[SCM] Samba Shared Repository - branch v4-8-test updated

Karolin Seeger kseeger at samba.org
Fri Feb 1 16:07:02 UTC 2019 

The branch, v4-8-test has been updated
       via  c56beb9a1fd vfs_fileid: fix get_connectpath_ino
       via  df175f06f9f s3:libsmb: cli_smb2_list() can sometimes fail initially on a connection
       via  bb76511f413 libcli: Add error log if insufficient SMB2 credits
       via  b7134e36f8d s3: libsmb: use smb2cli_conn_max_trans_size() in cli_smb2_list()
       via  8932a4a161f s3: lib: nmbname: Ensure we limit the NetBIOS name correctly. CID: 1433607
      from  129423d3657 s3-vfs-fruit: add close call

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-8-test


- Log -----------------------------------------------------------------
commit c56beb9a1fd18146093b49965938388597425999
Author: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Date:   Thu Jan 10 14:28:14 2019 +0100

    vfs_fileid: fix get_connectpath_ino
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=13741
    
    Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
    Reviewed-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
    Autobuild-Date(master): Tue Jan 15 04:13:15 CET 2019 on sn-devel-144
    
    (cherry picked from commit 12398a2d1ddcd326e02e5d8b0749e0e796145165)
    
    Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
    Autobuild-Date(v4-8-test): Fri Feb  1 17:06:06 CET 2019 on sn-devel-144

commit df175f06f9fb63a04ae7635d6d0cbcbfe8ef2ceb
Author: Tim Beale <timbeale at catalyst.net.nz>
Date:   Mon Jan 7 15:28:12 2019 +1300

    s3:libsmb: cli_smb2_list() can sometimes fail initially on a connection
    
    cli_smb2_list() appears to be a slightly unique SMB operation in that it
    specifies the max transaction size for the response buffer size. The
    Python bindings highlighted a problem where if cli_smb2_list() were one
    of the first operations performed on the SMBv2 connection, it would fail
    due to insufficient credits. Because the response buffer size is
    (potentially) so much larger, it requires more credits (128) compared
    with other SMB operations.
    
    When talking to a samba DC, the connection credits seem to start off at
    1, then increase by 32 for every SMB reply we receive back from the
    server. After cli_full_connection(), the connection has 65 credits. The
    cli_smb2_create_fnum() in cli_smb2_list() adds another 32 credits, but
    this is still less than the 128 that smb2cli_query_directory() requires.
    
    This problem doesn't happen for smbclient because the cli_cm_open() API
    it uses ends up sending more messages, and so the connection has more
    credits.
    
    This patch changes cli_smb2_list(), so it requests a smaller response
    buffer size if it doesn't have enough credits available for the max
    transaction size. smb2cli_query_directory() is already in a loop, so it
    can span multiple SMB messages if for some reason the transaction size
    isn't big enough for the listings.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13736
    
    Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    
    Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
    Autobuild-Date(master): Thu Jan 10 02:40:16 CET 2019 on sn-devel-144
    
    (cherry picked from commit fd355dff906f5f4832901bce76544f1a4e50c33d)

commit bb76511f41355b7d3a8a20b69d86eaeb89ebe0e5
Author: Tim Beale <timbeale at catalyst.net.nz>
Date:   Mon Jan 7 12:06:15 2019 +1300

    libcli: Add error log if insufficient SMB2 credits
    
    Although it's unusual to hit this case, I was seeing it happen while
    working on the SMB python bindings. Even with debug level 10, there was
    nothing coming out to help pin down the source of the
    NT_STATUS_INTERNAL_ERROR.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13736
    
    Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit bf229de7926f12e329cdb3201f68f20ae776fe32)

commit b7134e36f8d0d2bf9941aad52a0e995c8436117b
Author: Ralph Boehme <slow at samba.org>
Date:   Tue Mar 20 15:27:44 2018 +0100

    s3: libsmb: use smb2cli_conn_max_trans_size() in cli_smb2_list()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13736
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit 580ff206431969dc2924d520053b956b7169ca07)

commit 8932a4a161f2647057e1fe815562354e0a12ccbd
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Nov 12 11:37:31 2018 -0800

    s3: lib: nmbname: Ensure we limit the NetBIOS name correctly. CID: 1433607
    
    Firstly, make the exit condition from the loop explicit (we must
    never write into byte n, where n >= sizeof(name->name).
    
    Secondly ensure exiting from the loop that n==MAX_NETBIOSNAME_LEN,
    as this is the sign of a correct NetBIOS name encoding (RFC1002)
    in order to properly read the NetBIOS name type (which is always
    encoded in byte 16 == name->name[15]).
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=11495
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: David Disseldorp <ddiss at samba.org>
    
    Autobuild-User(master): David Disseldorp <ddiss at samba.org>
    Autobuild-Date(master): Tue Nov 13 20:54:56 CET 2018 on sn-devel-144
    
    (cherry picked from commit 3634e20c7603103b0f2e00e5b61cc63f905d780d)

-----------------------------------------------------------------------

Summary of changes:
 libcli/smb/smbXcli_base.c      |  3 +++
 source3/libsmb/cli_smb2_fnum.c | 15 ++++++++++++++-
 source3/libsmb/nmblib.c        | 34 +++++++++++++++++++++-------------
 source3/modules/vfs_fileid.c   |  4 +++-
 4 files changed, 41 insertions(+), 15 deletions(-)


Changeset truncated at 500 lines:

diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 3f65216a669..10de278825a 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -3231,6 +3231,9 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req **reqs,
 
 		avail = MIN(avail, state->conn->smb2.cur_credits);
 		if (avail < charge) {
+			DBG_ERR("Insufficient credits. "
+				"%"PRIu64" available, %"PRIu16" needed\n",
+				avail, charge);
 			return NT_STATUS_INTERNAL_ERROR;
 		}
 
diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c
index 561efe371a4..176b58d160a 100644
--- a/source3/libsmb/cli_smb2_fnum.c
+++ b/source3/libsmb/cli_smb2_fnum.c
@@ -910,6 +910,9 @@ NTSTATUS cli_smb2_list(struct cli_state *cli,
 	TALLOC_CTX *frame = talloc_stackframe();
 	TALLOC_CTX *subframe = NULL;
 	bool mask_has_wild;
+	uint32_t max_trans;
+	uint32_t max_avail_len;
+	bool ok;
 
 	if (smbXcli_conn_has_async_calls(cli->conn)) {
 		/*
@@ -957,6 +960,16 @@ NTSTATUS cli_smb2_list(struct cli_state *cli,
 		goto fail;
 	}
 
+	/*
+	 * ideally, use the max transaction size, but don't send a request
+	 * bigger than we have credits available for
+	 */
+	max_trans = smb2cli_conn_max_trans_size(cli->conn);
+	ok = smb2cli_conn_req_possible(cli->conn, &max_avail_len);
+	if (ok) {
+		max_trans = MIN(max_trans, max_avail_len);
+	}
+
 	do {
 		uint8_t *dir_data = NULL;
 		uint32_t dir_data_length = 0;
@@ -973,7 +986,7 @@ NTSTATUS cli_smb2_list(struct cli_state *cli,
 					ph->fid_persistent,
 					ph->fid_volatile,
 					mask,
-					0xffff,
+					max_trans,
 					subframe,
 					&dir_data,
 					&dir_data_length);
diff --git a/source3/libsmb/nmblib.c b/source3/libsmb/nmblib.c
index 8feb029b05e..7b75c3de065 100644
--- a/source3/libsmb/nmblib.c
+++ b/source3/libsmb/nmblib.c
@@ -207,25 +207,33 @@ static int parse_nmb_name(char *inbuf,int ofs,int length, struct nmb_name *name)
 		unsigned char c1,c2;
 		c1 = ubuf[offset++]-'A';
 		c2 = ubuf[offset++]-'A';
-		if ((c1 & 0xF0) || (c2 & 0xF0) || (n > sizeof(name->name)-1))
+		if ((c1 & 0xF0) || (c2 & 0xF0)) {
 			return(0);
+		}
+		if (n >= sizeof(name->name)) {
+			return 0;
+		}
 		name->name[n++] = (c1<<4) | c2;
 		m -= 2;
 	}
-	name->name[n] = 0;
-
-	if (n==MAX_NETBIOSNAME_LEN) {
-		/* parse out the name type, its always
-		 * in the 16th byte of the name */
-		name->name_type = ((unsigned char)name->name[15]) & 0xff;
-
-		/* remove trailing spaces */
-		name->name[15] = 0;
-		n = 14;
-		while (n && name->name[n]==' ')
-			name->name[n--] = 0;
+	/*
+	 * RFC1002: For a valid NetBIOS name, exiting from the above,
+	 * n *must* be MAX_NETBIOSNAME_LEN (16).
+	 */
+	if (n != MAX_NETBIOSNAME_LEN) {
+		return 0;
 	}
 
+	/* parse out the name type, its always
+	 * in the 16th byte of the name */
+	name->name_type = ((unsigned char)name->name[15]) & 0xff;
+
+	/* remove trailing spaces */
+	name->name[15] = 0;
+	n = 14;
+	while (n && name->name[n]==' ')
+		name->name[n--] = 0;
+
 	/* now the domain parts (if any) */
 	n = 0;
 	while (ubuf[offset]) {
diff --git a/source3/modules/vfs_fileid.c b/source3/modules/vfs_fileid.c
index 5d08fe97d15..cb77a2e52c6 100644
--- a/source3/modules/vfs_fileid.c
+++ b/source3/modules/vfs_fileid.c
@@ -297,12 +297,14 @@ static int get_connectpath_ino(struct vfs_handle_struct *handle,
 	}
 
 	ret = SMB_VFS_NEXT_STAT(handle, fname);
-	TALLOC_FREE(fname);
 	if (ret != 0) {
 		DBG_ERR("stat failed for %s with %s\n",
 			handle->conn->connectpath, strerror(errno));
+		TALLOC_FREE(fname);
 		return -1;
 	}
+	*ino = fname->st.st_ex_ino;
+	TALLOC_FREE(fname);
 
 	return 0;
 }


-- 
Samba Shared Repository

More information about the samba-cvs mailing list