[SCM] Samba Shared Repository - branch v4-16-test updated

Jule Anger janger at samba.org
Sun Jul 31 19:15:01 UTC 2022


The branch, v4-16-test has been updated
       via  529e86163a3 s3:rpcclient: Goto done in cmd_samr_setuserinfo_int()
       via  e10ce26dcbd mdssvc: return all-zero policy handle if spotlight is disabled
       via  5598ddaaf46 CI: fix check for correct mdsvc resonse when connecting to a share with Spotlight disabled
       via  5fd138ad809 mdssvc: convert mds_init_ctx() to return NTSTATUS
      from  ae0977177bd VERSION: Bump version up to Samba 4.16.5...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test


- Log -----------------------------------------------------------------
commit 529e86163a34845502e89f56801be476ec35348c
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Aug 19 12:09:28 2021 +0200

    s3:rpcclient: Goto done in cmd_samr_setuserinfo_int()
    
    We need to free the frame or we will run into:
        smb_panic (why=0x7fa8c511aa88 "Frame not freed in order.")
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15124
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    (cherry picked from commit 2b32d932223e61935fc530eff1c05034ff817e21)
    
    Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
    Autobuild-Date(v4-16-test): Sun Jul 31 19:14:59 UTC 2022 on sn-devel-184

commit e10ce26dcbd7fd61780366e8a3daee5b7f69e881
Author: Ralph Boehme <slow at samba.org>
Date:   Wed May 25 17:37:22 2022 +0200

    mdssvc: return all-zero policy handle if spotlight is disabled
    
    A Mac SMB server returns an all zero handle and an empty path if Spotlight is
    disabled on a share. We must return the exact same error return in order to
    trigger client-side searching.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086
    pcap: https://www.samba.org/~slow/pcaps/mac-bigsur-smbserver-spotlight-disabled.pcapng.gz
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Noel Power <npower at samba.org>
    
    Autobuild-User(master): Noel Power <npower at samba.org>
    Autobuild-Date(master): Tue Jul 12 15:42:52 UTC 2022 on sn-devel-184
    
    (cherry picked from commit 23e6e50c0f82b997dea4a67069f65252045514c0)

commit 5598ddaaf46cd810980c2e5a2d5729a8ce17d4d4
Author: Ralph Boehme <slow at samba.org>
Date:   Tue Jun 7 09:52:53 2022 +0200

    CI: fix check for correct mdsvc resonse when connecting to a share with Spotlight disabled
    
    A Mac SMB server returns an all zero handle and an empty path if Spotlight is
    disabled on a share. We must return the exact same error return in order to
    trigger client-side searching.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086
    pcap: https://www.samba.org/~slow/pcaps/mac-bigsur-smbserver-spotlight-disabled.pcapng.gz
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Noel Power <npower at samba.org>
    (backported from commit 8e997bd6e9250499fd8e569d708edc29e304a0e8)
    [slow at samba.org: conflicts in tests.py caused by unrelated tests]

commit 5fd138ad8096d4bd4bab99fdf184a4ef07b5f3aa
Author: Ralph Boehme <slow at samba.org>
Date:   Wed May 25 17:26:29 2022 +0200

    mdssvc: convert mds_init_ctx() to return NTSTATUS
    
    No change in behavour. In preperation for returning a special error to signal
    the caller that spotlight is disabled for a share.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Noel Power <npower at samba.org>
    (cherry picked from commit 72468166b250de26747071cbbf3613c016ebfd42)

-----------------------------------------------------------------------

Summary of changes:
 source3/rpc_server/mdssvc/mdssvc.c        | 40 ++++++++++++++++++++-----------
 source3/rpc_server/mdssvc/mdssvc.h        | 15 ++++++------
 source3/rpc_server/mdssvc/srv_mdssvc_nt.c | 28 ++++++++++++++--------
 source3/rpcclient/cmd_samr.c              | 22 ++++++++++-------
 source3/selftest/tests.py                 |  2 +-
 source4/torture/rpc/mdssvc.c              | 17 +++++++------
 6 files changed, 75 insertions(+), 49 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_server/mdssvc/mdssvc.c b/source3/rpc_server/mdssvc/mdssvc.c
index 956e097eaf4..a4b082b3274 100644
--- a/source3/rpc_server/mdssvc/mdssvc.c
+++ b/source3/rpc_server/mdssvc/mdssvc.c
@@ -1585,13 +1585,14 @@ static int mds_ctx_destructor_cb(struct mds_ctx *mds_ctx)
  * This ends up being called for every tcon, because the client does a
  * RPC bind for every tcon, so this is acually a per tcon context.
  **/
-struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
-			     struct tevent_context *ev,
-			     struct messaging_context *msg_ctx,
-			     struct auth_session_info *session_info,
-			     int snum,
-			     const char *sharename,
-			     const char *path)
+NTSTATUS mds_init_ctx(TALLOC_CTX *mem_ctx,
+		      struct tevent_context *ev,
+		      struct messaging_context *msg_ctx,
+		      struct auth_session_info *session_info,
+		      int snum,
+		      const char *sharename,
+		      const char *path,
+		      struct mds_ctx **_mds_ctx)
 {
 	const struct loadparm_substitution *lp_sub =
 		loadparm_s3_global_substitution();
@@ -1603,21 +1604,22 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
 	smb_iconv_t iconv_hnd = (smb_iconv_t)-1;
 	NTSTATUS status;
 
+	if (!lp_spotlight(snum)) {
+		return NT_STATUS_WRONG_VOLUME;
+	}
+
 	mds_ctx = talloc_zero(mem_ctx, struct mds_ctx);
 	if (mds_ctx == NULL) {
-		return NULL;
+		return NT_STATUS_NO_MEMORY;
 	}
 	talloc_set_destructor(mds_ctx, mds_ctx_destructor_cb);
 
 	mds_ctx->mdssvc_ctx = mdssvc_init(ev);
 	if (mds_ctx->mdssvc_ctx == NULL) {
-		goto error;
+		return NT_STATUS_NO_MEMORY;
 	}
 
 	backend = lp_spotlight_backend(snum);
-	if (!lp_spotlight(snum)) {
-		backend = SPOTLIGHT_BACKEND_NOINDEX;
-	}
 	switch (backend) {
 	case SPOTLIGHT_BACKEND_NOINDEX:
 		mds_ctx->backend = &mdsscv_backend_noindex;
@@ -1637,6 +1639,7 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
 	default:
 		DBG_ERR("Unknown backend %d\n", backend);
 		TALLOC_FREE(mdssvc_ctx);
+		status = NT_STATUS_INTERNAL_ERROR;
 		goto error;
 	}
 
@@ -1645,6 +1648,7 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
 						   "UTF8-NFC",
 						   false);
 	if (iconv_hnd == (smb_iconv_t)-1) {
+		status = NT_STATUS_INTERNAL_ERROR;
 		goto error;
 	}
 	mds_ctx->ic_nfc_to_nfd = iconv_hnd;
@@ -1654,17 +1658,20 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
 						   "UTF8-NFD",
 						   false);
 	if (iconv_hnd == (smb_iconv_t)-1) {
+		status = NT_STATUS_INTERNAL_ERROR;
 		goto error;
 	}
 	mds_ctx->ic_nfd_to_nfc = iconv_hnd;
 
 	mds_ctx->sharename = talloc_strdup(mds_ctx, sharename);
 	if (mds_ctx->sharename == NULL) {
+		status = NT_STATUS_NO_MEMORY;
 		goto error;
 	}
 
 	mds_ctx->spath = talloc_strdup(mds_ctx, path);
 	if (mds_ctx->spath == NULL) {
+		status = NT_STATUS_NO_MEMORY;
 		goto error;
 	}
 
@@ -1672,6 +1679,7 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
 	mds_ctx->pipe_session_info = session_info;
 
 	if (session_info->security_token->num_sids < 1) {
+		status = NT_STATUS_BAD_LOGON_SESSION_STATE;
 		goto error;
 	}
 	sid_copy(&mds_ctx->sid, &session_info->security_token->sids[0]);
@@ -1680,6 +1688,7 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
 	mds_ctx->ino_path_map = db_open_rbt(mds_ctx);
 	if (mds_ctx->ino_path_map == NULL) {
 		DEBUG(1,("open inode map db failed\n"));
+		status = NT_STATUS_INTERNAL_ERROR;
 		goto error;
 	}
 
@@ -1704,16 +1713,19 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
 	if (ret != 0) {
 		DBG_ERR("vfs_ChDir [%s] failed: %s\n",
 			conn_basedir.base_name, strerror(errno));
+		status = map_nt_error_from_unix(errno);
 		goto error;
 	}
 
 	ok = mds_ctx->backend->connect(mds_ctx);
 	if (!ok) {
 		DBG_ERR("backend connect failed\n");
+		status = NT_STATUS_CONNECTION_RESET;
 		goto error;
 	}
 
-	return mds_ctx;
+	*_mds_ctx = mds_ctx;
+	return NT_STATUS_OK;
 
 error:
 	if (mds_ctx->ic_nfc_to_nfd != NULL) {
@@ -1724,7 +1736,7 @@ error:
 	}
 
 	TALLOC_FREE(mds_ctx);
-	return NULL;
+	return status;
 }
 
 /**
diff --git a/source3/rpc_server/mdssvc/mdssvc.h b/source3/rpc_server/mdssvc/mdssvc.h
index 392482767dd..205417c4be1 100644
--- a/source3/rpc_server/mdssvc/mdssvc.h
+++ b/source3/rpc_server/mdssvc/mdssvc.h
@@ -149,13 +149,14 @@ struct mdssvc_backend {
  */
 extern bool mds_init(struct messaging_context *msg_ctx);
 extern bool mds_shutdown(void);
-struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx,
-			     struct tevent_context *ev,
-			     struct messaging_context *msg_ctx,
-			     struct auth_session_info *session_info,
-			     int snum,
-			     const char *sharename,
-			     const char *path);
+NTSTATUS mds_init_ctx(TALLOC_CTX *mem_ctx,
+		      struct tevent_context *ev,
+		      struct messaging_context *msg_ctx,
+		      struct auth_session_info *session_info,
+		      int snum,
+		      const char *sharename,
+		      const char *path,
+		      struct mds_ctx **_mds_ctx);
 extern bool mds_dispatch(struct mds_ctx *query_ctx,
 			 struct mdssvc_blob *request_blob,
 			 struct mdssvc_blob *response_blob);
diff --git a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c
index 01c191bf01d..2fca15cb8a8 100644
--- a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c
+++ b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c
@@ -48,19 +48,22 @@ static NTSTATUS create_mdssvc_policy_handle(TALLOC_CTX *mem_ctx,
 	struct auth_session_info *session_info =
 		dcesrv_call_session_info(dce_call);
 	struct mds_ctx *mds_ctx;
+	NTSTATUS status;
 
 	ZERO_STRUCTP(handle);
 
-	mds_ctx = mds_init_ctx(mem_ctx,
-			       messaging_tevent_context(p->msg_ctx),
-			       p->msg_ctx,
-			       session_info,
-			       snum,
-			       sharename,
-			       path);
-	if (mds_ctx == NULL) {
-		DEBUG(1, ("error in mds_init_ctx for: %s\n", path));
-		return NT_STATUS_UNSUCCESSFUL;
+	status = mds_init_ctx(mem_ctx,
+			      messaging_tevent_context(p->msg_ctx),
+			      p->msg_ctx,
+			      session_info,
+			      snum,
+			      sharename,
+			      path,
+			      &mds_ctx);
+	if (!NT_STATUS_IS_OK(status)) {
+		DBG_DEBUG("mds_init_ctx() path [%s] failed: %s\n",
+			  path, nt_errstr(status));
+		return status;
 	}
 
 	if (!create_policy_hnd(p, handle, 0, mds_ctx)) {
@@ -106,6 +109,11 @@ void _mdssvc_open(struct pipes_struct *p, struct mdssvc_open *r)
 					     r->in.share_name,
 					     path,
 					     r->out.handle);
+	if (NT_STATUS_EQUAL(status, NT_STATUS_WRONG_VOLUME)) {
+		ZERO_STRUCTP(r->out.handle);
+		talloc_free(path);
+		return;
+	}
 	if (!NT_STATUS_IS_OK(status)) {
 		DBG_ERR("Couldn't create policy handle for %s\n",
 			r->in.share_name);
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index eb7f7fc8424..a048a4f935e 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -3296,7 +3296,8 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
 
 		break;
 	default:
-		return NT_STATUS_INVALID_INFO_CLASS;
+		status = NT_STATUS_INVALID_INFO_CLASS;
+		goto done;
 	}
 
 	/* Get sam policy handle */
@@ -3356,16 +3357,19 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
 						 &types,
 						 &result);
 		if (!NT_STATUS_IS_OK(status)) {
-			return status;
+			goto done;
 		}
 		if (!NT_STATUS_IS_OK(result)) {
-			return result;
+			status = result;
+			goto done;
 		}
 		if (rids.count != 1) {
-			return NT_STATUS_INVALID_NETWORK_RESPONSE;
+			status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+			goto done;
 		}
 		if (types.count != 1) {
-			return NT_STATUS_INVALID_NETWORK_RESPONSE;
+			status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+			goto done;
 		}
 
 		status = dcerpc_samr_OpenUser(b, frame,
@@ -3375,10 +3379,11 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
 					      &user_pol,
 					      &result);
 		if (!NT_STATUS_IS_OK(status)) {
-			return status;
+			goto done;
 		}
 		if (!NT_STATUS_IS_OK(result)) {
-			return result;
+			status = result;
+			goto done;
 		}
 	}
 
@@ -3398,7 +3403,8 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
 						  &result);
 		break;
 	default:
-		return NT_STATUS_INVALID_PARAMETER;
+		status = NT_STATUS_INVALID_PARAMETER;
+		goto done;
 	}
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0,("status: %s\n", nt_errstr(status)));
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index f4df916e6f8..3bc2b08f8a7 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -882,7 +882,7 @@ for t in tests:
         plansmbtorture4testsuite(t, "ad_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD', 'over ncacn_np ')
         plansmbtorture4testsuite(t, "ad_dc", 'ncacn_ip_tcp:$SERVER_IP -U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ')
     elif t == "rpc.mdssvc":
-        plansmbtorture4testsuite(t, "fileserver", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=torture:no_spotlight_localdir=$SELFTEST_PREFIX/fileserver/share')
+        plansmbtorture4testsuite(t, "fileserver", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
     elif t == "rpc.samr.passwords.validate":
         plansmbtorture4testsuite(t, "nt4_dc", 'ncacn_ip_tcp:$SERVER_IP[seal] -U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ')
         plansmbtorture4testsuite(t, "ad_dc", 'ncacn_ip_tcp:$SERVER_IP[seal] -U$USERNAME%$PASSWORD', 'over ncacn_ip_tcp ')
diff --git a/source4/torture/rpc/mdssvc.c b/source4/torture/rpc/mdssvc.c
index 17e895a8cc2..8f16af66476 100644
--- a/source4/torture/rpc/mdssvc.c
+++ b/source4/torture/rpc/mdssvc.c
@@ -264,7 +264,7 @@ static bool test_mdssvc_open_spotlight_disabled(struct torture_context *tctx,
 		data, struct torture_mdsscv_state);
 	struct dcerpc_binding_handle *b = state->p->binding_handle;
 	struct policy_handle ph;
-	const char *localdir = NULL;
+	struct policy_handle nullh;
 	uint32_t device_id;
 	uint32_t unkn2;
 	uint32_t unkn3;
@@ -282,17 +282,12 @@ static bool test_mdssvc_open_spotlight_disabled(struct torture_context *tctx,
 	share_mount_path = torture_setting_string(
 		tctx, "share_mount_path", "/foo/bar");
 
-	localdir = torture_setting_string(
-		tctx, "no_spotlight_localdir", NULL);
-	torture_assert_not_null_goto(
-		tctx, localdir, ok, done,
-		"need 'no_spotlight_localdir' torture option \n");
-
 	device_id_out = device_id = generate_random();
 	unkn2_out = unkn2 = 23;
 	unkn3_out = unkn3 = 0;
 
 	ZERO_STRUCT(ph);
+	ZERO_STRUCT(nullh);
 
 	status = dcerpc_mdssvc_open(b,
 				    tctx,
@@ -315,8 +310,12 @@ static bool test_mdssvc_open_spotlight_disabled(struct torture_context *tctx,
 	torture_assert_u32_equal_goto(tctx, unkn3, unkn3_out,
 				      ok, done, "Bad unkn3\n");
 
-	torture_assert_str_equal_goto(tctx, share_path, localdir, ok, done,
-				      "Wrong share path\n");
+	torture_assert_goto(tctx, share_path[0] == '\0', ok, done,
+			    "Expected empty string as share path\n");
+
+	torture_assert_mem_equal_goto(tctx, &ph, &nullh,
+				      sizeof(ph), ok, done,
+				      "Expected all-zero policy handle\n");
 
 done:
 	return ok;


-- 
Samba Shared Repository



More information about the samba-cvs mailing list