[SCM] Samba Shared Repository - branch v4-6-test updated
Karolin Seeger
kseeger at samba.org
Fri Jun 30 12:54:05 UTC 2017
The branch, v4-6-test has been updated
via eb587fb selftest: Also wait for winbindd to start
via 9bf2391 s3:smb2_create: avoid reusing the 'tevent_req' within smbd_smb2_create_send()
via d2bf63c auth/spnego: fix gensec_update_ev() argument order for the SPNEGO_FALLBACK case
via 545b0c4 s3:smbd: unimplement FSCTL_VALIDATE_NEGOTIATE_INFO with "server max protocol = SMB2_02"
via 18f3dbb samba-tool: fix log message of 'samba-tool user syncpasswords'
via 15ed7a9 s3:tests: Do not delete the contets of LOCAL_PATH with tarmode test
from f625a63 auth/ntlmssp: enforce NTLMSSP_NEGOTIATE_NTLM2 for the NTLMv2 client case
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-6-test
- Log -----------------------------------------------------------------
commit eb587fb5a611876de0e01e187bb41c4375cde6cd
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Jun 15 16:20:11 2017 +1200
selftest: Also wait for winbindd to start
This ensures that the posixacl.py test does not race against winbindd starting up and so
give wrong mappings
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12843
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 1b88c5d4c0e5da2e4092a06f6cd6bf3c8b767883)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-6-test): Fri Jun 30 14:53:30 CEST 2017 on sn-devel-144
commit 9bf23912b3cc82639bf2e2f9138ddb6dff2559ee
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jun 9 12:30:33 2017 +0200
s3:smb2_create: avoid reusing the 'tevent_req' within smbd_smb2_create_send()
As the caller ("smbd_smb2_request_process_create()") already sets the callback,
the first time, it's not safe to reuse the tevent_req structure.
The typical 'tevent_req_nterror(); return tevent_req_post()' will
crash as the tevent_req_nterror() already triggered the former callback,
which calls smbd_smb2_create_recv(), were tevent_req_received() invalidates
the tevent_req structure, so that tevent_req_post() will crash.
We just remember the required values from the old state
and move them to the new state.
We tried to write reproducers for this, but sadly weren't able to trigger
the backtrace we had from a create a customer (using recent code)
with commit 6beba782f1bf951236813e0b46115b8102212c03
included. And this patch fixed the situation for the
customer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12832
Pair-Programmed-With: Volker Lendecke <vl at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 02146ea5ee729de0e49ecf617e6983f4e61fbe59)
commit d2bf63c93f2717a405727c4e1024d4c8347a142d
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 12 09:10:19 2017 +0200
auth/spnego: fix gensec_update_ev() argument order for the SPNEGO_FALLBACK case
This went unnoticed so long as we don't use -Wc++-compat
and gensec_update_ev() used the sync update() hook for all
NTLMSSP and Kerberos.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12788
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 31691963b3d9ac460df0c56d36f81ec815db0225)
commit 545b0c420d567f1f50dac734a97b478fd09bd985
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 5 18:49:37 2017 +0200
s3:smbd: unimplement FSCTL_VALIDATE_NEGOTIATE_INFO with "server max protocol = SMB2_02"
A client that supports SMB3 will do a signed FSCTL_VALIDATE_NEGOTIATE_INFO
after a tree connect. This FSCTL_VALIDATE_NEGOTIATE_INFO call contains
the client capabilities, client guid, security mode and the array of supported
dialects. But if SMB 2.02 is negotiated the doesn't send these values to the
server in the first connection attempt (when the client starts with a SMB1 Negotiate).
Windows servers that only support SMB2 just return NT_STATUS_FILE_CLOSED
as answer to FSCTL_VALIDATE_NEGOTIATE_INFO.
We should do the same if we just pretend to support SMB 2.02,
as SMB 2.10 always include an SMB2 Negotiate request we can leave it as is.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12772
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 295c9f7b322e6377d0df1b49cb26597d66e80eda)
commit 18f3dbb9941a173188eaddab546407b91bb7a2c5
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Apr 25 13:25:10 2017 +0200
samba-tool: fix log message of 'samba-tool user syncpasswords'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12768
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri May 5 01:37:45 CEST 2017 on sn-devel-144
(cherry picked from commit 4c17850ae7b6c85e99e5d4d5bc5d8e89a9ba6d47)
commit 15ed7a9e5968396aba6080d968609800b958b316
Author: Andreas Schneider <asn at samba.org>
Date: Mon Jun 26 23:18:30 2017 +0200
s3:tests: Do not delete the contets of LOCAL_PATH with tarmode test
The test_smbclient_tarmode.pl test operates on $LOCAL_PATH by default
and removes everything. So it deletes all precreated files and
directories which the setup_fileserver() function initially set up.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12867
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 4f5cfe2713294462b9dc68afbec2ea2c72230885)
-----------------------------------------------------------------------
Summary of changes:
auth/gensec/spnego.c | 6 ++--
python/samba/netcmd/user.py | 2 +-
selftest/target/Samba3.pm | 3 ++
selftest/target/Samba4.pm | 22 +++++++++++++
source3/script/tests/test_smbclient_tarmode.sh | 10 +++---
source3/selftest/tests.py | 4 +--
source3/smbd/smb2_create.c | 43 ++++++++++++++------------
source3/smbd/smb2_ioctl_network_fs.c | 17 ++++++++++
8 files changed, 76 insertions(+), 31 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c
index f063f7b..21c6cfb 100644
--- a/auth/gensec/spnego.c
+++ b/auth/gensec/spnego.c
@@ -366,7 +366,7 @@ static NTSTATUS gensec_spnego_server_try_fallback(struct gensec_security *gensec
return nt_status;
}
nt_status = gensec_update_ev(spnego_state->sub_sec_security,
- ev, out_mem_ctx, in, out);
+ out_mem_ctx, ev, in, out);
return nt_status;
}
DEBUG(1, ("Failed to parse SPNEGO request\n"));
@@ -804,8 +804,8 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
switch (spnego_state->state_position) {
case SPNEGO_FALLBACK:
- return gensec_update_ev(spnego_state->sub_sec_security, ev,
- out_mem_ctx, in, out);
+ return gensec_update_ev(spnego_state->sub_sec_security,
+ out_mem_ctx, ev, in, out);
case SPNEGO_SERVER_START:
{
NTSTATUS nt_status;
diff --git a/python/samba/netcmd/user.py b/python/samba/netcmd/user.py
index 858ade4..1c2f3ec 100644
--- a/python/samba/netcmd/user.py
+++ b/python/samba/netcmd/user.py
@@ -1617,7 +1617,7 @@ samba-tool user syncpasswords --terminate \\
return
def run_sync_command(dn, ldif):
- log_msg("Call Popen[%s] for %s\n" % (dn, self.sync_command))
+ log_msg("Call Popen[%s] for %s\n" % (self.sync_command, dn))
sync_command_p = Popen(self.sync_command,
stdin=PIPE,
stdout=PIPE,
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index a7699f8..5cdbb9b 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -767,6 +767,9 @@ sub setup_fileserver($$)
my $smbget_sharedir="$share_dir/smbget";
push(@dirs,$smbget_sharedir);
+ my $tarmode_sharedir="$share_dir/tarmode";
+ push(@dirs,$tarmode_sharedir);
+
my $fileserver_options = "
[lowercase]
path = $lower_case_share_dir
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 7e1be64..a89773f 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -237,6 +237,28 @@ sub wait_for_start($$)
sleep(1);
}
}
+
+ my $wbinfo = Samba::bindir_path($self, "wbinfo");
+
+ $count = 0;
+ do {
+ my $cmd = "NSS_WRAPPER_PASSWD=$testenv_vars->{NSS_WRAPPER_PASSWD} ";
+ $cmd .= "NSS_WRAPPER_GROUP=$testenv_vars->{NSS_WRAPPER_GROUP} ";
+ $cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=$testenv_vars->{SELFTEST_WINBINDD_SOCKET_DIR} ";
+ $cmd .= "$wbinfo -p";
+ $ret = system($cmd);
+
+ if ($ret != 0) {
+ sleep(1);
+ }
+ $count++;
+ } while ($ret != 0 && $count < 20);
+ if ($count == 20) {
+ warn("winbind not reachable after 20 retries\n");
+ teardown_env($self, $testenv_vars);
+ return 0;
+ }
+
print $self->getlog_env($testenv_vars);
return $ret
diff --git a/source3/script/tests/test_smbclient_tarmode.sh b/source3/script/tests/test_smbclient_tarmode.sh
index 331ba20..3779c38 100755
--- a/source3/script/tests/test_smbclient_tarmode.sh
+++ b/source3/script/tests/test_smbclient_tarmode.sh
@@ -94,10 +94,10 @@ test_tarmode_creation() {
# Clear temp data
rm -rf -- "$PREFIX"/tarmode > /dev/null 2>&1
rm -f "$PREFIX"/tarmode.tar > /dev/null 2>&1
- rm -rf "$LOCAL_PATH"/tarmode > /dev/null 2>&1
+ rm -rf "$LOCAL_PATH" > /dev/null 2>&1
# Build the test data
- if ! create_test_data "$LOCAL_PATH/tarmode"; then
+ if ! create_test_data "$LOCAL_PATH"; then
echo "Test data creation failed"
false
return
@@ -119,7 +119,7 @@ test_tarmode_creation() {
fi
# Verify data
- if ! validate_data "$PREFIX/tarmode" "$LOCAL_PATH/tarmode"; then
+ if ! validate_data "$PREFIX/tarmode" "$LOCAL_PATH"; then
echo "Data not equivalent"
false
return
@@ -136,7 +136,7 @@ test_tarmode_extraction() {
# Clear temp data
rm -rf -- "$PREFIX"/tarmode > /dev/null 2>&1
rm -f "$PREFIX"/tarmode.tar > /dev/null 2>&1
- rm -rf "$LOCAL_PATH"/tarmode > /dev/null 2>&1
+ rm -rf "$LOCAL_PATH" > /dev/null 2>&1
# Build the test data
if ! create_test_data "$PREFIX/tarmode"; then
@@ -161,7 +161,7 @@ test_tarmode_extraction() {
fi
# Verify data
- if ! validate_data "$PREFIX/tarmode" "$LOCAL_PATH/tarmode"; then
+ if ! validate_data "$PREFIX/tarmode" "$LOCAL_PATH"; then
echo "Data not equivalent"
false
return
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index d3cb071..746f3ea 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -236,13 +236,13 @@ for env in ["fileserver"]:
plantestsuite("samba3.blackbox.smbclient_tarmode (%s)" % env, env,
[os.path.join(samba3srcdir, "script/tests/test_smbclient_tarmode.sh"),
'$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD',
- '$LOCAL_PATH', '$PREFIX', smbclient3, configuration])
+ '$LOCAL_PATH/tarmode', '$PREFIX', smbclient3, configuration])
# Test suite for new smbclient/tar with libarchive (GSoC 13)
plantestsuite("samba3.blackbox.smbclient_tar (%s)" % env, env,
[os.path.join(samba3srcdir, "script/tests/test_smbclient_tarmode.pl"),
'-n', '$SERVER', '-i', '$SERVER_IP', '-s', 'tmp',
- '-u', '$USERNAME', '-p', '$PASSWORD', '-l', '$LOCAL_PATH',
+ '-u', '$USERNAME', '-p', '$PASSWORD', '-l', '$LOCAL_PATH/tarmode',
'-d', '$PREFIX', '-b', smbclient3,
'--subunit', '--', configuration])
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index 8211991..0158924 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -483,35 +483,38 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
requested_oplock_level = in_oplock_level;
}
-
- if (smb2req->subreq == NULL) {
- /* New create call. */
- req = tevent_req_create(mem_ctx, &state,
+ req = tevent_req_create(mem_ctx, &state,
struct smbd_smb2_create_state);
- if (req == NULL) {
- return NULL;
- }
- state->smb2req = smb2req;
+ if (req == NULL) {
+ return NULL;
+ }
+ state->smb2req = smb2req;
- smb1req = smbd_smb2_fake_smb_request(smb2req);
- if (tevent_req_nomem(smb1req, req)) {
- return tevent_req_post(req, ev);
- }
- state->smb1req = smb1req;
- smb2req->subreq = req;
+ smb1req = smbd_smb2_fake_smb_request(smb2req);
+ if (tevent_req_nomem(smb1req, req)) {
+ return tevent_req_post(req, ev);
+ }
+ state->smb1req = smb1req;
+
+ if (smb2req->subreq == NULL) {
DEBUG(10,("smbd_smb2_create: name[%s]\n",
in_name));
} else {
- /* Re-entrant create call. */
- req = smb2req->subreq;
- state = tevent_req_data(req,
- struct smbd_smb2_create_state);
- smb1req = state->smb1req;
- TALLOC_FREE(state->out_context_blobs);
+ struct smbd_smb2_create_state *old_state = tevent_req_data(
+ smb2req->subreq, struct smbd_smb2_create_state);
+
DEBUG(10,("smbd_smb2_create_send: reentrant for file %s\n",
in_name ));
+
+ state->id = old_state->id;
+ state->request_time = old_state->request_time;
+ state->open_rec = talloc_move(state, &old_state->open_rec);
+ state->open_was_deferred = old_state->open_was_deferred;
}
+ TALLOC_FREE(smb2req->subreq);
+ smb2req->subreq = req;
+
state->out_context_blobs = talloc_zero(state, struct smb2_create_blobs);
if (tevent_req_nomem(state->out_context_blobs, req)) {
return tevent_req_post(req, ev);
diff --git a/source3/smbd/smb2_ioctl_network_fs.c b/source3/smbd/smb2_ioctl_network_fs.c
index c2b889b..201af29 100644
--- a/source3/smbd/smb2_ioctl_network_fs.c
+++ b/source3/smbd/smb2_ioctl_network_fs.c
@@ -510,6 +510,23 @@ static NTSTATUS fsctl_validate_neg_info(TALLOC_CTX *mem_ctx,
NTSTATUS status;
enum protocol_types protocol = PROTOCOL_NONE;
+ if (lp_server_max_protocol() <= PROTOCOL_SMB2_02) {
+ /*
+ * With SMB 2.02 we didn't get the
+ * capabitities, client guid, security mode
+ * and dialects the client would have offered.
+ *
+ * So we behave compatible with a true
+ * SMB 2.02 server and return NT_STATUS_FILE_CLOSED.
+ *
+ * As SMB >= 2.10 offers the two phase SMB2 Negotiate
+ * we keep supporting FSCTL_VALIDATE_NEGOTIATE_INFO
+ * starting with SMB 2.10, while Windows only supports
+ * it starting with SMB > 2.10.
+ */
+ return NT_STATUS_FILE_CLOSED;
+ }
+
if (in_input->length < 0x18) {
return NT_STATUS_INVALID_PARAMETER;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list