[SCM] Samba Shared Repository - branch v4-4-test updated

Karolin Seeger kseeger at samba.org
Mon Jan 9 13:19:03 UTC 2017


The branch, v4-4-test has been updated
       via  d6b8638 s3: torture: Add test for cli_ftruncate calling cli_smb2_ftruncate.
       via  837a666 s3: libsmb: Add cli_smb2_ftruncate(), plumb into cli_ftruncate().
       via  e29784e selftest: Do not include system krb5.conf in selftest
       via  1283710 s3:libads: Include system /etc/krb5.conf if we use MIT Kerberos
       via  d7568dd s3:param: Add an 'include system krb5 conf' option
      from  1aa6715 VERSION: Bump version up to 4.4.10...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-4-test


- Log -----------------------------------------------------------------
commit d6b86387269d6459820534dd06f6bd9b03ee968e
Author: Jeremy Allison <jra at samba.org>
Date:   Tue Jan 3 15:37:03 2017 -0800

    s3: torture: Add test for cli_ftruncate calling cli_smb2_ftruncate.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12479
    
    Back-port from cherry pick from commit b92cac857823ac2d29133fba2fde57cf58805b45)
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>
    
    Autobuild-User(v4-4-test): Karolin Seeger <kseeger at samba.org>
    Autobuild-Date(v4-4-test): Mon Jan  9 14:18:47 CET 2017 on sn-devel-144

commit 837a6664564d81c7032411044d205f86cbd0e1b9
Author: Jeremy Allison <jra at samba.org>
Date:   Wed Dec 21 13:55:50 2016 -0800

    s3: libsmb: Add cli_smb2_ftruncate(), plumb into cli_ftruncate().
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12479
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>
    (cherry picked from commit e0f1ed9f450851bf5b7fec84577b50047309db3f)

commit e29784e76ee69babf7155c473040b04d12d6870e
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Dec 1 08:18:58 2016 +0100

    selftest: Do not include system krb5.conf in selftest
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12441
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Alexander Bokovoy <ab at samba.org>

commit 12837101208be63b73245cd5eb2df882b55a52ca
Author: Andreas Schneider <asn at samba.org>
Date:   Wed Nov 23 14:40:42 2016 +0100

    s3:libads: Include system /etc/krb5.conf if we use MIT Kerberos
    
    The system /etc/krb5.conf defines some defaults like:
    
        default_ccache_name = KEYRING:persistent:%{uid}
    
    We need to respect that so should include it in our own created
    krb5.conf file.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12441
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Alexander Bokovoy <ab at samba.org>
    (cherry picked from commit 4ef772be3a7259b48253643392574fab28c37916)

commit d7568dd2e2bd9a1e4f9c7c43e252e3d2b88a67db
Author: Andreas Schneider <asn at samba.org>
Date:   Wed Nov 23 14:39:47 2016 +0100

    s3:param: Add an 'include system krb5 conf' option
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12441
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Alexander Bokovoy <ab at samba.org>
    (cherry picked from commit f464f69b33b40c81d6ee57bebf9d59837431739b)

-----------------------------------------------------------------------

Summary of changes:
 .../smbdotconf/winbind/includesystemkrb5conf.xml   |  15 ++
 python/samba/tests/docs.py                         |   3 +-
 selftest/selftest.pl                               |   1 +
 selftest/target/Samba3.pm                          |   1 +
 source3/libads/kerberos.c                          |  13 +-
 source3/libsmb/cli_smb2_fnum.c                     |  65 +++++++++
 source3/libsmb/cli_smb2_fnum.h                     |   3 +
 source3/libsmb/clifile.c                           |   8 +-
 source3/param/loadparm.c                           |   1 +
 source3/selftest/tests.py                          |   2 +-
 source3/torture/proto.h                            |   1 +
 source3/torture/test_smb2.c                        | 160 +++++++++++++++++++++
 source3/torture/torture.c                          |   1 +
 13 files changed, 269 insertions(+), 5 deletions(-)
 create mode 100644 docs-xml/smbdotconf/winbind/includesystemkrb5conf.xml


Changeset truncated at 500 lines:

diff --git a/docs-xml/smbdotconf/winbind/includesystemkrb5conf.xml b/docs-xml/smbdotconf/winbind/includesystemkrb5conf.xml
new file mode 100644
index 0000000..3e53292
--- /dev/null
+++ b/docs-xml/smbdotconf/winbind/includesystemkrb5conf.xml
@@ -0,0 +1,15 @@
+<samba:parameter name="include system krb5 conf"
+                 context="G"
+                 type="boolean"
+                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+	<para>
+		Setting this parameter to <value type="example">no</value> will prevent
+		winbind to include the system /etc/krb5.conf file into the krb5.conf file
+		it creates. See also <smbconfoption name="create krb5 conf"/>. This option
+		only applies to Samba built with MIT Kerberos.
+	</para>
+
+</description>
+<value type="default">yes</value>
+</samba:parameter>
diff --git a/python/samba/tests/docs.py b/python/samba/tests/docs.py
index e7123b6..405b844 100644
--- a/python/samba/tests/docs.py
+++ b/python/samba/tests/docs.py
@@ -165,7 +165,8 @@ class SmbDotConfTests(TestCase):
                          'queuepause command','lpresume command', 'lppause command',
                          'lprm command', 'lpq command', 'print command', 'template homedir',
                          'spoolss: os_major', 'spoolss: os_minor', 'spoolss: os_build',
-                         'max open files', 'fss: prune stale', 'fss: sequence timeout'])
+                         'max open files', 'fss: prune stale', 'fss: sequence timeout',
+                         'include system krb5 conf'])
 
     def setUp(self):
         super(SmbDotConfTests, self).setUp()
diff --git a/selftest/selftest.pl b/selftest/selftest.pl
index ff5f27d..d743136 100755
--- a/selftest/selftest.pl
+++ b/selftest/selftest.pl
@@ -595,6 +595,7 @@ sub write_clientconf($$$)
 	tls cafile = ${cacert}
 	tls crlfile = ${cacrl_pem}
 	tls verify peer = no_check
+	include system krb5 conf = no
 ";
 	close(CF);
 }
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index aef3fd7..5e62cf1 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -1414,6 +1414,7 @@ sub provision($$$$$$$$)
 	winbind enum users = yes
 	winbind enum groups = yes
 	winbind separator = /
+	include system krb5 conf = no
 
 #	min receivefile size = 4000
 
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 4774a9f..94ff95c 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -844,6 +844,7 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
 	char *realm_upper = NULL;
 	bool result = false;
 	char *aes_enctypes = NULL;
+	const char *include_system_krb5 = "";
 	mode_t mask;
 
 	if (!lp_create_krb5_conf()) {
@@ -912,6 +913,12 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
 	}
 #endif
 
+#if !defined(SAMBA4_USES_HEIMDAL)
+	if (lp_include_system_krb5_conf()) {
+		include_system_krb5 = "include /etc/krb5.conf";
+	}
+#endif
+
 	file_contents = talloc_asprintf(fname,
 					"[libdefaults]\n\tdefault_realm = %s\n"
 					"\tdefault_tgs_enctypes = %s RC4-HMAC DES-CBC-CRC DES-CBC-MD5\n"
@@ -919,9 +926,11 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
 					"\tpreferred_enctypes = %s RC4-HMAC DES-CBC-CRC DES-CBC-MD5\n"
 					"\tdns_lookup_realm = false\n\n"
 					"[realms]\n\t%s = {\n"
-					"%s\t}\n",
+					"%s\t}\n"
+					"%s\n",
 					realm_upper, aes_enctypes, aes_enctypes, aes_enctypes,
-					realm_upper, kdc_ip_string);
+					realm_upper, kdc_ip_string,
+					include_system_krb5);
 
 	if (!file_contents) {
 		goto done;
diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c
index c5b1434..665a38d 100644
--- a/source3/libsmb/cli_smb2_fnum.c
+++ b/source3/libsmb/cli_smb2_fnum.c
@@ -2873,3 +2873,68 @@ NTSTATUS cli_smb2_splice_recv(struct tevent_req *req, off_t *written)
 	tevent_req_received(req);
 	return NT_STATUS_OK;
 }
+
+/***************************************************************
+ Wrapper that allows SMB2 to truncate a file.
+ Synchronous only.
+***************************************************************/
+
+NTSTATUS cli_smb2_ftruncate(struct cli_state *cli,
+			uint16_t fnum,
+			uint64_t newsize)
+{
+	NTSTATUS status;
+	DATA_BLOB inbuf = data_blob_null;
+	struct smb2_hnd *ph = NULL;
+	TALLOC_CTX *frame = talloc_stackframe();
+
+	if (smbXcli_conn_has_async_calls(cli->conn)) {
+		/*
+		 * Can't use sync call while an async call is in flight
+		 */
+		status = NT_STATUS_INVALID_PARAMETER;
+		goto fail;
+	}
+
+	if (smbXcli_conn_protocol(cli->conn) < PROTOCOL_SMB2_02) {
+		status = NT_STATUS_INVALID_PARAMETER;
+		goto fail;
+	}
+
+	status = map_fnum_to_smb2_handle(cli,
+					fnum,
+					&ph);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto fail;
+	}
+
+	inbuf = data_blob_talloc_zero(frame, 8);
+	if (inbuf.data == NULL) {
+		status = NT_STATUS_NO_MEMORY;
+		goto fail;
+	}
+
+	SBVAL(inbuf.data, 0, newsize);
+
+	/* setinfo on the handle with info_type SMB2_SETINFO_FILE (1),
+	   level 20 (SMB_FILE_END_OF_FILE_INFORMATION - 1000). */
+
+	status = smb2cli_set_info(cli->conn,
+				cli->timeout,
+				cli->smb2.session,
+				cli->smb2.tcon,
+				1, /* in_info_type */
+					/* in_file_info_class */
+				SMB_FILE_END_OF_FILE_INFORMATION - 1000,
+				&inbuf, /* in_input_buffer */
+				0, /* in_additional_info */
+				ph->fid_persistent,
+				ph->fid_volatile);
+
+  fail:
+
+	cli->raw_status = status;
+
+	TALLOC_FREE(frame);
+	return status;
+}
diff --git a/source3/libsmb/cli_smb2_fnum.h b/source3/libsmb/cli_smb2_fnum.h
index ceb5629..f1ce31b 100644
--- a/source3/libsmb/cli_smb2_fnum.h
+++ b/source3/libsmb/cli_smb2_fnum.h
@@ -184,4 +184,7 @@ struct tevent_req *cli_smb2_splice_send(TALLOC_CTX *mem_ctx,
 			off_t size, off_t src_offset, off_t dst_offset,
 			int (*splice_cb)(off_t n, void *priv), void *priv);
 NTSTATUS cli_smb2_splice_recv(struct tevent_req *req, off_t *written);
+NTSTATUS cli_smb2_ftruncate(struct cli_state *cli,
+			uint16_t fnum,
+			uint64_t newsize);
 #endif /* __SMB2CLI_FNUM_H__ */
diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c
index 684f263..43a7f24 100644
--- a/source3/libsmb/clifile.c
+++ b/source3/libsmb/clifile.c
@@ -2889,11 +2889,17 @@ NTSTATUS cli_ftruncate_recv(struct tevent_req *req)
 
 NTSTATUS cli_ftruncate(struct cli_state *cli, uint16_t fnum, uint64_t size)
 {
-	TALLOC_CTX *frame = talloc_stackframe();
+	TALLOC_CTX *frame = NULL;
 	struct tevent_context *ev = NULL;
 	struct tevent_req *req = NULL;
 	NTSTATUS status = NT_STATUS_OK;
 
+	if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) {
+		return cli_smb2_ftruncate(cli, fnum, size);
+	}
+
+	frame = talloc_stackframe();
+
 	if (smbXcli_conn_has_async_calls(cli->conn)) {
 		/*
 		 * Can't use sync call while an async call is in flight
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 32acd03..f7cf70b 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -713,6 +713,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
 	Globals.reset_on_zero_vc = false;
 	Globals.log_writeable_files_on_exit = false;
 	Globals.create_krb5_conf = true;
+	Globals.include_system_krb5_conf = true;
 	Globals._winbind_max_domain_connections = 1;
 
 	/* hostname lookups can be very expensive and are broken on
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index d2b2009..e389fae 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -53,7 +53,7 @@ tests = ["FDPASS", "LOCK1", "LOCK2", "LOCK3", "LOCK4", "LOCK5", "LOCK6", "LOCK7"
         "CHAIN3",
         "GETADDRINFO", "UID-REGRESSION-TEST", "SHORTNAME-TEST",
         "CASE-INSENSITIVE-CREATE", "SMB2-BASIC", "NTTRANS-FSCTL", "SMB2-NEGPROT",
-        "SMB2-SESSION-REAUTH", "SMB2-SESSION-RECONNECT",
+        "SMB2-SESSION-REAUTH", "SMB2-SESSION-RECONNECT", "SMB2-FTRUNCATE",
         "CLEANUP1",
         "CLEANUP2",
         "CLEANUP4",
diff --git a/source3/torture/proto.h b/source3/torture/proto.h
index fc7c33f..32ad823 100644
--- a/source3/torture/proto.h
+++ b/source3/torture/proto.h
@@ -98,6 +98,7 @@ bool run_smb2_session_reconnect(int dummy);
 bool run_smb2_tcon_dependence(int dummy);
 bool run_smb2_multi_channel(int dummy);
 bool run_smb2_session_reauth(int dummy);
+bool run_smb2_ftruncate(int dummy);
 bool run_chain3(int dummy);
 bool run_local_conv_auth_info(int dummy);
 bool run_local_sprintf_append(int dummy);
diff --git a/source3/torture/test_smb2.c b/source3/torture/test_smb2.c
index 6871f4c..4db8c77 100644
--- a/source3/torture/test_smb2.c
+++ b/source3/torture/test_smb2.c
@@ -27,6 +27,7 @@
 #include "auth/gensec/gensec.h"
 #include "auth_generic.h"
 #include "../librpc/ndr/libndr.h"
+#include "libsmb/clirap.h"
 
 extern fstring host, workgroup, share, password, username, myname;
 
@@ -1961,3 +1962,162 @@ bool run_smb2_session_reauth(int dummy)
 
 	return true;
 }
+
+static NTSTATUS check_size(struct cli_state *cli,
+				uint16_t fnum,
+				const char *fname,
+				size_t size)
+{
+	off_t size_read = 0;
+
+	NTSTATUS status = cli_qfileinfo_basic(cli,
+				fnum,
+				NULL,
+				&size_read,
+				NULL,
+				NULL,
+				NULL,
+				NULL,
+				NULL);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("cli_smb2_qfileinfo_basic of %s failed (%s)\n",
+			fname,
+			nt_errstr(status));
+		return status;
+	}
+
+	if (size != size_read) {
+		printf("size (%u) != size_read(%u) for %s\n",
+			(unsigned int)size,
+			(unsigned int)size_read,
+			fname);
+		/* Use EOF to mean bad size. */
+		return NT_STATUS_END_OF_FILE;
+	}
+	return NT_STATUS_OK;
+}
+
+/* Ensure cli_ftruncate() works for SMB2. */
+
+bool run_smb2_ftruncate(int dummy)
+{
+	struct cli_state *cli = NULL;
+	const char *fname = "smb2_ftruncate.txt";
+	uint16_t fnum = (uint16_t)-1;
+	bool correct = false;
+	size_t buflen = 1024*1024;
+	uint8_t *buf = NULL;
+	unsigned int i;
+	NTSTATUS status;
+
+	printf("Starting SMB2-FTRUNCATE\n");
+
+	if (!torture_init_connection(&cli)) {
+		return false;
+	}
+
+	status = smbXcli_negprot(cli->conn, cli->timeout,
+				 PROTOCOL_SMB2_02, PROTOCOL_SMB2_02);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("smbXcli_negprot returned %s\n", nt_errstr(status));
+		return false;
+	}
+
+	status = cli_session_setup(cli, username,
+				   password, strlen(password),
+				   password, strlen(password),
+				   workgroup);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("cli_session_setup returned %s\n", nt_errstr(status));
+		return false;
+	}
+
+	status = cli_tree_connect(cli, share, "?????", "", 0);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("cli_tree_connect returned %s\n", nt_errstr(status));
+		return false;
+	}
+
+	cli_setatr(cli, fname, 0, 0);
+	cli_unlink(cli, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+
+	status = cli_ntcreate(cli,
+				fname,
+				0,
+				GENERIC_ALL_ACCESS,
+				FILE_ATTRIBUTE_NORMAL,
+				FILE_SHARE_NONE,
+				FILE_CREATE,
+				0,
+				0,
+				&fnum,
+				NULL);
+
+        if (!NT_STATUS_IS_OK(status)) {
+                printf("open of %s failed (%s)\n", fname, nt_errstr(status));
+                goto fail;
+        }
+
+	buf = talloc_zero_array(cli, uint8_t, buflen);
+	if (buf == NULL) {
+		goto fail;
+	}
+
+	/* Write 1MB. */
+	status = cli_writeall(cli,
+				fnum,
+				0,
+				buf,
+				0,
+				buflen,
+				NULL);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("write of %u to %s failed (%s)\n",
+			(unsigned int)buflen,
+			fname,
+			nt_errstr(status));
+		goto fail;
+	}
+
+	status = check_size(cli, fnum, fname, buflen);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto fail;
+	}
+
+	/* Now ftruncate. */
+	for ( i = 0; i < 10; i++) {
+		status = cli_ftruncate(cli, fnum, i*1024);
+		if (!NT_STATUS_IS_OK(status)) {
+			printf("cli_ftruncate %u of %s failed (%s)\n",
+				(unsigned int)i*1024,
+				fname,
+				nt_errstr(status));
+			goto fail;
+		}
+		status = check_size(cli, fnum, fname, i*1024);
+		if (!NT_STATUS_IS_OK(status)) {
+			goto fail;
+		}
+	}
+
+	correct = true;
+
+  fail:
+
+	if (cli == NULL) {
+		return false;
+	}
+
+	if (fnum != (uint16_t)-1) {
+		cli_close(cli, fnum);
+	}
+	cli_setatr(cli, fname, 0, 0);
+	cli_unlink(cli, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+
+	if (!torture_close_connection(cli)) {
+		correct = false;
+	}
+	return correct;
+}
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index e323069..cfe33a8 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -10070,6 +10070,7 @@ static struct {
 	{ "SMB2-TCON-DEPENDENCE", run_smb2_tcon_dependence },
 	{ "SMB2-MULTI-CHANNEL", run_smb2_multi_channel },
 	{ "SMB2-SESSION-REAUTH", run_smb2_session_reauth },
+	{ "SMB2-FTRUNCATE", run_smb2_ftruncate },
 	{ "CLEANUP1", run_cleanup1 },
 	{ "CLEANUP2", run_cleanup2 },
 	{ "CLEANUP3", run_cleanup3 },


-- 
Samba Shared Repository



More information about the samba-cvs mailing list