b5a39003b8eaa)
commit f776b51dde0f4ab6ae7b7865fd1146aabfa17b95
Author: Uri Simchoni <uri at samba.org>
Date: Thu Jan 14 00:09:36 2016 +0200
smbd: get a valid file stat to disk_quotas
Most calls to disk_quotas originate at a state with an
open file descriptor. Pass the file's stat info down to
disk_quota, so that we can avoid extra stat's and the related
error handling.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit bd2ec88dca692c239397891bd35c9fa6b8e7b51a)
commit 1a07eec97bd546310773a0d32e7125aa9aa45626
Author: Uri Simchoni <uri at samba.org>
Date: Wed Jan 27 08:12:20 2016 +0200
quotas: small cleanup
Remove an internal function from proto.h
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12145
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 3e6ea02d4258a782482eee9f9124c6a39b74a965)
commit a8accc77ede273f3e9427612c18450d3c1f33666
Author: Jeremy Allison <jra at samba.org>
Date: Wed Aug 10 14:42:07 2016 -0700
s3: oplock: Fix race condition when closing an oplocked file.
We must send the 'oplock released' message whilst the lock
is held in the close path. Otherwise the messaged smbd can
race with the share mode delete.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12139
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit df83b17c60a08a27a7ddd1d88dc125e15b3ee06d)
commit fc5f1029ac2f6dc1060d8bd6fab4bb160df7898d
Author: Jeremy Allison <jra at samba.org>
Date: Wed Aug 10 14:39:52 2016 -0700
smbd: oplock: Factor out internals of remove_oplock() into new remove_oplock_under_lock().
Allows this to be called elsewhere.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12139
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit cb394abe5206dd8ad8a68f157427991b259129a7)
commit 13c24a8d13efab4cab2bdce10897c2bc4eb6cef1
Author: Jeremy Allison <jra at samba.org>
Date: Wed Aug 10 14:35:42 2016 -0700
smbd: oplock: Fixup debug messages inside remove_oplock().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12139
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit de7180151fc99893c4763882fecd9d2a623cd061)
commit 52efd0c4aa30fbd9f480ded6fda33a90ae7073fb
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Sep 1 08:08:23 2016 +0200
gensec/spnego: work around missing server mechListMIC in SMB servers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11994
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Christian Ambach <ambi at samba.org>
Autobuild-User(master): Christian Ambach <ambi at samba.org>
Autobuild-Date(master): Fri Sep 2 18:10:44 CEST 2016 on sn-devel-144
(cherry picked from commit 9b45ba5cd53bd513eb777590815a0b8408af64e2)
commit 7aaf3f5868e859e2a42222b29a06ab1deae52b70
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Aug 26 15:53:19 2016 +1200
dbcheck: Abandon dbcheck if we get an error during a transaction
Otherwise, anything that the transaction has already done to the DB will be left in the DB
even despite the failure. For example, if a fix wrote to the DB, but then failed a post-write
check, then the fix will not be unrolled.
This is because we do not have nested transactions in TDB.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12178
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Aug 29 12:46:21 CEST 2016 on sn-devel-144
(cherry picked from commit db32a0e5ea8f652857e45480cc31ecb1ef884c1a)
commit 3f199828e132a852f27a90a4bbcb50a4d6f61d9f
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Aug 26 15:54:35 2016 +1200
dsdb: Allow missing a mandatory attribute from a dbcheck fix
dbcheck of the rid pool (CN=RID Set) for another server will otherwise fail because
rIDNextRid is not replicated, and so it not present
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12178
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 9d0c869e36ba2f43fd2ed4cd090b48102d499bc8)
-----------------------------------------------------------------------
Summary of changes:
auth/gensec/spnego.c | 69 +++++++-
ctdb/server/ctdb_takeover.c | 177 ++++++++++-----------
ctdb/server/eventscript.c | 87 ++++++++--
python/samba/dbchecker.py | 7 +
selftest/knownfail | 4 +
selftest/selftesthelpers.py | 1 +
selftest/target/Samba3.pm | 21 ++-
source3/include/smb_macros.h | 8 +
source3/modules/vfs_ceph.c | 5 +-
source3/modules/vfs_default.c | 5 +-
source3/script/tests/test_dfree_quota.sh | 84 +++++++---
source3/selftest/tests.py | 2 +-
source3/smbd/close.c | 10 +-
source3/smbd/dfree.c | 16 +-
source3/smbd/oplock.c | 54 ++++---
source3/smbd/proto.h | 17 +-
source3/smbd/quotas.c | 55 ++++---
source3/smbd/reply.c | 13 +-
source3/smbd/smb2_glue.c | 16 ++
source3/smbd/smb2_ioctl_network_fs.c | 4 +-
source3/smbd/trans2.c | 12 +-
source3/smbd/vfs.c | 4 +-
source3/utils/smbget.c | 26 ++-
source3/winbindd/idmap_util.c | 5 -
source3/winbindd/winbindd_dual_srv.c | 4 +
source4/dsdb/samdb/ldb_modules/objectclass_attrs.c | 9 +-
source4/torture/smb2/getinfo.c | 45 ++++++
source4/torture/smb2/ioctl.c | 116 ++++++++++----
source4/torture/smb2/read.c | 96 +++++++++--
source4/torture/smb2/util.c | 63 +++++++-
testprogs/blackbox/dbcheck-oldrelease.sh | 10 ++
31 files changed, 761 insertions(+), 284 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c
index 3962d72..9e5e758 100644
--- a/auth/gensec/spnego.c
+++ b/auth/gensec/spnego.c
@@ -54,9 +54,11 @@ struct spnego_state {
DATA_BLOB mech_types;
size_t num_targs;
+ bool downgraded;
bool mic_requested;
bool needs_mic_sign;
bool needs_mic_check;
+ bool may_skip_mic_check;
bool done_mic_check;
bool simulate_w2k;
@@ -433,6 +435,7 @@ static NTSTATUS gensec_spnego_parse_negTokenInit(struct gensec_security *gensec_
* Indicate the downgrade and request a
* mic.
*/
+ spnego_state->downgraded = true;
spnego_state->mic_requested = true;
break;
}
@@ -1077,7 +1080,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
DEBUG(3,("GENSEC SPNEGO: client preferred mech (%s) not accepted, server wants: %s\n",
gensec_get_name_by_oid(gensec_security, spnego_state->neg_oid),
gensec_get_name_by_oid(gensec_security, spnego.negTokenTarg.supportedMech)));
-
+ spnego_state->downgraded = true;
spnego_state->no_response_expected = false;
talloc_free(spnego_state->sub_sec_security);
nt_status = gensec_subcontext_start(spnego_state,
@@ -1134,6 +1137,23 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
return NT_STATUS_INVALID_PARAMETER;
}
+ if (spnego.negTokenTarg.mechListMIC.length == 0
+ && spnego_state->may_skip_mic_check) {
+ /*
+ * In this case we don't require
+ * a mechListMIC from the server.
+ *
+ * This works around bugs in the Azure
+ * and Apple spnego implementations.
+ *
+ * See
+ * https://bugzilla.samba.org/show_bug.cgi?id=11994
+ */
+ spnego_state->needs_mic_check = false;
+ nt_status = NT_STATUS_OK;
+ goto client_response;
+ }
+
nt_status = gensec_check_packet(spnego_state->sub_sec_security,
spnego_state->mech_types.data,
spnego_state->mech_types.length,
@@ -1189,9 +1209,56 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
*/
new_spnego = false;
}
+
break;
case SPNEGO_ACCEPT_INCOMPLETE:
+ if (spnego.negTokenTarg.mechListMIC.length > 0) {
+ new_spnego = true;
+ break;
+ }
+
+ if (spnego_state->downgraded) {
+ /*
+ * A downgrade should be protected if
+ * supported
+ */
+ break;
+ }
+
+ /*
+ * The caller may just asked for
+ * GENSEC_FEATURE_SESSION_KEY, this
+ * is only reflected in the want_features.
+ *
+ * As it will imply
+ * gensec_have_features(GENSEC_FEATURE_SIGN)
+ * to return true.
+ */
+ if (gensec_security->want_features & GENSEC_FEATURE_SIGN) {
+ break;
+ }
+ if (gensec_security->want_features & GENSEC_FEATURE_SEAL) {
+ break;
+ }
+ /*
+ * Here we're sure our preferred mech was
+ * selected by the server and our caller doesn't
+ * need GENSEC_FEATURE_SIGN nor
+ * GENSEC_FEATURE_SEAL support.
+ *
+ * In this case we don't require
+ * a mechListMIC from the server.
+ *
+ * This works around bugs in the Azure
+ * and Apple spnego implementations.
+ *
+ * See
+ * https://bugzilla.samba.org/show_bug.cgi?id=11994
+ */
+ spnego_state->may_skip_mic_check = true;
+ break;
+
case SPNEGO_REQUEST_MIC:
if (spnego.negTokenTarg.mechListMIC.length > 0) {
new_spnego = true;
diff --git a/ctdb/server/ctdb_takeover.c b/ctdb/server/ctdb_takeover.c
index a613aa0..6fadbfb 100644
--- a/ctdb/server/ctdb_takeover.c
+++ b/ctdb/server/ctdb_takeover.c
@@ -403,12 +403,6 @@ static int32_t ctdb_announce_vnn_iface(struct ctdb_context *ctdb,
return 0;
}
-struct takeover_callback_state {
- struct ctdb_req_control_old *c;
- ctdb_sock_addr *addr;
- struct ctdb_vnn *vnn;
-};
-
struct ctdb_do_takeip_state {
struct ctdb_req_control_old *c;
struct ctdb_vnn *vnn;
@@ -501,7 +495,7 @@ static int32_t ctdb_do_takeip(struct ctdb_context *ctdb,
state = talloc(vnn, struct ctdb_do_takeip_state);
CTDB_NO_MEMORY(ctdb, state);
- state->c = talloc_steal(ctdb, c);
+ state->c = NULL;
state->vnn = vnn;
vnn->update_in_flight = true;
@@ -530,6 +524,7 @@ static int32_t ctdb_do_takeip(struct ctdb_context *ctdb,
return -1;
}
+ state->c = talloc_steal(ctdb, c);
return 0;
}
@@ -638,7 +633,7 @@ static int32_t ctdb_do_updateip(struct ctdb_context *ctdb,
state = talloc(vnn, struct ctdb_do_updateip_state);
CTDB_NO_MEMORY(ctdb, state);
- state->c = talloc_steal(ctdb, c);
+ state->c = NULL;
state->old = old;
state->vnn = vnn;
@@ -670,6 +665,7 @@ static int32_t ctdb_do_updateip(struct ctdb_context *ctdb,
return -1;
}
+ state->c = talloc_steal(ctdb, c);
return 0;
}
@@ -815,44 +811,6 @@ int32_t ctdb_control_takeover_ip(struct ctdb_context *ctdb,
return 0;
}
-/*
- kill any clients that are registered with a IP that is being released
- */
-static void release_kill_clients(struct ctdb_context *ctdb, ctdb_sock_addr *addr)
-{
- struct ctdb_client_ip *ip;
-
- DEBUG(DEBUG_INFO,("release_kill_clients for ip %s\n",
- ctdb_addr_to_str(addr)));
-
- for (ip=ctdb->client_ip_list; ip; ip=ip->next) {
- ctdb_sock_addr tmp_addr;
-
- tmp_addr = ip->addr;
- DEBUG(DEBUG_INFO,("checking for client %u with IP %s\n",
- ip->client_id,
- ctdb_addr_to_str(&ip->addr)));
-
- if (ctdb_same_ip(&tmp_addr, addr)) {
- struct ctdb_client *client = reqid_find(ctdb->idr,
- ip->client_id,
- struct ctdb_client);
- DEBUG(DEBUG_INFO,("matched client %u with IP %s and pid %u\n",
- ip->client_id,
- ctdb_addr_to_str(&ip->addr),
- client->pid));
-
- if (client->pid != 0) {
- DEBUG(DEBUG_INFO,(__location__ " Killing client pid %u for IP %s on client_id %u\n",
- (unsigned)client->pid,
- ctdb_addr_to_str(addr),
- ip->client_id));
- kill(client->pid, SIGKILL);
- }
- }
- }
-}
-
static void do_delete_ip(struct ctdb_context *ctdb, struct ctdb_vnn *vnn)
{
DLIST_REMOVE(ctdb->vnn, vnn);
@@ -861,15 +819,47 @@ static void do_delete_ip(struct ctdb_context *ctdb, struct ctdb_vnn *vnn)
talloc_free(vnn);
}
+static struct ctdb_vnn *release_ip_post(struct ctdb_context *ctdb,
+ struct ctdb_vnn *vnn,
+ ctdb_sock_addr *addr)
+{
+ TDB_DATA data;
+
+ /* Send a message to all clients of this node telling them
+ * that the cluster has been reconfigured and they should
+ * close any connections on this IP address
+ */
+ data.dptr = (uint8_t *)ctdb_addr_to_str(addr);
+ data.dsize = strlen((char *)data.dptr)+1;
+ DEBUG(DEBUG_INFO, ("Sending RELEASE_IP message for %s\n", data.dptr));
+ ctdb_daemon_send_message(ctdb, ctdb->pnn, CTDB_SRVID_RELEASE_IP, data);
+
+ ctdb_vnn_unassign_iface(ctdb, vnn);
+
+ /* Process the IP if it has been marked for deletion */
+ if (vnn->delete_pending) {
+ do_delete_ip(ctdb, vnn);
+ return NULL;
+ }
+
+ return vnn;
+}
+
+struct release_ip_callback_state {
+ struct ctdb_req_control_old *c;
+ ctdb_sock_addr *addr;
+ struct ctdb_vnn *vnn;
+ uint32_t target_pnn;
+};
+
/*
called when releaseip event finishes
*/
-static void release_ip_callback(struct ctdb_context *ctdb, int status,
+static void release_ip_callback(struct ctdb_context *ctdb, int status,
void *private_data)
{
- struct takeover_callback_state *state =
- talloc_get_type(private_data, struct takeover_callback_state);
- TDB_DATA data;
+ struct release_ip_callback_state *state =
+ talloc_get_type(private_data, struct release_ip_callback_state);
if (status == -ETIME) {
ctdb_ban_self(ctdb);
@@ -887,34 +877,15 @@ static void release_ip_callback(struct ctdb_context *ctdb, int status,
}
}
- /* send a message to all clients of this node telling them
- that the cluster has been reconfigured and they should
- release any sockets on this IP */
- data.dptr = (uint8_t *)talloc_strdup(state, ctdb_addr_to_str(state->addr));
- CTDB_NO_MEMORY_VOID(ctdb, data.dptr);
- data.dsize = strlen((char *)data.dptr)+1;
-
- DEBUG(DEBUG_INFO,(__location__ " sending RELEASE_IP for '%s'\n", data.dptr));
-
- ctdb_daemon_send_message(ctdb, ctdb->pnn, CTDB_SRVID_RELEASE_IP, data);
-
- /* kill clients that have registered with this IP */
- release_kill_clients(ctdb, state->addr);
-
- ctdb_vnn_unassign_iface(ctdb, state->vnn);
-
- /* Process the IP if it has been marked for deletion */
- if (state->vnn->delete_pending) {
- do_delete_ip(ctdb, state->vnn);
- state->vnn = NULL;
- }
+ state->vnn->pnn = state->target_pnn;
+ state->vnn = release_ip_post(ctdb, state->vnn, state->addr);
/* the control succeeded */
ctdb_request_control_reply(ctdb, state->c, NULL, 0, NULL);
talloc_free(state);
}
-static int ctdb_releaseip_destructor(struct takeover_callback_state *state)
+static int ctdb_releaseip_destructor(struct release_ip_callback_state *state)
{
if (state->vnn != NULL) {
state->vnn->update_in_flight = false;
@@ -931,7 +902,7 @@ int32_t ctdb_control_release_ip(struct ctdb_context *ctdb,
bool *async_reply)
{
int ret;
- struct takeover_callback_state *state;
+ struct release_ip_callback_state *state;
struct ctdb_public_ip *pip = (struct ctdb_public_ip *)indata.dptr;
struct ctdb_vnn *vnn;
char *iface;
@@ -943,16 +914,20 @@ int32_t ctdb_control_release_ip(struct ctdb_context *ctdb,
ctdb_addr_to_str(&pip->addr)));
return 0;
}
- vnn->pnn = pip->pnn;
/* stop any previous arps */
talloc_free(vnn->takeover_ctx);
vnn->takeover_ctx = NULL;
- /* Some ctdb tool commands (e.g. moveip, rebalanceip) send
- * lazy multicast to drop an IP from any node that isn't the
- * intended new node. The following causes makes ctdbd ignore
- * a release for any address it doesn't host.
+ /* RELEASE_IP controls are sent to all nodes that should not
+ * be hosting a particular IP. This serves 2 purposes. The
+ * first is to help resolve any inconsistencies. If a node
+ * does unexpectly host an IP then it will be released. The
+ * 2nd is to use a "redundant release" to tell non-takeover
+ * nodes where an IP is moving to. This is how "ctdb ip" can
+ * report the (likely) location of an IP by only asking the
+ * local node. Redundant releases need to update the PNN but
+ * are otherwise ignored.
*/
if (ctdb->tunable.disable_ip_failover == 0 && ctdb->do_checkpublicip) {
if (!ctdb_sys_have_ip(&pip->addr)) {
@@ -960,6 +935,7 @@ int32_t ctdb_control_release_ip(struct ctdb_context *ctdb,
ctdb_addr_to_str(&pip->addr),
vnn->public_netmask_bits,
ctdb_vnn_iface_string(vnn)));
+ vnn->pnn = pip->pnn;
ctdb_vnn_unassign_iface(ctdb, vnn);
return 0;
}
@@ -968,6 +944,7 @@ int32_t ctdb_control_release_ip(struct ctdb_context *ctdb,
DEBUG(DEBUG_DEBUG,("Redundant release of IP %s/%u (ip not held)\n",
ctdb_addr_to_str(&pip->addr),
vnn->public_netmask_bits));
+ vnn->pnn = pip->pnn;
return 0;
}
}
@@ -993,7 +970,7 @@ int32_t ctdb_control_release_ip(struct ctdb_context *ctdb,
iface,
pip->pnn));
- state = talloc(ctdb, struct takeover_callback_state);
+ state = talloc(ctdb, struct release_ip_callback_state);
if (state == NULL) {
ctdb_set_error(ctdb, "Out of memory at %s:%d",
__FILE__, __LINE__);
@@ -1001,8 +978,8 @@ int32_t ctdb_control_release_ip(struct ctdb_context *ctdb,
return -1;
}
- state->c = talloc_steal(state, c);
- state->addr = talloc(state, ctdb_sock_addr);
+ state->c = NULL;
+ state->addr = talloc(state, ctdb_sock_addr);
if (state->addr == NULL) {
ctdb_set_error(ctdb, "Out of memory at %s:%d",
__FILE__, __LINE__);
@@ -1011,6 +988,7 @@ int32_t ctdb_control_release_ip(struct ctdb_context *ctdb,
return -1;
}
*state->addr = pip->addr;
+ state->target_pnn = pip->pnn;
state->vnn = vnn;
vnn->update_in_flight = true;
@@ -1034,6 +1012,7 @@ int32_t ctdb_control_release_ip(struct ctdb_context *ctdb,
/* tell the control that we will be reply asynchronously */
*async_reply = true;
+ state->c = talloc_steal(state, c);
return 0;
}
@@ -2376,21 +2355,21 @@ void ctdb_takeover_client_destructor_hook(struct ctdb_client *client)
void ctdb_release_all_ips(struct ctdb_context *ctdb)
{
- struct ctdb_vnn *vnn;
+ struct ctdb_vnn *vnn, *next;
int count = 0;
if (ctdb->tunable.disable_ip_failover == 1) {
return;
}
- for (vnn=ctdb->vnn;vnn;vnn=vnn->next) {
+ for (vnn = ctdb->vnn; vnn != NULL; vnn = next) {
+ /* vnn can be freed below in release_ip_post() */
+ next = vnn->next;
+
if (!ctdb_sys_have_ip(&vnn->public_address)) {
ctdb_vnn_unassign_iface(ctdb, vnn);
continue;
}
- if (!vnn->iface) {
- continue;
- }
/* Don't allow multiple releases at once. Some code,
* particularly ctdb_tickle_sentenced_connections() is
@@ -2412,12 +2391,26 @@ void ctdb_release_all_ips(struct ctdb_context *ctdb)
ctdb_vnn_iface_string(vnn)));
ctdb_event_script_args(ctdb, CTDB_EVENT_RELEASE_IP, "%s %s %u",
- ctdb_vnn_iface_string(vnn),
- ctdb_addr_to_str(&vnn->public_address),
- vnn->public_netmask_bits);
- release_kill_clients(ctdb, &vnn->public_address);
- ctdb_vnn_unassign_iface(ctdb, vnn);
- vnn->update_in_flight = false;
+ ctdb_vnn_iface_string(vnn),
+ ctdb_addr_to_str(&vnn->public_address),
+ vnn->public_netmask_bits);
+ /* releaseip timeouts are converted to success, so to
+ * detect failures just check if the IP address is
+ * still there...
+ */
+ if (ctdb_sys_have_ip(&vnn->public_address)) {
+ DEBUG(DEBUG_ERR,
+ (__location__
+ " IP address %s not released\n",
+ ctdb_addr_to_str(&vnn->public_address)));
+ vnn->update_in_flight = false;
+ continue;
+ }
+
+ vnn = release_ip_post(ctdb, vnn, &vnn->public_address);
+ if (vnn != NULL) {
+ vnn->update_in_flight = false;
+ }
count++;
}
diff --git a/ctdb/server/eventscript.c b/ctdb/server/eventscript.c
index 5bc2ee8..2293eee 100644
--- a/ctdb/server/eventscript.c
+++ b/ctdb/server/eventscript.c
@@ -699,6 +699,62 @@ static int remove_callback(struct event_script_callback *callback)
return 0;
}
+struct schedule_callback_state {
+ struct ctdb_context *ctdb;
+ void (*callback)(struct ctdb_context *, int, void *);
+ void *private_data;
+ int status;
+ struct tevent_immediate *im;
+};
+
+static void schedule_callback_handler(struct tevent_context *ctx,
+ struct tevent_immediate *im,
+ void *private_data)
+{
+ struct schedule_callback_state *state =
+ talloc_get_type_abort(private_data,
+ struct schedule_callback_state);
+
+ if (state->callback != NULL) {
+ state->callback(state->ctdb, state->status,
+ state->private_data);
+ }
+ talloc_free(state);
+}
+
+static int
+schedule_callback_immediate(struct ctdb_context *ctdb,
+ void (*callback)(struct ctdb_context *,
+ int, void *),
+ void *private_data,
+ int status)
+{
+ struct schedule_callback_state *state;
+ struct tevent_immediate *im;
+
+ state = talloc_zero(ctdb, struct schedule_callback_state);
+ if (state == NULL) {
+ DEBUG(DEBUG_ERR, (__location__ " out of memory\n"));
+ return -1;
+ }
+ im = tevent_create_immediate(state);
+ if (im == NULL) {
+ DEBUG(DEBUG_ERR, (__location__ " out of memory\n"));
+ talloc_free(state);
+ return -1;
+ }
+
--
Samba Shared Repository
More information about the samba-cvs
mailing list