[SCM] Samba Shared Repository - branch master updated

Stefan Metzmacher metze at samba.org
Thu Jul 2 16:46:02 UTC 2020


The branch, master has been updated
       via  05d4466a6d1 smbd: check for stale pid in get_lease_type()
       via  3f4a865821d smbd: let get_lease_type() take a non-const share_mode_entry
       via  e4328db1c94 smbd: inverse if/else logic in get_lease_type()
       via  383a2457bd6 s3/leases: log NDR decoding failure with level 0 in leases_db_get_fn()
       via  fbb8bbe1243 smbd: increase loglevel when leases_db_del() with anything then NT_STATUS_NOT_FOUND
       via  f3f330f61db s3:smbd: make sure vfs_ChDir() always sets conn->cwd_fsp->fh->fd = AT_FDCWD
       via  b2b5ae090ee s3:smbd: reformat if statement for caching in vfs_ChDir()
       via  bcba4bb210d s4:torture/smb2: add smb2.delete-on-close-perms.BUG14427
       via  b5b801026ed s3:winbind:idmap_ad - make failure to get attrnames for schema mode fatal
      from  71488b812fe lib/debug: set the correct default backend loglevel to MAX_DEBUG_LEVEL

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 05d4466a6d1ad048fa86aea09ec0a56a7b961369
Author: Ralph Boehme <slow at samba.org>
Date:   Thu Jul 2 14:47:12 2020 +0200

    smbd: check for stale pid in get_lease_type()
    
    If leases_db_get() failed the leases_db record might have been cleaned up for
    stale processes. Check if the share-mode-entry owner is stale in this case and
    return a 0 lease state. In any other case, log a debug messages and panic.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    
    Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
    Autobuild-Date(master): Thu Jul  2 16:45:42 UTC 2020 on sn-devel-184

commit 3f4a865821da27efbed4f7c38ad3efbcaae77a02
Author: Ralph Boehme <slow at samba.org>
Date:   Thu Jul 2 14:45:59 2020 +0200

    smbd: let get_lease_type() take a non-const share_mode_entry
    
    We're going to add a call to share_entry_stale_pid(share_mode_entry) which takes
    a non-const pointer (in order to eventually set e->state = true).
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>

commit e4328db1c94837a8ea5652971cea20055d3d24ff
Author: Ralph Boehme <slow at samba.org>
Date:   Thu Jul 2 14:08:44 2020 +0200

    smbd: inverse if/else logic in get_lease_type()
    
    No change in behaviour.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>

commit 383a2457bd6cbe0acd571a8d601f8bdc5365f0b4
Author: Ralph Boehme <slow at samba.org>
Date:   Thu Jul 2 14:10:05 2020 +0200

    s3/leases: log NDR decoding failure with level 0 in leases_db_get_fn()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
    
    Signed-off-by: Ralph Boehme <slow at samba.org>

commit fbb8bbe1243eb2a0351dc2422929278f85a99e26
Author: Ralph Boehme <slow at samba.org>
Date:   Thu Jul 2 14:09:15 2020 +0200

    smbd: increase loglevel when leases_db_del() with anything then NT_STATUS_NOT_FOUND
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>

commit f3f330f61db983f6d213a097d9a4d91b1057ecb1
Author: Stefan Metzmacher <metze at samba.org>
Date:   Wed Jul 1 09:38:58 2020 +0200

    s3:smbd: make sure vfs_ChDir() always sets conn->cwd_fsp->fh->fd = AT_FDCWD
    
    This is what all consumers of conn->cwd_fsp->fh->fd expect!
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14427
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

commit b2b5ae090ee8796609eb0b5794bc4e62c24414ef
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Jul 2 12:06:28 2020 +0200

    s3:smbd: reformat if statement for caching in vfs_ChDir()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14427
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

commit bcba4bb210d9482be4c2c8dadfb5cc185046cbaa
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Jul 2 14:32:34 2020 +0200

    s4:torture/smb2: add smb2.delete-on-close-perms.BUG14427
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14427
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

commit b5b801026edd3a8fd8d0ba1752e891453cf675c9
Author: Andrew <awalker at ixsystems.com>
Date:   Tue Jun 30 06:54:06 2020 -0400

    s3:winbind:idmap_ad - make failure to get attrnames for schema mode fatal
    
    Add check for failure to resolve the OID array for the schema mode into
    names.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14425
    
    Signed-off-by: Andrew <awalker at ixsystems.com>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source3/locking/leases_db.c            |  4 +--
 source3/locking/locking.c              |  9 +++++--
 source3/smbd/oplock.c                  | 48 ++++++++++++++++++++++------------
 source3/smbd/proto.h                   |  2 +-
 source3/smbd/vfs.c                     | 40 ++++++++++++++++++++++++++--
 source3/winbindd/idmap_ad.c            |  8 ++++++
 source4/torture/smb2/delete-on-close.c | 43 +++++++++++++++++++++++++++++-
 7 files changed, 130 insertions(+), 24 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/locking/leases_db.c b/source3/locking/leases_db.c
index a12b421d260..2e2ccb150ac 100644
--- a/source3/locking/leases_db.c
+++ b/source3/locking/leases_db.c
@@ -549,8 +549,8 @@ static void leases_db_get_fn(TDB_DATA key, TDB_DATA data, void *private_data)
 		&blob, value, value,
 		(ndr_pull_flags_fn_t)ndr_pull_leases_db_value);
 	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-		DBG_DEBUG("ndr_pull_struct_blob_failed: %s\n",
-			  ndr_errstr(ndr_err));
+		DBG_ERR("ndr_pull_struct_blob_failed: %s\n",
+			ndr_errstr(ndr_err));
 		TALLOC_FREE(value);
 		state->status = ndr_map_error2ntstatus(ndr_err);
 		return;
diff --git a/source3/locking/locking.c b/source3/locking/locking.c
index a108ebba00d..c3fe5a246e2 100644
--- a/source3/locking/locking.c
+++ b/source3/locking/locking.c
@@ -733,8 +733,13 @@ NTSTATUS remove_lease_if_stale(struct share_mode_lock *lck,
 
 	status = leases_db_del(client_guid, lease_key, &d->id);
 	if (!NT_STATUS_IS_OK(status)) {
-		DBG_DEBUG("leases_db_del failed: %s\n",
-			  nt_errstr(status));
+		int level = DBGLVL_DEBUG;
+
+		if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
+			level = DBGLVL_ERR;
+		}
+		DBG_PREFIX(level, ("leases_db_del failed: %s\n",
+			   nt_errstr(status)));
 	}
 	return status;
 }
diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c
index 2c4449b10b2..1c1510f3aab 100644
--- a/source3/smbd/oplock.c
+++ b/source3/smbd/oplock.c
@@ -169,26 +169,42 @@ static void downgrade_file_oplock(files_struct *fsp)
 	TALLOC_FREE(fsp->oplock_timeout);
 }
 
-uint32_t get_lease_type(const struct share_mode_entry *e, struct file_id id)
+uint32_t get_lease_type(struct share_mode_entry *e, struct file_id id)
 {
-	if (e->op_type == LEASE_OPLOCK) {
-		NTSTATUS status;
-		uint32_t current_state;
+	struct GUID_txt_buf guid_strbuf;
+	struct file_id_buf file_id_strbuf;
+	NTSTATUS status;
+	uint32_t current_state;
+
+	if (e->op_type != LEASE_OPLOCK) {
+		return map_oplock_to_lease_type(e->op_type);
+	}
 
-		status = leases_db_get(
-			&e->client_guid,
-			&e->lease_key,
-			&id,
-			&current_state,
-			NULL,	/* breaking */
-			NULL,	/* breaking_to_requested */
-			NULL,	/* breaking_to_required */
-			NULL,	/* lease_version */
-			NULL);	/* epoch */
-		SMB_ASSERT(NT_STATUS_IS_OK(status));
+	status = leases_db_get(&e->client_guid,
+			       &e->lease_key,
+			       &id,
+			       &current_state,
+			       NULL,	/* breaking */
+			       NULL,	/* breaking_to_requested */
+			       NULL,	/* breaking_to_required */
+			       NULL,	/* lease_version */
+			       NULL);	/* epoch */
+	if (NT_STATUS_IS_OK(status)) {
 		return current_state;
 	}
-	return map_oplock_to_lease_type(e->op_type);
+
+	if (share_entry_stale_pid(e)) {
+		return 0;
+	}
+	DBG_ERR("leases_db_get for client_guid [%s] "
+		"lease_key [%"PRIu64"/%"PRIu64"] "
+		"file_id [%s] failed: %s\n",
+		GUID_buf_string(&e->client_guid, &guid_strbuf),
+		e->lease_key.data[0],
+		e->lease_key.data[1],
+		file_id_str_buf(id, &file_id_strbuf),
+		nt_errstr(status));
+	smb_panic("leases_db_get() failed");
 }
 
 /****************************************************************************
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index eeb6fcbf3d6..118e926b55f 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -774,7 +774,7 @@ NTSTATUS create_file_default(connection_struct *conn,
 
 /* The following definitions come from smbd/oplock.c  */
 
-uint32_t get_lease_type(const struct share_mode_entry *e, struct file_id id);
+uint32_t get_lease_type(struct share_mode_entry *e, struct file_id id);
 
 void break_kernel_oplock(struct messaging_context *msg_ctx, files_struct *fsp);
 NTSTATUS set_file_oplock(files_struct *fsp);
diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c
index 38b4070139d..f8c71014955 100644
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -892,11 +892,47 @@ int vfs_ChDir(connection_struct *conn, const struct smb_filename *smb_fname)
 	}
 
 	if (ISDOT(smb_fname->base_name)) {
+		/*
+		 * passing a '.' is a noop,
+		 * and we only expect this after
+		 * everything is initialized.
+		 *
+		 * So the first vfs_ChDir() on a given
+		 * connection_struct must not be '.'.
+		 *
+		 * Note: conn_new() sets
+		 * conn->cwd_fsp->fh->fd = -1
+		 * and vfs_ChDir() leaves with
+		 * conn->cwd_fsp->fh->fd = AT_FDCWD
+		 * on success!
+		 */
+		if (conn->cwd_fsp->fh->fd != AT_FDCWD) {
+			/*
+			 * This should never happen and
+			 * we might change this to
+			 * SMB_ASSERT() in future.
+			 */
+			DBG_ERR("Called with '.' as first operation!\n");
+			log_stack_trace();
+			errno = EINVAL;
+			return -1;
+		}
 		return 0;
 	}
 
-	if (*smb_fname->base_name == '/' &&
-			strcsequal(LastDir,smb_fname->base_name)) {
+	if (smb_fname->base_name[0] == '/' &&
+	    strcsequal(LastDir,smb_fname->base_name))
+	{
+		/*
+		 * conn->cwd_fsp->fsp_name and the kernel
+		 * are already correct, but conn->cwd_fsp->fh->fd
+		 * might still be -1 as initialized in conn_new().
+		 *
+		 * This can happen when a client made a 2nd
+		 * tree connect to a share with the same underlying
+		 * path (may or may not the same share).
+		 */
+		conn->cwd_fsp->fh->fd = AT_FDCWD;
 		return 0;
 	}
 
diff --git a/source3/winbindd/idmap_ad.c b/source3/winbindd/idmap_ad.c
index a93c61f54d1..6d879cdf4d7 100644
--- a/source3/winbindd/idmap_ad.c
+++ b/source3/winbindd/idmap_ad.c
@@ -162,6 +162,14 @@ static TLDAPRC get_attrnames_by_oids(struct tldap_context *ld,
 	}
 
 	TALLOC_FREE(msgs);
+	for (i=0; i<num_oids; i++) {
+		if (names[i] == NULL) {
+			DBG_ERR("Failed to retrieve schema name for "
+				"oid [%s]. Schema mode is incorrect "
+				"for this domain.\n", oids[i]);
+			return TLDAP_FILTER_ERROR;
+		}
+	}
 
 	return TLDAP_SUCCESS;
 }
diff --git a/source4/torture/smb2/delete-on-close.c b/source4/torture/smb2/delete-on-close.c
index 3c495750f43..05242876dcb 100644
--- a/source4/torture/smb2/delete-on-close.c
+++ b/source4/torture/smb2/delete-on-close.c
@@ -698,6 +698,46 @@ done:
 	return ret;
 }
 
+/*
+ * This is a regression test for
+ * https://bugzilla.samba.org/show_bug.cgi?id=14427
+ *
+ * It's not really a delete-on-close specific test.
+ */
+static bool test_doc_bug14427(struct torture_context *tctx, struct smb2_tree *tree1)
+{
+	struct smb2_tree *tree2 = NULL;
+	NTSTATUS status;
+	char fname[256];
+	bool ret = false;
+	bool ok;
+
+	/* Add some random component to the file name. */
+	snprintf(fname, sizeof(fname), "doc_bug14427_%s.dat",
+		 generate_random_str(tctx, 8));
+
+	ok = torture_smb2_tree_connect(tctx, tree1->session, tctx, &tree2);
+	torture_assert_goto(tctx, ok, ret, done,
+		"torture_smb2_tree_connect() failed.\n");
+
+	status = torture_setup_simple_file(tctx, tree1, fname);
+	torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+		"torture_setup_simple_file() failed on tree1.\n");
+
+	status = smb2_util_unlink(tree2, fname);
+	torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+		"smb2_util_unlink() failed on tree2.\n");
+	TALLOC_FREE(tree2);
+	ret = true;
+done:
+	if (tree2 != NULL) {
+		TALLOC_FREE(tree2);
+		smb2_util_unlink(tree1, fname);
+	}
+
+	TALLOC_FREE(tree1);
+	return ret;
+}
 
 /*
  *  Extreme testing of Delete On Close and permissions
@@ -713,7 +753,8 @@ struct torture_suite *torture_smb2_doc_init(TALLOC_CTX *ctx)
 	torture_suite_add_1smb2_test(suite, "CREATE_IF", test_doc_create_if);
 	torture_suite_add_1smb2_test(suite, "CREATE_IF Existing", test_doc_create_if_exist);
 	torture_suite_add_1smb2_test(suite, "FIND_and_set_DOC", test_doc_find_and_set_doc);
-	torture_suite_add_1smb2_test(suite,  "READONLY", test_doc_read_only);
+	torture_suite_add_1smb2_test(suite, "READONLY", test_doc_read_only);
+	torture_suite_add_1smb2_test(suite, "BUG14427", test_doc_bug14427);
 
 	suite->description = talloc_strdup(suite, "SMB2-Delete-on-Close-Perms tests");
 


-- 
Samba Shared Repository



More information about the samba-cvs mailing list