[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Mar 29 00:36:05 UTC 2019
The branch, master has been updated
via 11f25834203 s3:smbd: fix max_buffer handling of initial notify requests
via 12fb3ec1dd8 s4:torture/smb2: replace torture:cn_max_buffer_size option with the negotiated max trans size
via d6fce7c0cb1 s4:torture/smb2/notify: make use of torture_setup_simple_file() in test_valid_request()
via 4ffb517ffd9 s4:torture/smb2: add smb2_create_simple_file() and torture_setup_simple_file()
via e6fa76b651d s4:libcli/smb2: calculate the correct credit charge in smb2_notify_send()
via 5a07c294814 s4:libcli/smb2: calculate the correct credit charge in smb2_ioctl_send()
via 97b4e6e220d s4:libcli/smb2: align struct smb_ioctl.smb2 to [MS-SMB2] names
via c88c2bf3b54 s4:libcli/smb2: calculate the correct credit charge in smb2_getinfo_send()
via ee2574ae567 s4:libcli/smb2: fix smb2_getinfo_send() marshalling
via 829f692fb15 smb2_server: grant all 8192 credits to clients
via 4d6cd932a95 vfs_default: fix vfswrap_offload_write_send() NT_STATUS_INVALID_VIEW_SIZE check
via 2abf9e9a95c vfs_default: fix DEBUG messages in vfswrap_offload_write_*_done()
via 1dc00254833 smb2_tcon: avoid STATUS_PENDING completely on tdis
via d64038425f2 smb2_sesssetup: avoid STATUS_PENDING completely on session logoff
via 8a11da429bd smb2_tcon: avoid STATUS_PENDING responses for tree connect
via 23792449694 smb2_sesssetup: avoid STATUS_PENDING responses for session setup
via 4760b85243f smb2_server: allow smbd_smb2_request_pending_queue(0) to avoid STATUS_PENDING
via 827dd0145b7 smb2_ioctl_network_fs: remove unused fsctl_srv_copychunk_state->aapl_copyfile
via 1d934857591 s3:smbd: handle IO_REPARSE_TAG_DFS in SMB_FIND_FILE_FULL_DIRECTORY_INFO
via 4c6156eddd1 s3:smbd: fix SAFE_FREE() vs. TALLOC_FREE() in list_sessions()
via 7dbd8e441f7 s3:smb2_write: add missing initialization of state->in_offset
via 6171a7fffd3 s4:torture/smb2: test_notify_tcp_dis trigger idle event every 0.25s
via 7a091aa982a s4:torture/raw: test_notify_tcp_dis trigger idle event every 0.25s
via 8dea0718f20 s4:libcli/smb2: don't schedule idle handlers on a dead connection
via c2761b00570 s4:libcli/raw: don't schedule idle handlers on a dead connection
from c68d9c9ef36 vfs_snapper: drop unneeded fstat handler
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 11f2583420310e0278188935f31be3131eb85fd4
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jan 16 21:29:51 2019 +0100
s3:smbd: fix max_buffer handling of initial notify requests
The max_buffer value is only evaluated on the first notify
request on a directory handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13864
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Mar 29 00:35:39 UTC 2019 on sn-devel-144
commit 12fb3ec1dd886c15977ae9eb0b2b25f2017db10d
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jan 8 16:22:25 2019 +0100
s4:torture/smb2: replace torture:cn_max_buffer_size option with the negotiated max trans size
Both:
smbtorture //w2012r2-188/torture -Ua%b smb2.notify.valid-req --smb-ports=139
and:
smbtorture //w2012r2-188/torture -Ua%b smb2.notify.valid-req --smb-ports=445
work against Windows 2008R2, 2012R2 and 2016 now and it reflects what
we have implemented in Samba.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13864
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit d6fce7c0cb126e4ac79bceda77a50c4d65c093fd
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Feb 15 15:30:29 2019 +0100
s4:torture/smb2/notify: make use of torture_setup_simple_file() in test_valid_request()
There's no reason to use torture_setup_complex_file(), when we want to
test notify code. The test pass fine against Samba this way and don't
fail because of unrelated timestamp behavior.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13864
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 4ffb517ffd9cee0ad433e3f58f659f8445fa2166
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 12 16:51:20 2019 +0100
s4:torture/smb2: add smb2_create_simple_file() and torture_setup_simple_file()
Instead of the *_complex_file() versions these don't use EA's nor
complex timestamps.
A lot of tests currently using *_complex_file() only fail because
smbd doesn't implement the correct 'change_time' update behavior.
That should not be the reason why all smb2 related tests fail.
Timestamps should be tested in dedicated tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13864
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit e6fa76b651de6a3046ca9c44926343a5225772d6
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jan 8 10:10:49 2019 +0100
s4:libcli/smb2: calculate the correct credit charge in smb2_notify_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13863
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 5a07c2948146c23d6a907fcd6ce63f67f36a5ded
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jan 8 16:13:41 2019 +0100
s4:libcli/smb2: calculate the correct credit charge in smb2_ioctl_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13863
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 97b4e6e220dc3f0b9d7c3f50ef3b867ff2f0b755
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jan 8 15:52:35 2019 +0100
s4:libcli/smb2: align struct smb_ioctl.smb2 to [MS-SMB2] names
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13863
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit c88c2bf3b54a0faf8a77daf9b8827c101db9be95
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jan 8 16:11:15 2019 +0100
s4:libcli/smb2: calculate the correct credit charge in smb2_getinfo_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13863
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit ee2574ae5675ef0ea9b14c13677acf6c003497e0
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jan 8 16:09:46 2019 +0100
s4:libcli/smb2: fix smb2_getinfo_send() marshalling
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13863
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 829f692fb1552e56c6a9726036a995b4328731dd
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jan 16 12:24:04 2019 +0100
smb2_server: grant all 8192 credits to clients
This seems to match Windows Server 2016.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13863
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 4d6cd932a955a99ca33cc4aedd7f612e56e0b1de
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jul 31 12:29:29 2018 +0200
vfs_default: fix vfswrap_offload_write_send() NT_STATUS_INVALID_VIEW_SIZE check
This fixes a regression introduced in commit
60e45a2d25401eaf9a15a86d19114670ccfde259, where the 'num' variable
was renamed to 'to_copy', but a new 'num' variable was introduced.
Note that off_t is signed!
In future we need to watch out for filesystems supporting
FMODE_UNSIGNED_OFFSET on Linux. Which means they use it unsigned.
This is more or less a theoretical problem, The
NT_STATUS_INVALID_PARAMETER cases are catched before by
SMB_VFS_PREAD_SEND/RECV.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13862
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 2abf9e9a95cbdf76109b3501dee3e0c34ad09194
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Mar 27 12:43:32 2019 +0100
vfs_default: fix DEBUG messages in vfswrap_offload_write_*_done()
SMB_VFS_{PREAD,PWRITE}_RECV() don't set errno, so we need to
use strerror(aio_state.error) in the debug messages.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13862
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 1dc002548336b969979c3bf85b531c059d87f015
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 12 08:27:43 2019 +0100
smb2_tcon: avoid STATUS_PENDING completely on tdis
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10344
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13698
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit d64038425f250e253dce707d69899c7a5d8cb32e
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 12 08:27:43 2019 +0100
smb2_sesssetup: avoid STATUS_PENDING completely on session logoff
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10344
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13698
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 8a11da429bd3c89766f43c2bff681837a769987c
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jan 24 09:10:11 2019 +0100
smb2_tcon: avoid STATUS_PENDING responses for tree connect
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12844
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13698
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 23792449694b5221f6ea422166c96fac494e3e2c
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jan 24 09:10:11 2019 +0100
smb2_sesssetup: avoid STATUS_PENDING responses for session setup
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12845
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13698
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13796
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 4760b85243f335bb2094fc779802ce4b52db0ccb
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 12 08:08:38 2019 +0100
smb2_server: allow smbd_smb2_request_pending_queue(0) to avoid STATUS_PENDING
This has the same meaning as smb2_request_set_async_internal(),
but this will simplifies callers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13698
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13796
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 827dd0145b78dcd01189f0608938b6a5d6f6fe12
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jul 31 12:29:29 2018 +0200
smb2_ioctl_network_fs: remove unused fsctl_srv_copychunk_state->aapl_copyfile
This is not used since commit 74e018f476608429caa1c3594102485ccc17afce.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 1d9348575914891dbb5638bc9b8d51eda98fe554
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Oct 9 12:06:29 2017 +0200
s3:smbd: handle IO_REPARSE_TAG_DFS in SMB_FIND_FILE_FULL_DIRECTORY_INFO
This completes commit 74829fecd7a4e806ee441cd75141bede2eefef1a,
which missed SMB_FIND_FILE_FULL_DIRECTORY_INFO
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10097
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 4c6156eddd1ce38ef7c23b0eab300da9badf3f4e
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Nov 28 08:16:03 2017 +0100
s3:smbd: fix SAFE_FREE() vs. TALLOC_FREE() in list_sessions()
It's very unlikely that sessionid_traverse_read() fails,
but we should not segfault.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 7dbd8e441f74e839cfbf32ed3ac61958195761d3
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Oct 5 15:59:23 2017 +0200
s3:smb2_write: add missing initialization of state->in_offset
This is just used in DEBUG messages, but still confusing.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 6171a7fffd3268990c28d61cd48f2aacef428573
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Feb 17 22:45:32 2013 +0100
s4:torture/smb2: test_notify_tcp_dis trigger idle event every 0.25s
This is 1000 times longer than before and is less likely to
change the timing behavior when running under valgrind.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 7a091aa982a662f804dc41fccbeda501f370347a
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Feb 17 22:43:49 2013 +0100
s4:torture/raw: test_notify_tcp_dis trigger idle event every 0.25s
This is 1000 times longer than before and is less likely to
change the timing behavior when running under valgrind.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 8dea0718f20f41031bc09851f07b09dcacf437c3
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Feb 17 22:41:00 2013 +0100
s4:libcli/smb2: don't schedule idle handlers on a dead connection
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit c2761b00570b0b1753dd226859a8534db1221c7c
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Feb 17 22:39:40 2013 +0100
s4:libcli/raw: don't schedule idle handlers on a dead connection
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
selftest/knownfail | 4 ---
source3/modules/vfs_default.c | 47 +++++++++++++++++++++++++++++------
source3/smbd/notify.c | 11 +++++++--
source3/smbd/nttrans.c | 6 +++--
source3/smbd/proto.h | 4 ++-
source3/smbd/session.c | 4 +--
source3/smbd/smb2_ioctl_network_fs.c | 1 -
source3/smbd/smb2_notify.c | 1 +
source3/smbd/smb2_server.c | 19 +++++++++-----
source3/smbd/smb2_sesssetup.c | 17 ++++++++++---
source3/smbd/smb2_tcon.c | 12 ++++++---
source3/smbd/smb2_write.c | 1 +
source3/smbd/trans2.c | 6 +++--
source4/libcli/raw/clitransport.c | 17 +++++++++++++
source4/libcli/raw/interfaces.h | 15 +++++------
source4/libcli/smb2/getinfo.c | 25 +++++++++++++++----
source4/libcli/smb2/ioctl.c | 21 ++++++++++++----
source4/libcli/smb2/notify.c | 2 ++
source4/libcli/smb2/smb2_calls.h | 8 +++---
source4/libcli/smb2/transport.c | 17 +++++++++++++
source4/ntvfs/ipc/vfs_ipc.c | 8 +++---
source4/smb_server/smb2/fileinfo.c | 2 +-
source4/smb_server/smb2/fileio.c | 15 +++++------
source4/torture/raw/notify.c | 2 +-
source4/torture/rpc/fsrvp.c | 4 +--
source4/torture/smb2/compound.c | 8 +++---
source4/torture/smb2/ioctl.c | 48 ++++++++++++++++++------------------
source4/torture/smb2/lock.c | 2 +-
source4/torture/smb2/notify.c | 20 +++++++--------
source4/torture/smb2/replay.c | 4 +--
source4/torture/smb2/session.c | 2 +-
source4/torture/smb2/util.c | 34 +++++++++++++++++++++++++
source4/torture/smbtorture.c | 2 --
source4/torture/smbtorture.h | 8 ------
source4/torture/vfs/fruit.c | 4 +--
35 files changed, 275 insertions(+), 126 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/knownfail b/selftest/knownfail
index fad4daf6c86..c588f2f5c6b 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -169,7 +169,6 @@
^samba3.smb2.create.gentest
^samba3.smb2.create.blob
^samba3.smb2.create.open
-^samba3.smb2.notify.valid-req
^samba3.smb2.notify.rec
^samba3.smb2.durable-open.delete_on_close2
^samba3.smb2.durable-v2-open.app-instance
@@ -342,9 +341,6 @@
^samba.tests.dcerpc.dnsserver.python2.samba.tests.dcerpc.dnsserver.DnsserverTests.test_add_duplicate_different_type.*
^samba.tests.dcerpc.dnsserver.python2.samba.tests.dcerpc.dnsserver.DnsserverTests.test_rank_none.*
^samba.tests.dcerpc.dnsserver.python2.samba.tests.dcerpc.dnsserver.DnsserverTests.test_security_descriptor.*
-^samba3.smb2.credits.session_setup_credits_granted.*
-^samba3.smb2.credits.single_req_credits_granted.*
-^samba3.smb2.credits.skipped_mid.*
^samba4.blackbox.dbcheck-links.release-4-5-0-pre1.dbcheck_dangling_multi_valued_clean
^samba4.blackbox.dbcheck-links.release-4-5-0-pre1.dangling_multi_valued_check_missing
#
diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c
index bed581e96d1..47722d53cec 100644
--- a/source3/modules/vfs_default.c
+++ b/source3/modules/vfs_default.c
@@ -1802,6 +1802,8 @@ static struct tevent_req *vfswrap_offload_write_send(
{
struct tevent_req *req;
struct vfswrap_offload_write_state *state = NULL;
+ /* off_t is signed! */
+ off_t max_offset = INT64_MAX - to_copy;
size_t num = MIN(to_copy, COPYCHUNK_MAX_TOTAL_LEN);
files_struct *src_fsp = NULL;
NTSTATUS status;
@@ -1853,6 +1855,35 @@ static struct tevent_req *vfswrap_offload_write_send(
return tevent_req_post(req, ev);
}
+ if (state->src_off > max_offset) {
+ /*
+ * Protect integer checks below.
+ */
+ tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return tevent_req_post(req, ev);
+ }
+ if (state->src_off < 0) {
+ /*
+ * Protect integer checks below.
+ */
+ tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return tevent_req_post(req, ev);
+ }
+ if (state->dst_off > max_offset) {
+ /*
+ * Protect integer checks below.
+ */
+ tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return tevent_req_post(req, ev);
+ }
+ if (state->dst_off < 0) {
+ /*
+ * Protect integer checks below.
+ */
+ tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return tevent_req_post(req, ev);
+ }
+
status = vfs_offload_token_db_fetch_fsp(vfswrap_offload_ctx,
token, &src_fsp);
if (tevent_req_nterror(req, status)) {
@@ -1876,17 +1907,12 @@ static struct tevent_req *vfswrap_offload_write_send(
state->src_ev = src_fsp->conn->sconn->ev_ctx;
state->src_fsp = src_fsp;
- state->buf = talloc_array(state, uint8_t, num);
- if (tevent_req_nomem(state->buf, req)) {
- return tevent_req_post(req, ev);
- }
-
status = vfs_stat_fsp(src_fsp);
if (tevent_req_nterror(req, status)) {
return tevent_req_post(req, ev);
}
- if (src_fsp->fsp_name->st.st_ex_size < state->src_off + num) {
+ if (src_fsp->fsp_name->st.st_ex_size < state->src_off + to_copy) {
/*
* [MS-SMB2] 3.3.5.15.6 Handling a Server-Side Data Copy Request
* If the SourceOffset or SourceOffset + Length extends beyond
@@ -1900,6 +1926,11 @@ static struct tevent_req *vfswrap_offload_write_send(
return tevent_req_post(req, ev);
}
+ state->buf = talloc_array(state, uint8_t, num);
+ if (tevent_req_nomem(state->buf, req)) {
+ return tevent_req_post(req, ev);
+ }
+
status = vfswrap_offload_write_loop(req);
if (!NT_STATUS_IS_OK(status)) {
tevent_req_nterror(req, status);
@@ -1969,7 +2000,7 @@ static void vfswrap_offload_write_read_done(struct tevent_req *subreq)
nread = SMB_VFS_PREAD_RECV(subreq, &aio_state);
TALLOC_FREE(subreq);
if (nread == -1) {
- DBG_ERR("read failed: %s\n", strerror(errno));
+ DBG_ERR("read failed: %s\n", strerror(aio_state.error));
tevent_req_nterror(req, map_nt_error_from_unix(aio_state.error));
return;
}
@@ -2030,7 +2061,7 @@ static void vfswrap_offload_write_write_done(struct tevent_req *subreq)
nwritten = SMB_VFS_PWRITE_RECV(subreq, &aio_state);
TALLOC_FREE(subreq);
if (nwritten == -1) {
- DBG_ERR("write failed: %s\n", strerror(errno));
+ DBG_ERR("write failed: %s\n", strerror(aio_state.error));
tevent_req_nterror(req, map_nt_error_from_unix(aio_state.error));
return;
}
diff --git a/source3/smbd/notify.c b/source3/smbd/notify.c
index 44c0b09432e..bf3fff7b97d 100644
--- a/source3/smbd/notify.c
+++ b/source3/smbd/notify.c
@@ -43,6 +43,8 @@ struct notify_change_buf {
* we only append.
*/
+ uint32_t max_buffer_size;
+
/*
* num_changes == -1 means that we have got a catch-all change, when
* asked we just return NT_STATUS_OK without specific changes.
@@ -224,11 +226,13 @@ void change_notify_reply(struct smb_request *req,
return;
}
- if (max_param == 0 || notify_buf == NULL) {
+ if (notify_buf == NULL) {
reply_fn(req, NT_STATUS_OK, NULL, 0);
return;
}
+ max_param = MIN(max_param, notify_buf->max_buffer_size);
+
if (!notify_marshall_changes(notify_buf->num_changes, max_param,
notify_buf->changes, &blob)) {
/*
@@ -276,7 +280,9 @@ void notify_callback(struct smbd_server_connection *sconn,
files_forall(sconn, notify_fsp_cb, &state);
}
-NTSTATUS change_notify_create(struct files_struct *fsp, uint32_t filter,
+NTSTATUS change_notify_create(struct files_struct *fsp,
+ uint32_t max_buffer_size,
+ uint32_t filter,
bool recursive)
{
size_t len = fsp_fullbasepath(fsp, NULL, 0);
@@ -295,6 +301,7 @@ NTSTATUS change_notify_create(struct files_struct *fsp, uint32_t filter,
}
fsp->notify->filter = filter;
fsp->notify->subdir_filter = recursive ? filter : 0;
+ fsp->notify->max_buffer_size = max_buffer_size;
fsp_fullbasepath(fsp, fullpath, sizeof(fullpath));
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 7ebd802109f..8bb121a1351 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1806,8 +1806,10 @@ static void call_nt_transact_notify_change(connection_struct *conn,
if (fsp->notify == NULL) {
- status = change_notify_create(fsp, filter, recursive);
-
+ status = change_notify_create(fsp,
+ max_param_count,
+ filter,
+ recursive);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("change_notify_create returned %s\n",
nt_errstr(status)));
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 3662a925dd6..fdb0ffabf75 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -542,7 +542,9 @@ void change_notify_reply(struct smb_request *req,
void notify_callback(struct smbd_server_connection *sconn,
void *private_data, struct timespec when,
const struct notify_event *e);
-NTSTATUS change_notify_create(struct files_struct *fsp, uint32_t filter,
+NTSTATUS change_notify_create(struct files_struct *fsp,
+ uint32_t max_buffer_size,
+ uint32_t filter,
bool recursive);
NTSTATUS change_notify_add_request(struct smb_request *req,
uint32_t max_param,
diff --git a/source3/smbd/session.c b/source3/smbd/session.c
index 8b4c6609304..abc799105f0 100644
--- a/source3/smbd/session.c
+++ b/source3/smbd/session.c
@@ -179,8 +179,8 @@ int list_sessions(TALLOC_CTX *mem_ctx, struct sessionid **session_list)
status = sessionid_traverse_read(gather_sessioninfo, (void *) &sesslist);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(3, ("Session traverse failed\n"));
- SAFE_FREE(sesslist.sessions);
+ DBG_ERR("Session traverse failed: %s\n", nt_errstr(status));
+ TALLOC_FREE(sesslist.sessions);
*session_list = NULL;
return 0;
}
diff --git a/source3/smbd/smb2_ioctl_network_fs.c b/source3/smbd/smb2_ioctl_network_fs.c
index c0d175609ec..8154fa3f92e 100644
--- a/source3/smbd/smb2_ioctl_network_fs.c
+++ b/source3/smbd/smb2_ioctl_network_fs.c
@@ -94,7 +94,6 @@ struct fsctl_srv_copychunk_state {
COPYCHUNK_OUT_LIMITS,
COPYCHUNK_OUT_RSP,
} out_data;
- bool aapl_copyfile;
};
static void fsctl_srv_copychunk_vfs_done(struct tevent_req *subreq);
diff --git a/source3/smbd/smb2_notify.c b/source3/smbd/smb2_notify.c
index 24241562556..68429b7b766 100644
--- a/source3/smbd/smb2_notify.c
+++ b/source3/smbd/smb2_notify.c
@@ -263,6 +263,7 @@ static struct tevent_req *smbd_smb2_notify_send(TALLOC_CTX *mem_ctx,
if (fsp->notify == NULL) {
status = change_notify_create(fsp,
+ in_output_buffer_length,
in_completion_filter,
recursive);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 1e9ed331aa6..956c5f0ca09 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -829,8 +829,11 @@ static void smb2_set_operation_credit(struct smbXsrv_connection *xconn,
* of requests and the used sequence number.
* Which means we would grant more credits
* for client which use multi credit requests.
+ *
+ * The above is what Windows Server < 2016 is doing,
+ * but new servers use all credits (8192 by default).
*/
- current_max_credits = xconn->smb2.credits.max / 16;
+ current_max_credits = xconn->smb2.credits.max;
current_max_credits = MAX(current_max_credits, 1);
if (xconn->smb2.credits.multicredit) {
@@ -875,15 +878,19 @@ static void smb2_set_operation_credit(struct smbXsrv_connection *xconn,
* with a successful session setup
*/
if (NT_STATUS_IS_OK(out_status)) {
- additional_max = 32;
+ additional_max = xconn->smb2.credits.max;
}
break;
default:
/*
- * We match windows and only grant additional credits
- * in chunks of 32.
+ * Windows Server < 2016 and older Samba versions
+ * used to only grant additional credits in
+ * chunks of 32 credits.
+ *
+ * But we match Windows Server 2016 and grant
+ * all credits as requested.
*/
- additional_max = 32;
+ additional_max = xconn->smb2.credits.max;
break;
}
@@ -1391,7 +1398,7 @@ NTSTATUS smbd_smb2_request_pending_queue(struct smbd_smb2_request *req,
return NT_STATUS_OK;
}
- if (req->async_internal) {
+ if (req->async_internal || defer_time == 0) {
/*
* An SMB2 request implementation wants to handle the request
* asynchronously "internally" while keeping synchronous
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index d34951a4eef..9591a8823dd 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -107,7 +107,16 @@ NTSTATUS smbd_smb2_request_process_sesssetup(struct smbd_smb2_request *smb2req)
}
tevent_req_set_callback(subreq, smbd_smb2_request_sesssetup_done, smb2req);
- return smbd_smb2_request_pending_queue(smb2req, subreq, 500);
+ /*
+ * Avoid sending a STATUS_PENDING message, which
+ * matches a Windows Server and avoids problems with
+ * MacOS clients.
+ *
+ * Even after 90 seconds a Windows Server doesn't return
+ * STATUS_PENDING if using NTLMSSP against a non reachable
+ * trusted domain.
+ */
+ return smbd_smb2_request_pending_queue(smb2req, subreq, 0);
}
static void smbd_smb2_request_sesssetup_done(struct tevent_req *subreq)
@@ -1250,10 +1259,10 @@ NTSTATUS smbd_smb2_request_process_logoff(struct smbd_smb2_request *req)
tevent_req_set_callback(subreq, smbd_smb2_request_logoff_done, req);
/*
- * Wait a long time before going async on this to allow
- * requests we're waiting on to finish. Set timeout to 10 secs.
+ * Avoid sending a STATUS_PENDING message, it's very likely
+ * the client won't expect that.
*/
- return smbd_smb2_request_pending_queue(req, subreq, 10000000);
+ return smbd_smb2_request_pending_queue(req, subreq, 0);
}
static void smbd_smb2_request_logoff_done(struct tevent_req *subreq)
diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c
index ebd31602efc..c2a5cbc39aa 100644
--- a/source3/smbd/smb2_tcon.c
+++ b/source3/smbd/smb2_tcon.c
@@ -102,7 +102,11 @@ NTSTATUS smbd_smb2_request_process_tcon(struct smbd_smb2_request *req)
}
tevent_req_set_callback(subreq, smbd_smb2_request_tcon_done, req);
- return smbd_smb2_request_pending_queue(req, subreq, 500);
+ /*
+ * Avoid sending a STATUS_PENDING message, it's very likely
+ * the client won't expect that.
+ */
+ return smbd_smb2_request_pending_queue(req, subreq, 0);
}
static void smbd_smb2_request_tcon_done(struct tevent_req *subreq)
@@ -498,10 +502,10 @@ NTSTATUS smbd_smb2_request_process_tdis(struct smbd_smb2_request *req)
tevent_req_set_callback(subreq, smbd_smb2_request_tdis_done, req);
/*
- * Wait a long time before going async on this to allow
- * requests we're waiting on to finish. Set timeout to 10 secs.
+ * Avoid sending a STATUS_PENDING message, it's very likely
+ * the client won't expect that.
*/
- return smbd_smb2_request_pending_queue(req, subreq, 10000000);
+ return smbd_smb2_request_pending_queue(req, subreq, 0);
}
static void smbd_smb2_request_tdis_done(struct tevent_req *subreq)
diff --git a/source3/smbd/smb2_write.c b/source3/smbd/smb2_write.c
index ee95bd317ae..e49e623d796 100644
--- a/source3/smbd/smb2_write.c
+++ b/source3/smbd/smb2_write.c
@@ -287,6 +287,7 @@ static struct tevent_req *smbd_smb2_write_send(TALLOC_CTX *mem_ctx,
state->write_through = true;
}
state->in_length = in_data.length;
+ state->in_offset = in_offset;
state->out_count = 0;
DEBUG(10,("smbd_smb2_write: %s - %s\n",
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index dd5973b089b..017ad068877 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -2109,12 +2109,14 @@ static NTSTATUS smbd_marshall_dir_entry(TALLOC_CTX *ctx,
SOFF_T(p,0,allocation_size); p += 8;
SIVAL(p,0,mode); p += 4;
q = p; p += 4; /* q is placeholder for name length. */
- {
+ if (mode & FILE_ATTRIBUTE_REPARSE_POINT) {
+ SIVAL(p, 0, IO_REPARSE_TAG_DFS);
+ } else {
unsigned int ea_size = estimate_ea_size(conn, NULL,
smb_fname);
SIVAL(p,0,ea_size); /* Extended attributes */
- p +=4;
}
+ p +=4;
status = srvstr_push(base_data, flags2, p,
fname, PTR_DIFF(end_data, p),
STR_TERMINATE_ASCII, &len);
diff --git a/source4/libcli/raw/clitransport.c b/source4/libcli/raw/clitransport.c
index 47b8dbf3ae7..26e9dee401d 100644
--- a/source4/libcli/raw/clitransport.c
+++ b/source4/libcli/raw/clitransport.c
@@ -181,6 +181,14 @@ static void idle_handler(struct tevent_context *ev,
transport->idle.func(transport, transport->idle.private_data);
+ if (transport->idle.func == NULL) {
+ return;
+ }
+
+ if (!smbXcli_conn_is_connected(transport->conn)) {
+ return;
+ }
+
next = timeval_current_ofs_usec(transport->idle.period);
transport->idle.te = tevent_add_timer(transport->ev,
@@ -200,6 +208,15 @@ _PUBLIC_ void smbcli_transport_idle_handler(struct smbcli_transport *transport,
void *private_data)
{
TALLOC_FREE(transport->idle.te);
+ ZERO_STRUCT(transport->idle);
+
+ if (idle_func == NULL) {
+ return;
+ }
+
+ if (!smbXcli_conn_is_connected(transport->conn)) {
+ return;
+ }
transport->idle.func = idle_func;
transport->idle.private_data = private_data;
diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h
index 43a53f834df..d44c451f650 100644
--- a/source4/libcli/raw/interfaces.h
+++ b/source4/libcli/raw/interfaces.h
@@ -2291,16 +2291,17 @@ union smb_ioctl {
/* static body buffer 56 (0x38) bytes */
/* uint16_t buffer_code; 0x39 = 0x38 + 1 */
- uint16_t _pad;
+ uint16_t reserved;
uint32_t function;
/*struct smb2_handle handle;*/
/* uint32_t out_ofs; */
/* uint32_t out_size; */
- uint32_t unknown2;
+ uint32_t max_input_response;
/* uint32_t in_ofs; */
/* uint32_t in_size; */
- uint32_t max_response_size;
- uint64_t flags;
+ uint32_t max_output_response;
+ uint32_t flags;
+ uint32_t reserved2;
/* dynamic body */
DATA_BLOB out;
@@ -2311,15 +2312,15 @@ union smb_ioctl {
/* static body buffer 48 (0x30) bytes */
/* uint16_t buffer_code; 0x31 = 0x30 + 1 */
- uint16_t _pad;
+ uint16_t reserved;
uint32_t function;
/* struct smb2_handle handle; */
/* uint32_t in_ofs; */
/* uint32_t in_size; */
/* uint32_t out_ofs; */
/* uint32_t out_size; */
- uint32_t unknown2;
- uint32_t unknown3;
+ uint32_t flags;
+ uint32_t reserved2;
/* dynamic body */
DATA_BLOB in;
diff --git a/source4/libcli/smb2/getinfo.c b/source4/libcli/smb2/getinfo.c
index 14d911683e7..7a8fd44a855 100644
--- a/source4/libcli/smb2/getinfo.c
+++ b/source4/libcli/smb2/getinfo.c
@@ -32,26 +32,41 @@ struct smb2_request *smb2_getinfo_send(struct smb2_tree *tree, struct smb2_getin
{
struct smb2_request *req;
NTSTATUS status;
+ size_t max_payload;
req = smb2_request_init_tree(tree, SMB2_OP_GETINFO, 0x28, true,
- io->in.blob.length);
+ io->in.input_buffer.length);
if (req == NULL) return NULL;
SCVAL(req->out.body, 0x02, io->in.info_type);
SCVAL(req->out.body, 0x03, io->in.info_class);
SIVAL(req->out.body, 0x04, io->in.output_buffer_length);
- SIVAL(req->out.body, 0x0C, io->in.reserved);
- SIVAL(req->out.body, 0x08, io->in.input_buffer_length);
+ /*
+ * uint16_t input_buffer_offset
+ * uint16_t reserved
+ * uint32_t input_buffer_length
+ *
+ * We use smb2_push_o32s32_blob() which would
+ * expect uint32_t offset, uint32_t length.
+ *
+ * Everything is little endian, we can just
+ * overwrite the reserved field later.
+ */
SIVAL(req->out.body, 0x10, io->in.additional_information);
--
Samba Shared Repository
More information about the samba-cvs
mailing list