From 6f8496670f997bb12f07585e7755ac0dae060035 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Apr 10 2013 14:17:14 +0000 Subject: Update to Samba 4.0.5. --- diff --git a/samba-4.0.3-fix_libcmdline-credentials_linking.patch b/samba-4.0.3-fix_libcmdline-credentials_linking.patch deleted file mode 100644 index e6b5757..0000000 --- a/samba-4.0.3-fix_libcmdline-credentials_linking.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 95ce588e21398d04a1f50fb7cc226236b0b725b5 Mon Sep 17 00:00:00 2001 -From: Andreas Schneider -Date: Thu, 14 Feb 2013 12:14:33 +0100 -Subject: [PATCH] waf: Fix correct linking of libreplace with - cmdline-credentials. - -cmdline-credentials needs rep_getpass from libreplace. The function has -been replaced in master so this issue only exists in 4.0 releases. - -Reviewed-by: Andrew Bartlet -Signed-off-by: Andreas Schneider ---- - source4/lib/cmdline/wscript_build | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/source4/lib/cmdline/wscript_build b/source4/lib/cmdline/wscript_build -index 9b6f6e5..eec92d4 100644 ---- a/source4/lib/cmdline/wscript_build -+++ b/source4/lib/cmdline/wscript_build -@@ -4,6 +4,7 @@ bld.SAMBA_LIBRARY('cmdline-credentials', - source='credentials.c', - autoproto='credentials.h', - public_deps='samba-credentials popt', -+ deps='replace', - private_library=True) - - bld.SAMBA_SUBSYSTEM('POPT_SAMBA', --- -1.8.1.2 - diff --git a/samba-4.0.3-fix_pdb_ldapsam.patch b/samba-4.0.3-fix_pdb_ldapsam.patch deleted file mode 100644 index 75dca3a..0000000 --- a/samba-4.0.3-fix_pdb_ldapsam.patch +++ /dev/null @@ -1,220 +0,0 @@ -From 410b045c45006ae9c3f2bbcafb07d6ac8c615a56 Mon Sep 17 00:00:00 2001 -From: Andreas Schneider -Date: Mon, 28 Jan 2013 16:16:42 +0100 -Subject: [PATCH 1/3] Rename pdb_ldap to pdb_ldapsam - -This patch moves pdb_ldap to pdb_ldapsam unconditionally -and makes possible to load ldapsam.so dynamically - -Reviewed-by: Alexander Bokovoy ---- - source3/passdb/pdb_ipa.c | 2 +- - source3/passdb/pdb_ldap.c | 12 +++++++++--- - source3/passdb/pdb_ldap.h | 4 ++-- - source3/passdb/pdb_nds.c | 2 +- - source3/passdb/wscript_build | 6 +++--- - source3/wscript | 2 +- - 6 files changed, 17 insertions(+), 11 deletions(-) - -diff --git a/source3/passdb/pdb_ipa.c b/source3/passdb/pdb_ipa.c -index d31b37f..a699aab 100644 ---- a/source3/passdb/pdb_ipa.c -+++ b/source3/passdb/pdb_ipa.c -@@ -1446,7 +1446,7 @@ static NTSTATUS pdb_init_IPA_ldapsam(struct pdb_methods **pdb_method, const char - struct ldapsam_privates *ldap_state; - NTSTATUS status; - -- status = pdb_init_ldapsam(pdb_method, location); -+ status = pdb_ldapsam_init_common(pdb_method, location); - if (!NT_STATUS_IS_OK(status)) { - return status; - } -diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c -index ca35ef7..7ae9056 100644 ---- a/source3/passdb/pdb_ldap.c -+++ b/source3/passdb/pdb_ldap.c -@@ -6462,7 +6462,8 @@ static NTSTATUS pdb_init_ldapsam_common(struct pdb_methods **pdb_method, const c - Initialise the normal mode for pdb_ldap - *********************************************************************/ - --NTSTATUS pdb_init_ldapsam(struct pdb_methods **pdb_method, const char *location) -+NTSTATUS pdb_ldapsam_init_common(struct pdb_methods **pdb_method, -+ const char *location) - { - NTSTATUS nt_status; - struct ldapsam_privates *ldap_state = NULL; -@@ -6611,11 +6612,16 @@ NTSTATUS pdb_init_ldapsam(struct pdb_methods **pdb_method, const char *location) - return NT_STATUS_OK; - } - --NTSTATUS pdb_ldap_init(void) -+NTSTATUS pdb_ldapsam_init(void) - { - NTSTATUS nt_status; -- if (!NT_STATUS_IS_OK(nt_status = smb_register_passdb(PASSDB_INTERFACE_VERSION, "ldapsam", pdb_init_ldapsam))) -+ -+ nt_status = smb_register_passdb(PASSDB_INTERFACE_VERSION, -+ "ldapsam", -+ pdb_ldapsam_init_common); -+ if (!NT_STATUS_IS_OK(nt_status)) { - return nt_status; -+ } - - /* Let pdb_nds register backends */ - pdb_nds_init(); -diff --git a/source3/passdb/pdb_ldap.h b/source3/passdb/pdb_ldap.h -index 1372f33..0420314 100644 ---- a/source3/passdb/pdb_ldap.h -+++ b/source3/passdb/pdb_ldap.h -@@ -29,8 +29,8 @@ - /* The following definitions come from passdb/pdb_ldap.c */ - - const char** get_userattr_list( TALLOC_CTX *mem_ctx, int schema_ver ); --NTSTATUS pdb_init_ldapsam(struct pdb_methods **pdb_method, const char *location); --NTSTATUS pdb_ldap_init(void); -+NTSTATUS pdb_ldapsam_init_common(struct pdb_methods **pdb_method, const char *location); -+NTSTATUS pdb_ldapsam_init(void); - int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state, - const char *user, - LDAPMessage ** result, -diff --git a/source3/passdb/pdb_nds.c b/source3/passdb/pdb_nds.c -index cce4937..d7c16da 100644 ---- a/source3/passdb/pdb_nds.c -+++ b/source3/passdb/pdb_nds.c -@@ -878,7 +878,7 @@ static NTSTATUS pdb_init_NDS_ldapsam_common(struct pdb_methods **pdb_method, con - - static NTSTATUS pdb_init_NDS_ldapsam(struct pdb_methods **pdb_method, const char *location) - { -- NTSTATUS nt_status = pdb_init_ldapsam(pdb_method, location); -+ NTSTATUS nt_status = pdb_ldapsam_init_common(pdb_method, location); - - (*pdb_method)->name = "NDS_ldapsam"; - -diff --git a/source3/passdb/wscript_build b/source3/passdb/wscript_build -index 03a0df4..a6620cd 100644 ---- a/source3/passdb/wscript_build -+++ b/source3/passdb/wscript_build -@@ -13,13 +13,13 @@ bld.SAMBA3_MODULE('pdb_tdbsam', - internal_module=bld.SAMBA3_IS_STATIC_MODULE('pdb_tdbsam'), - enabled=bld.SAMBA3_IS_ENABLED_MODULE('pdb_tdbsam')) - --bld.SAMBA3_MODULE('pdb_ldap', -+bld.SAMBA3_MODULE('pdb_ldapsam', - subsystem='pdb', - deps='smbldap smbldaphelper', - source=PDB_LDAP_SRC, - init_function='', -- internal_module=bld.SAMBA3_IS_STATIC_MODULE('pdb_ldap'), -- enabled=bld.SAMBA3_IS_ENABLED_MODULE('pdb_ldap') and bld.CONFIG_SET('HAVE_LDAP')) -+ internal_module=bld.SAMBA3_IS_STATIC_MODULE('pdb_ldapsam'), -+ enabled=bld.SAMBA3_IS_ENABLED_MODULE('pdb_ldapsam') and bld.CONFIG_SET('HAVE_LDAP')) - - bld.SAMBA3_MODULE('pdb_smbpasswd', - subsystem='pdb', -diff --git a/source3/wscript b/source3/wscript -index 097cd83..34fccb1 100644 ---- a/source3/wscript -+++ b/source3/wscript -@@ -1734,7 +1734,7 @@ main() { - default_shared_modules.extend(TO_LIST('vfs_aio_linux')) - - if conf.CONFIG_SET('HAVE_LDAP'): -- default_static_modules.extend(TO_LIST('pdb_ldap idmap_ldap')) -+ default_static_modules.extend(TO_LIST('pdb_ldapsam idmap_ldap')) - - if conf.CONFIG_SET('DARWINOS'): - default_static_modules.extend(TO_LIST('charset_macosxfs')) --- -1.8.1.2 - -From 8c7b0ab9b3ae07574c6b5c5ba5888c3f329c9e02 Mon Sep 17 00:00:00 2001 -From: Alexander Bokovoy -Date: Wed, 6 Feb 2013 10:43:16 +0200 -Subject: [PATCH 2/3] source3/wscript: support 'pdb_ldap' module in configure - -While PASSDB module ldapsam is called pdb_ldapsam internally, -support specifying 'pdb_ldap' during configure step. - -This should make transition to pdb_ldapsam transparent to distributions. - -Reviewed-by: Andreas Schneider ---- - source3/wscript | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/source3/wscript b/source3/wscript -index 34fccb1..194d712 100644 ---- a/source3/wscript -+++ b/source3/wscript -@@ -1745,6 +1745,19 @@ main() { - explicit_shared_modules = TO_LIST(Options.options.shared_modules, delimiter=',') - explicit_static_modules = TO_LIST(Options.options.static_modules, delimiter=',') - -+ def replace_list_item(lst, item, value): -+ try: -+ idx = lst.index(item) -+ lst[idx] = value -+ except: -+ pass -+ # PDB module file name should have the same name as module registers itself -+ # In Autoconf build we export LDAP passdb module as ldapsam but WAF build -+ # was always exporting pdb_ldap. In order to support existing packages -+ # allow referring to pdb_ldapsam as pdb_ldap but use proper name internally. -+ replace_list_item(explicit_shared_modules, 'pdb_ldap', 'pdb_ldapsam') -+ replace_list_item(explicit_static_modules, 'pdb_ldap', 'pdb_ldapsam') -+ - final_static_modules = default_static_modules - final_shared_modules = default_shared_modules - --- -1.8.1.2 - -From 2b070b226926798fc544f6867721f57a5ec7075c Mon Sep 17 00:00:00 2001 -From: Alexander Bokovoy -Date: Wed, 6 Feb 2013 12:22:12 +0200 -Subject: [PATCH 3/3] autoconf: rename pdb_ldap module to pdb_ldapsam - -Reviewed-by: Andreas Schneider - -Autobuild-User(master): Alexander Bokovoy -Autobuild-Date(master): Wed Feb 6 13:32:53 CET 2013 on sn-devel-104 ---- - source3/configure.in | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - -diff --git a/source3/configure.in b/source3/configure.in -index d0c2a48..a4e0763 100644 ---- a/source3/configure.in -+++ b/source3/configure.in -@@ -3276,7 +3276,7 @@ if test x"$with_ldap_support" != x"no"; then - if test x"$ac_cv_lib_ext_ldap_ldap_init" = x"yes"; then - AC_DEFINE(HAVE_LDAP,1,[Whether ldap is available]) - CPPFLAGS="$CPPFLAGS -DLDAP_DEPRECATED" -- default_static_modules="$default_static_modules pdb_ldap idmap_ldap"; -+ default_static_modules="$default_static_modules pdb_ldapsam idmap_ldap"; - default_shared_modules="$default_shared_modules"; - SMBLDAP="lib/smbldap.o" - with_ldap_support=yes -@@ -6353,13 +6353,18 @@ AC_ARG_WITH(shared-modules, - done - fi ]) - -+# additionally, support pdb_ldap -> pdb_ldapsam replacement -+if test x"$MODULE_pdb_ldap" != x ; then -+ MODULE_pdb_ldapsam="$MODULE_pdb_ldap" -+fi -+ - if test x"$MODULE_DEFAULT_vfs_notify_fam" = xSTATIC -o \ - x"$MODULE_vfs_notify_fam" = xSTATIC ; then - SMBD_FAM_LIBS="$SMB_FAM_LIBS" - AC_SUBST(SMBD_FAM_LIBS) - fi - --SMB_MODULE(pdb_ldap, passdb/pdb_ldap.o passdb/pdb_nds.o passdb/pdb_ipa.o passdb/pdb_ldap_util.o, -+SMB_MODULE(pdb_ldapsam, passdb/pdb_ldap.o passdb/pdb_nds.o passdb/pdb_ipa.o passdb/pdb_ldap_util.o, - "bin/ldapsam.$SHLIBEXT", PDB, - [ PASSDB_LIBS="$PASSDB_LIBS $LDAP_LIBS" ] ) - SMB_MODULE(pdb_smbpasswd, passdb/pdb_smbpasswd.o, "bin/smbpasswd.$SHLIBEXT", PDB) --- -1.8.1.2 - diff --git a/samba-4.0.3-fix_pidl_with_gcc48.patch b/samba-4.0.3-fix_pidl_with_gcc48.patch deleted file mode 100644 index cb2378a..0000000 --- a/samba-4.0.3-fix_pidl_with_gcc48.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 1ac743a7d0d20e16fc325749d593edaaed89d706 Mon Sep 17 00:00:00 2001 -From: Alexander Bokovoy -Date: Wed, 6 Feb 2013 10:17:57 +0200 -Subject: [PATCH] PIDL: fix parsing linemarkers in preprocessor output - -When PIDL calls out to C preprocessor to expand IDL files -and parse the output, it filters out linemarkers and line control -information as described in http://gcc.gnu.org/onlinedocs/cpp/Preprocessor-Output.html -and http://gcc.gnu.org/onlinedocs/cpp/Line-Control.html#Line-Control - -With gcc 4.8 stdc-predef.h is included automatically and linemarker for the -file has extended flags that PIDL couldn't parse ('system header that needs to -be extern "C" protected for C++') - -Thanks to Jakub Jelinek for explanation of the linemarker format. - -Fixes https://bugzilla.redhat.com/show_bug.cgi?id=906517 - -Reviewed-by: Andreas Schneider -(cherry picked from commit 6ba7ab5c14801aecae96373d5a9db7ab82957526) - -Signed-off-by: Andreas Schneider ---- - pidl/idl.yp | 4 +++- - pidl/lib/Parse/Pidl/IDL.pm | 4 +++- - 2 files changed, 6 insertions(+), 2 deletions(-) - -diff --git a/pidl/idl.yp b/pidl/idl.yp -index b5c5185..c8a65f6 100644 ---- a/pidl/idl.yp -+++ b/pidl/idl.yp -@@ -610,7 +610,9 @@ again: - - for ($parser->YYData->{INPUT}) { - if (/^\#/) { -- if (s/^\# (\d+) \"(.*?)\"( \d+|)//) { -+ # Linemarker format is described at -+ # http://gcc.gnu.org/onlinedocs/cpp/Preprocessor-Output.html -+ if (s/^\# (\d+) \"(.*?)\"(( \d+){1,4}|)//) { - $parser->YYData->{LINE} = $1-1; - $parser->YYData->{FILE} = $2; - goto again; -diff --git a/pidl/lib/Parse/Pidl/IDL.pm b/pidl/lib/Parse/Pidl/IDL.pm -index d4820ff..6927c89 100644 ---- a/pidl/lib/Parse/Pidl/IDL.pm -+++ b/pidl/lib/Parse/Pidl/IDL.pm -@@ -2576,7 +2576,9 @@ again: - - for ($parser->YYData->{INPUT}) { - if (/^\#/) { -- if (s/^\# (\d+) \"(.*?)\"( \d+|)//) { -+ # Linemarker format is described at -+ # http://gcc.gnu.org/onlinedocs/cpp/Preprocessor-Output.html -+ if (s/^\# (\d+) \"(.*?)\"(( \d+){1,4}|)//) { - $parser->YYData->{LINE} = $1-1; - $parser->YYData->{FILE} = $2; - goto again; --- -1.8.1.1 - diff --git a/samba-4.0.4-fix_large_read_handling.patch b/samba-4.0.4-fix_large_read_handling.patch deleted file mode 100644 index b4c3b19..0000000 --- a/samba-4.0.4-fix_large_read_handling.patch +++ /dev/null @@ -1,1172 +0,0 @@ -From 73d7c14fadeb735c51d9039375b40b21950f9fcf Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Tue, 19 Mar 2013 09:02:52 +0100 -Subject: [PATCH 01/16] libcli/smb: add SMB_CAP_LEGACY_CLIENT_MASK define - -Older Samba releases (<= 3.6.x) -expect the client to send CAP_LARGE_READX -in order to let the client use large reads. - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Jeremy Allison ---- - libcli/smb/smb_constants.h | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/libcli/smb/smb_constants.h b/libcli/smb/smb_constants.h -index 8cb3b6e..bcfd84e 100644 ---- a/libcli/smb/smb_constants.h -+++ b/libcli/smb/smb_constants.h -@@ -253,6 +253,16 @@ enum smb_signing_setting { - #define SMB_CAP_CLIENT_MASK ( \ - CAP_DYNAMIC_REAUTH | \ - 0) -+/* -+ * Older Samba releases (<= 3.6.x) -+ * expect the client to send CAP_LARGE_READX -+ * in order to let the client use large reads. -+ */ -+#define SMB_CAP_LEGACY_CLIENT_MASK ( \ -+ SMB_CAP_CLIENT_MASK | \ -+ CAP_LARGE_READX | \ -+ CAP_LARGE_WRITEX | \ -+ 0) - - /* Client-side offline caching policy types */ - enum csc_policy { --- -1.8.1.3 - - -From 1b24d5d7e15ee40509f81ae64893f38b9ed7f5cb Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Tue, 19 Mar 2013 09:03:38 +0100 -Subject: [PATCH 02/16] s3:libsmb: make use of SMB_CAP_LEGACY_CLIENT_MASK - instead of SMB_CAP_CLIENT_MASK - -This should allow smbclient to keep using large reads against older Samba versions -(<= 3.6.x) and other servers that may also require this. - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Jeremy Allison ---- - source3/libsmb/cliconnect.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c -index 9ce013e..d1e161f 100644 ---- a/source3/libsmb/cliconnect.c -+++ b/source3/libsmb/cliconnect.c -@@ -341,9 +341,13 @@ static uint32_t cli_session_setup_capabilities(struct cli_state *cli, - * - client only flags - * - flags used in both directions - * -- * We do not echo the server only flags. -+ * We do not echo the server only flags, except some legacy flags. -+ * -+ * SMB_CAP_LEGACY_CLIENT_MASK contains CAP_LARGE_READX and -+ * CAP_LARGE_WRITEX in order to allow us to do large reads -+ * against old Samba releases (<= 3.6.x). - */ -- client_capabilities &= (SMB_CAP_BOTH_MASK | SMB_CAP_CLIENT_MASK); -+ client_capabilities &= (SMB_CAP_BOTH_MASK | SMB_CAP_LEGACY_CLIENT_MASK); - - /* - * Session Setup specific flags CAP_DYNAMIC_REAUTH --- -1.8.1.3 - - -From 705f9c20aa1f37a9af5c181d113957ce99deb5fe Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Mon, 18 Mar 2013 15:02:55 +0100 -Subject: [PATCH 03/16] libcli/smb: defer failing for missing - NEGOTIATE_SECURITY_SIGNATURES_ENABLED - -Windows servers take a look at the FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED -flag during a session setup and turn on signing if the client requires it. - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Jeremy Allison ---- - libcli/smb/smbXcli_base.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c -index c547515..2523dfb 100644 ---- a/libcli/smb/smbXcli_base.c -+++ b/libcli/smb/smbXcli_base.c -@@ -4046,6 +4046,15 @@ static void smbXcli_negprot_smb1_done(struct tevent_req *subreq) - if (server_security_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED) { - server_signing = "supported"; - server_allowed = true; -+ } else if (conn->mandatory_signing) { -+ /* -+ * We have mandatory signing as client -+ * lets assume the server will look at our -+ * FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED -+ * flag in the session setup -+ */ -+ server_signing = "not announced"; -+ server_allowed = true; - } - if (server_security_mode & NEGOTIATE_SECURITY_SIGNATURES_REQUIRED) { - server_signing = "required"; --- -1.8.1.3 - - -From 6cbbf63036cae745fcd0a27190c459e71ed3ce48 Mon Sep 17 00:00:00 2001 -From: Jeremy Allison -Date: Wed, 13 Mar 2013 15:23:52 -0700 -Subject: [PATCH 04/16] libcli/smb: smb1cli_inbuf_parse_chain() and - smb1cli_conn_dispatch_incoming() should use smb_len_tcp. - -They have to cope with large READX call replies that have -a length greater than smb_len_nbt() can handle. - -Signed-off-by: Jeremy Allison -Reviewed-by: Stefan Metzmacher ---- - libcli/smb/smbXcli_base.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c -index 2523dfb..c971a6d 100644 ---- a/libcli/smb/smbXcli_base.c -+++ b/libcli/smb/smbXcli_base.c -@@ -1618,7 +1618,7 @@ static NTSTATUS smb1cli_inbuf_parse_chain(uint8_t *buf, TALLOC_CTX *mem_ctx, - NTSTATUS status; - size_t min_size = MIN_SMB_SIZE; - -- buflen = smb_len_nbt(buf); -+ buflen = smb_len_tcp(buf); - taken = 0; - - hdr = buf + NBT_HDR_SIZE; -@@ -1845,7 +1845,7 @@ static NTSTATUS smb1cli_conn_dispatch_incoming(struct smbXcli_conn *conn, - uint16_t mid; - bool oplock_break; - uint8_t *inhdr = inbuf + NBT_HDR_SIZE; -- size_t len = smb_len_nbt(inbuf); -+ size_t len = smb_len_tcp(inbuf); - struct iovec *iov = NULL; - int num_iov = 0; - struct tevent_req **chain = NULL; --- -1.8.1.3 - - -From c6f8bbaa0a8d9c0c8fe60dfd304ae8bc39d2c554 Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Mon, 18 Mar 2013 09:33:00 +0100 -Subject: [PATCH 05/16] s3:libsmb: let cli_read_andx_create() accept any length - -It's up to the server to decide the allowed length. - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Jeremy Allison ---- - source3/libsmb/clireadwrite.c | 7 ------- - 1 file changed, 7 deletions(-) - -diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c -index 3cc6cf8..c429d30 100644 ---- a/source3/libsmb/clireadwrite.c -+++ b/source3/libsmb/clireadwrite.c -@@ -132,13 +132,6 @@ struct tevent_req *cli_read_andx_create(TALLOC_CTX *mem_ctx, - struct cli_read_andx_state *state; - uint8_t wct = 10; - -- if (size > cli_read_max_bufsize(cli)) { -- DEBUG(0, ("cli_read_andx_send got size=%d, can only handle " -- "size=%d\n", (int)size, -- (int)cli_read_max_bufsize(cli))); -- return NULL; -- } -- - req = tevent_req_create(mem_ctx, &state, struct cli_read_andx_state); - if (req == NULL) { - return NULL; --- -1.8.1.3 - - -From 1a596a7b46d89489f94ed970cea3ed6eb105cc92 Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Mon, 18 Mar 2013 10:10:25 +0100 -Subject: [PATCH 06/16] s3:smbd: keep global_client_caps and max_send from the - first successful session setup - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Jeremy Allison ---- - source3/smbd/sesssetup.c | 14 ++++++++++---- - 1 file changed, 10 insertions(+), 4 deletions(-) - -diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c -index 890189c..4728759 100644 ---- a/source3/smbd/sesssetup.c -+++ b/source3/smbd/sesssetup.c -@@ -132,11 +132,12 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req) - uint16_t action = 0; - NTTIME now = timeval_to_nttime(&req->request_time); - struct smbXsrv_session *session = NULL; -+ uint16_t smb_bufsize = SVAL(req->vwv+2, 0); - uint32_t client_caps = IVAL(req->vwv+10, 0); - - DEBUG(3,("Doing spnego session setup\n")); - -- if (global_client_caps == 0) { -+ if (!sconn->smb1.sessions.done_sesssetup) { - global_client_caps = client_caps; - - if (!(global_client_caps & CAP_STATUS32)) { -@@ -377,6 +378,12 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req) - return; - } - -+ if (!sconn->smb1.sessions.done_sesssetup) { -+ sconn->smb1.sessions.max_send = -+ MIN(sconn->smb1.sessions.max_send,smb_bufsize); -+ } -+ sconn->smb1.sessions.done_sesssetup = true; -+ - /* current_user_info is changed on new vuid */ - reload_services(sconn, conn_snum_used, true); - } else if (NT_STATUS_IS_OK(status)) { -@@ -560,7 +567,7 @@ static void setup_new_vc_session(struct smbd_server_connection *sconn) - void reply_sesssetup_and_X(struct smb_request *req) - { - uint64_t sess_vuid; -- int smb_bufsize; -+ uint16_t smb_bufsize; - DATA_BLOB lm_resp; - DATA_BLOB nt_resp; - DATA_BLOB plaintext_password; -@@ -671,8 +678,7 @@ void reply_sesssetup_and_X(struct smb_request *req) - const uint8_t *save_p = req->buf; - uint16 byte_count; - -- -- if(global_client_caps == 0) { -+ if (!sconn->smb1.sessions.done_sesssetup) { - global_client_caps = IVAL(req->vwv+11, 0); - - if (!(global_client_caps & CAP_STATUS32)) { --- -1.8.1.3 - - -From 8b805f9a8fb692691c8a85971edb55bd0b3fb0c0 Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Tue, 19 Mar 2013 13:24:46 +0100 -Subject: [PATCH 07/16] s3:smbd: remove silly (SMB_OFF_T_BITS == 64) checks - -configure will abort if sizeof(off_t) is not 8. - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Jeremy Allison ---- - source3/smbd/negprot.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c -index e33350c..cfe0983 100644 ---- a/source3/smbd/negprot.c -+++ b/source3/smbd/negprot.c -@@ -284,11 +284,10 @@ static void reply_nt1(struct smb_request *req, uint16 choice) - capabilities |= CAP_UNIX; - } - -- if (lp_large_readwrite() && (SMB_OFF_T_BITS == 64)) -+ if (lp_large_readwrite()) - capabilities |= CAP_LARGE_READX|CAP_LARGE_WRITEX|CAP_W2K_SMBS; - -- if (SMB_OFF_T_BITS == 64) -- capabilities |= CAP_LARGE_FILES; -+ capabilities |= CAP_LARGE_FILES; - - if (lp_readraw() && lp_writeraw()) - capabilities |= CAP_RAW_MODE; --- -1.8.1.3 - - -From 804f5749f8622768ac7e4925fc78bcd07f9fe234 Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Mon, 18 Mar 2013 12:36:30 +0100 -Subject: [PATCH 08/16] s3:smbd: add some const to req_is_in_chain() - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Jeremy Allison ---- - source3/smbd/process.c | 2 +- - source3/smbd/proto.h | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/source3/smbd/process.c b/source3/smbd/process.c -index e934eaa..43bf76e 100644 ---- a/source3/smbd/process.c -+++ b/source3/smbd/process.c -@@ -3631,7 +3631,7 @@ void smbd_process(struct tevent_context *ev_ctx, - exit_server_cleanly(NULL); - } - --bool req_is_in_chain(struct smb_request *req) -+bool req_is_in_chain(const struct smb_request *req) - { - if (req->vwv != (const uint16_t *)(req->inbuf+smb_vwv)) { - /* -diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h -index fae1407..35ae8a2 100644 ---- a/source3/smbd/proto.h -+++ b/source3/smbd/proto.h -@@ -786,7 +786,7 @@ bool smb1_parse_chain(TALLOC_CTX *mem_ctx, const uint8_t *buf, - struct smbd_server_connection *sconn, - bool encrypted, uint32_t seqnum, - struct smb_request ***reqs, unsigned *num_reqs); --bool req_is_in_chain(struct smb_request *req); -+bool req_is_in_chain(const struct smb_request *req); - void smbd_process(struct tevent_context *ev_ctx, - struct messaging_context *msg_ctx, - int sock_fd, --- -1.8.1.3 - - -From 77cb710192e1a0bd6204a0a87ad3642e59c040a6 Mon Sep 17 00:00:00 2001 -From: Jeremy Allison -Date: Mon, 18 Mar 2013 15:05:24 -0700 -Subject: [PATCH 09/16] s3:smbd: Fix off-by 4 error in wrap protection code in - create_outbuf() - -Subtract 4 from smb_size (39) here as the length -of the SMB reply following the 4 byte type+length -field can be up to 0xFFFFFF bytes. - -Signed-off-by: Jeremy Allison -Signed-off-by: Stefan Metzmacher -Reviewed-by: Stefan Metzmacher ---- - source3/smbd/process.c | 17 +++++++++++------ - 1 file changed, 11 insertions(+), 6 deletions(-) - -diff --git a/source3/smbd/process.c b/source3/smbd/process.c -index 43bf76e..f03a20f 100644 ---- a/source3/smbd/process.c -+++ b/source3/smbd/process.c -@@ -1270,11 +1270,13 @@ static bool create_outbuf(TALLOC_CTX *mem_ctx, struct smb_request *req, - const char *inbuf, char **outbuf, uint8_t num_words, - uint32_t num_bytes) - { -+ size_t smb_len = MIN_SMB_SIZE + VWV(num_words) + num_bytes; -+ - /* -- * Protect against integer wrap -- */ -- if ((num_bytes > 0xffffff) -- || ((num_bytes + smb_size + num_words*2) > 0xffffff)) { -+ * Protect against integer wrap. -+ * The SMB layer reply can be up to 0xFFFFFF bytes. -+ */ -+ if ((num_bytes > 0xffffff) || (smb_len > 0xffffff)) { - char *msg; - if (asprintf(&msg, "num_bytes too large: %u", - (unsigned)num_bytes) == -1) { -@@ -1283,8 +1285,11 @@ static bool create_outbuf(TALLOC_CTX *mem_ctx, struct smb_request *req, - smb_panic(msg); - } - -+ /* -+ * Here we include the NBT header for now. -+ */ - *outbuf = talloc_array(mem_ctx, char, -- smb_size + num_words*2 + num_bytes); -+ NBT_HDR_SIZE + smb_len); - if (*outbuf == NULL) { - return false; - } -@@ -1296,7 +1301,7 @@ static bool create_outbuf(TALLOC_CTX *mem_ctx, struct smb_request *req, - * himself - */ - if (num_words != 0) { -- memset(*outbuf + smb_vwv0, 0, num_words*2); -+ memset(*outbuf + (NBT_HDR_SIZE + HDR_VWV), 0, VWV(num_words)); - } - - return true; --- -1.8.1.3 - - -From 3e9234b1ec071457e3f03f2270b6d778c66df2e0 Mon Sep 17 00:00:00 2001 -From: Jeremy Allison -Date: Fri, 15 Mar 2013 11:53:04 -0700 -Subject: [PATCH 10/16] s3:smbd: Remove server_will_accept_large_read() and - erroneous comment. - -We're going to replace this with a function that calculates -the max PDU to return on a read and supports short reads. - -Signed-off-by: Jeremy Allison -Reviewed-by: Stefan Metzmacher ---- - source3/smbd/reply.c | 29 +---------------------------- - 1 file changed, 1 insertion(+), 28 deletions(-) - -diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c -index 1c5627c..ffc5ff7 100644 ---- a/source3/smbd/reply.c -+++ b/source3/smbd/reply.c -@@ -3848,26 +3848,6 @@ nosendfile_read: - } - - /**************************************************************************** -- MacOSX clients send large reads without telling us they are going to do that. -- Bug #9572 - File corruption during SMB1 read by Mac OSX 10.8.2 clients -- Allow this if we are talking to a Samba client, or if we told the client -- we supported this. --****************************************************************************/ -- --static bool server_will_accept_large_read(void) --{ -- /* Samba client ? No problem. */ -- if (get_remote_arch() == RA_SAMBA) { -- return true; -- } -- /* Need UNIX extensions. */ -- if (!lp_unix_extensions()) { -- return false; -- } -- return true; --} -- --/**************************************************************************** - Reply to a read and X. - ****************************************************************************/ - -@@ -3913,14 +3893,7 @@ void reply_read_and_X(struct smb_request *req) - } - - upper_size = SVAL(req->vwv+7, 0); -- if ((upper_size != 0) && server_will_accept_large_read()) { -- /* -- * This is Samba only behavior (up to Samba 3.6)! -- * -- * Windows 2008 R2 ignores the upper_size, -- * so we do unless unix extentions are active -- * or "smbclient" is talking to us. -- */ -+ if (upper_size != 0) { - smb_maxcnt |= (upper_size<<16); - if (upper_size > 1) { - /* Can't do this on a chained packet. */ --- -1.8.1.3 - - -From 9b5751b4ae77ac6a46820350377b26765ca8844f Mon Sep 17 00:00:00 2001 -From: Jeremy Allison -Date: Fri, 15 Mar 2013 11:57:48 -0700 -Subject: [PATCH 11/16] s3:smbd: Add functions - calc_max_read_pdu()/calc_read_size() to work out the length we should return. - -LARGE_READX test shows it's always safe to return a short read. -Windows does so. Do the calculations to return what will fit -in a read depending on what the client negotiated. - -Signed-off-by: Jeremy Allison -Signed-off-by: Stefan Metzmacher -Reviewed-by: Stefan Metzmacher ---- - source3/smbd/reply.c | 111 +++++++++++++++++++++++++++++++++++++++------------ - 1 file changed, 86 insertions(+), 25 deletions(-) - -diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c -index ffc5ff7..2326015 100644 ---- a/source3/smbd/reply.c -+++ b/source3/smbd/reply.c -@@ -3848,6 +3848,84 @@ nosendfile_read: - } - - /**************************************************************************** -+ Work out how much space we have for a read return. -+****************************************************************************/ -+ -+static size_t calc_max_read_pdu(const struct smb_request *req) -+{ -+ if (req->sconn->conn->protocol < PROTOCOL_NT1) { -+ return req->sconn->smb1.sessions.max_send; -+ } -+ -+ if (!lp_large_readwrite()) { -+ return req->sconn->smb1.sessions.max_send; -+ } -+ -+ if (req_is_in_chain(req)) { -+ return req->sconn->smb1.sessions.max_send; -+ } -+ -+ if (req->encrypted) { -+ /* -+ * Don't take encrypted traffic up to the -+ * limit. There are padding considerations -+ * that make that tricky. -+ */ -+ return req->sconn->smb1.sessions.max_send; -+ } -+ -+ if (srv_is_signing_active(req->sconn)) { -+ return 0x1FFFF; -+ } -+ -+ if (!lp_unix_extensions()) { -+ return 0x1FFFF; -+ } -+ -+ /* -+ * We can do ultra-large POSIX reads. -+ */ -+ return 0xFFFFFF; -+} -+ -+/**************************************************************************** -+ Calculate how big a read can be. Copes with all clients. It's always -+ safe to return a short read - Windows does this. -+****************************************************************************/ -+ -+static size_t calc_read_size(const struct smb_request *req, -+ size_t upper_size, -+ size_t lower_size) -+{ -+ size_t max_pdu = calc_max_read_pdu(req); -+ size_t total_size = 0; -+ size_t hdr_len = MIN_SMB_SIZE + VWV(12); -+ size_t max_len = max_pdu - hdr_len; -+ -+ /* -+ * Windows explicitly ignores upper size of 0xFFFF. -+ * See [MS-SMB].pdf <26> Section 2.2.4.2.1: -+ * We must do the same as these will never fit even in -+ * an extended size NetBIOS packet. -+ */ -+ if (upper_size == 0xFFFF) { -+ upper_size = 0; -+ } -+ -+ if (req->sconn->conn->protocol < PROTOCOL_NT1) { -+ upper_size = 0; -+ } -+ -+ total_size = ((upper_size<<16) | lower_size); -+ -+ /* -+ * LARGE_READX test shows it's always safe to return -+ * a short read. Windows does so. -+ */ -+ return MIN(total_size, max_len); -+} -+ -+/**************************************************************************** - Reply to a read and X. - ****************************************************************************/ - -@@ -3893,31 +3971,14 @@ void reply_read_and_X(struct smb_request *req) - } - - upper_size = SVAL(req->vwv+7, 0); -- if (upper_size != 0) { -- smb_maxcnt |= (upper_size<<16); -- if (upper_size > 1) { -- /* Can't do this on a chained packet. */ -- if ((CVAL(req->vwv+0, 0) != 0xFF)) { -- reply_nterror(req, NT_STATUS_NOT_SUPPORTED); -- END_PROFILE(SMBreadX); -- return; -- } -- /* We currently don't do this on signed or sealed data. */ -- if (srv_is_signing_active(req->sconn) || -- is_encrypted_packet(req->sconn, req->inbuf)) { -- reply_nterror(req, NT_STATUS_NOT_SUPPORTED); -- END_PROFILE(SMBreadX); -- return; -- } -- /* Is there room in the reply for this data ? */ -- if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) { -- reply_nterror(req, -- NT_STATUS_INVALID_PARAMETER); -- END_PROFILE(SMBreadX); -- return; -- } -- big_readX = True; -- } -+ smb_maxcnt = calc_read_size(req, upper_size, smb_maxcnt); -+ if (smb_maxcnt > (0x1FFFF - (MIN_SMB_SIZE + VWV(12)))) { -+ /* -+ * This is a heuristic to avoid keeping large -+ * outgoing buffers around over long-lived aio -+ * requests. -+ */ -+ big_readX = True; - } - - if (req->wct == 12) { --- -1.8.1.3 - - -From 608106f67a4f411dba096d104a9258401a67211c Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Mon, 18 Mar 2013 19:50:38 +0100 -Subject: [PATCH 12/16] s4:smb_server: fix large read_andx requests - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Jeremy Allison ---- - source4/smb_server/smb/reply.c | 18 ++++++++++++------ - 1 file changed, 12 insertions(+), 6 deletions(-) - -diff --git a/source4/smb_server/smb/reply.c b/source4/smb_server/smb/reply.c -index bae6b2c..7ce5f5d 100644 ---- a/source4/smb_server/smb/reply.c -+++ b/source4/smb_server/smb/reply.c -@@ -848,6 +848,7 @@ static void reply_read_and_X_send(struct ntvfs_request *ntvfs) - void smbsrv_reply_read_and_X(struct smbsrv_request *req) - { - union smb_read *io; -+ uint16_t high_part = 0; - - /* parse request */ - if (req->in.wct != 12) { -@@ -869,13 +870,18 @@ void smbsrv_reply_read_and_X(struct smbsrv_request *req) - io->readx.in.read_for_execute = false; - } - -- if (req->smb_conn->negotiate.client_caps & CAP_LARGE_READX) { -- uint32_t high_part = IVAL(req->in.vwv, VWV(7)); -- if (high_part == 1) { -- io->readx.in.maxcnt |= high_part << 16; -- } -+ if (req->smb_conn->negotiate.protocol == PROTOCOL_NT1) { -+ high_part = SVAL(req->in.vwv, VWV(7)); - } -- -+ if (high_part != UINT16_MAX) { -+ io->readx.in.maxcnt |= high_part << 16; -+ } -+ -+ /* -+ * Windows truncates the length to 0x10000 -+ */ -+ io->readx.in.maxcnt = MIN(io->readx.in.maxcnt, 0x10000); -+ - /* the 64 bit variant */ - if (req->in.wct == 12) { - uint32_t offset_high = IVAL(req->in.vwv, VWV(10)); --- -1.8.1.3 - - -From 822e7d7d8c84c8b756e13c00dc870a7964ac54cc Mon Sep 17 00:00:00 2001 -From: Jeremy Allison -Date: Wed, 13 Mar 2013 15:43:21 -0700 -Subject: [PATCH 13/16] s3:torture: Add new LARGE_READX test to investigate - large SMBreadX behavior. - -Signed-off-by: Jeremy Allison -Signed-off-by: Stefan Metzmacher -Reviewed-by: Stefan Metzmacher ---- - source3/torture/torture.c | 338 +++++++++++++++++++++++++++++++++++++++++++++- - 1 file changed, 337 insertions(+), 1 deletion(-) - -diff --git a/source3/torture/torture.c b/source3/torture/torture.c -index cd885a1..21dcf9b 100644 ---- a/source3/torture/torture.c -+++ b/source3/torture/torture.c -@@ -65,7 +65,7 @@ static fstring multishare_conn_fname; - static bool use_multishare_conn = False; - static bool do_encrypt; - static const char *local_path = NULL; --static int signing_state = SMB_SIGNING_DEFAULT; -+static enum smb_signing_setting signing_state = SMB_SIGNING_DEFAULT; - char *test_filename; - - bool torture_showall = False; -@@ -7237,6 +7237,341 @@ static bool run_windows_write(int dummy) - return ret; - } - -+static size_t calc_expected_return(struct cli_state *cli, size_t len_requested) -+{ -+ size_t max_pdu = 0x1FFFF; -+ -+ if (cli->server_posix_capabilities & CIFS_UNIX_LARGE_READ_CAP) { -+ max_pdu = 0xFFFFFF; -+ } -+ -+ if (smb1cli_conn_signing_is_active(cli->conn)) { -+ max_pdu = 0x1FFFF; -+ } -+ -+ if (smb1cli_conn_encryption_on(cli->conn)) { -+ max_pdu = CLI_BUFFER_SIZE; -+ } -+ -+ if ((len_requested & 0xFFFF0000) == 0xFFFF0000) { -+ len_requested &= 0xFFFF; -+ } -+ -+ return MIN(len_requested, max_pdu - (MIN_SMB_SIZE + VWV(12))); -+} -+ -+static bool check_read_call(struct cli_state *cli, -+ uint16_t fnum, -+ uint8_t *buf, -+ size_t len_requested) -+{ -+ NTSTATUS status; -+ struct tevent_req *subreq = NULL; -+ ssize_t len_read = 0; -+ size_t len_expected = 0; -+ struct tevent_context *ev = NULL; -+ -+ ev = tevent_context_init(talloc_tos()); -+ if (ev == NULL) { -+ return false; -+ } -+ -+ subreq = cli_read_andx_send(talloc_tos(), -+ ev, -+ cli, -+ fnum, -+ 0, -+ len_requested); -+ -+ if (!tevent_req_poll_ntstatus(subreq, ev, &status)) { -+ return false; -+ } -+ -+ status = cli_read_andx_recv(subreq, &len_read, &buf); -+ if (!NT_STATUS_IS_OK(status)) { -+ d_printf("cli_read_andx_recv failed: %s\n", nt_errstr(status)); -+ return false; -+ } -+ -+ TALLOC_FREE(subreq); -+ TALLOC_FREE(ev); -+ -+ len_expected = calc_expected_return(cli, len_requested); -+ -+ if (len_expected > 0x10000 && len_read == 0x10000) { -+ /* Windows servers only return a max of 0x10000, -+ doesn't matter if you set CAP_LARGE_READX in -+ the client sessionsetupX call or not. */ -+ d_printf("Windows server - returned 0x10000 on a read of 0x%x\n", -+ (unsigned int)len_requested); -+ } else if (len_read != len_expected) { -+ d_printf("read of 0x%x failed: got 0x%x, expected 0x%x\n", -+ (unsigned int)len_requested, -+ (unsigned int)len_read, -+ (unsigned int)len_expected); -+ return false; -+ } else { -+ d_printf("Correct read reply.\n"); -+ } -+ -+ return true; -+} -+ -+/* Test large readX variants. */ -+static bool large_readx_tests(struct cli_state *cli, -+ uint16_t fnum, -+ uint8_t *buf) -+{ -+ /* A read of 0xFFFF0001 should *always* return 1 byte. */ -+ if (check_read_call(cli, fnum, buf, 0xFFFF0001) == false) { -+ return false; -+ } -+ /* A read of 0x10000 should return 0x10000 bytes. */ -+ if (check_read_call(cli, fnum, buf, 0x10000) == false) { -+ return false; -+ } -+ /* A read of 0x10000 should return 0x10001 bytes. */ -+ if (check_read_call(cli, fnum, buf, 0x10001) == false) { -+ return false; -+ } -+ /* A read of 0x1FFFF - (MIN_SMB_SIZE + VWV(12) should return -+ the requested number of bytes. */ -+ if (check_read_call(cli, fnum, buf, 0x1FFFF - (MIN_SMB_SIZE + VWV(12))) == false) { -+ return false; -+ } -+ /* A read of 1MB should return 1MB bytes (on Samba). */ -+ if (check_read_call(cli, fnum, buf, 0x100000) == false) { -+ return false; -+ } -+ -+ if (check_read_call(cli, fnum, buf, 0x20001) == false) { -+ return false; -+ } -+ if (check_read_call(cli, fnum, buf, 0x22000001) == false) { -+ return false; -+ } -+ if (check_read_call(cli, fnum, buf, 0xFFFE0001) == false) { -+ return false; -+ } -+ return true; -+} -+ -+static bool run_large_readx(int dummy) -+{ -+ uint8_t *buf = NULL; -+ struct cli_state *cli1 = NULL; -+ struct cli_state *cli2 = NULL; -+ bool correct = false; -+ const char *fname = "\\large_readx.dat"; -+ NTSTATUS status; -+ uint16_t fnum1 = UINT16_MAX; -+ uint32_t normal_caps = 0; -+ size_t file_size = 20*1024*1024; -+ TALLOC_CTX *frame = talloc_stackframe(); -+ size_t i; -+ struct { -+ const char *name; -+ enum smb_signing_setting signing_setting; -+ enum protocol_types protocol; -+ } runs[] = { -+ { -+ .name = "NT1", -+ .signing_setting = SMB_SIGNING_IF_REQUIRED, -+ .protocol = PROTOCOL_NT1, -+ },{ -+ .name = "NT1 - SIGNING_REQUIRED", -+ .signing_setting = SMB_SIGNING_REQUIRED, -+ .protocol = PROTOCOL_NT1, -+ }, -+ }; -+ -+ printf("starting large_readx test\n"); -+ -+ if (!torture_open_connection(&cli1, 0)) { -+ goto out; -+ } -+ -+ normal_caps = smb1cli_conn_capabilities(cli1->conn); -+ -+ if (!(normal_caps & CAP_LARGE_READX)) { -+ d_printf("Server doesn't have CAP_LARGE_READX 0x%x\n", -+ (unsigned int)normal_caps); -+ goto out; -+ } -+ -+ /* Create a file of size 4MB. */ -+ status = cli_ntcreate(cli1, fname, 0, GENERIC_ALL_ACCESS, -+ FILE_ATTRIBUTE_NORMAL, 0, FILE_OVERWRITE_IF, -+ 0, 0, &fnum1); -+ -+ if (!NT_STATUS_IS_OK(status)) { -+ d_printf("open %s failed: %s\n", fname, nt_errstr(status)); -+ goto out; -+ } -+ -+ /* Write file_size bytes. */ -+ buf = talloc_zero_array(frame, uint8_t, file_size); -+ if (buf == NULL) { -+ goto out; -+ } -+ -+ status = cli_writeall(cli1, -+ fnum1, -+ 0, -+ buf, -+ 0, -+ file_size, -+ NULL); -+ if (!NT_STATUS_IS_OK(status)) { -+ d_printf("cli_writeall failed: %s\n", nt_errstr(status)); -+ goto out; -+ } -+ -+ status = cli_close(cli1, fnum1); -+ if (!NT_STATUS_IS_OK(status)) { -+ d_printf("cli_close failed: %s\n", nt_errstr(status)); -+ goto out; -+ } -+ -+ fnum1 = UINT16_MAX; -+ -+ for (i=0; i < ARRAY_SIZE(runs); i++) { -+ enum smb_signing_setting saved_signing_setting = signing_state; -+ uint16_t fnum2 = -1; -+ -+ if (do_encrypt && -+ (runs[i].signing_setting == SMB_SIGNING_REQUIRED)) -+ { -+ d_printf("skip[%u] - %s\n", (unsigned)i, runs[i].name); -+ continue; -+ } -+ -+ d_printf("run[%u] - %s\n", (unsigned)i, runs[i].name); -+ -+ signing_state = runs[i].signing_setting; -+ cli2 = open_nbt_connection(); -+ signing_state = saved_signing_setting; -+ if (cli2 == NULL) { -+ goto out; -+ } -+ -+ status = smbXcli_negprot(cli2->conn, -+ cli2->timeout, -+ runs[i].protocol, -+ runs[i].protocol); -+ if (!NT_STATUS_IS_OK(status)) { -+ goto out; -+ } -+ -+ status = cli_session_setup(cli2, -+ username, -+ password, -+ strlen(password)+1, -+ password, -+ strlen(password)+1, -+ workgroup); -+ if (!NT_STATUS_IS_OK(status)) { -+ goto out; -+ } -+ -+ status = cli_tree_connect(cli2, -+ share, -+ "?????", -+ password, -+ strlen(password)+1); -+ if (!NT_STATUS_IS_OK(status)) { -+ goto out; -+ } -+ -+ cli_set_timeout(cli2, 120000); /* set a really long timeout (2 minutes) */ -+ -+ normal_caps = smb1cli_conn_capabilities(cli2->conn); -+ -+ if (!(normal_caps & CAP_LARGE_READX)) { -+ d_printf("Server doesn't have CAP_LARGE_READX 0x%x\n", -+ (unsigned int)normal_caps); -+ goto out; -+ } -+ -+ if (do_encrypt) { -+ if (force_cli_encryption(cli2, share) == false) { -+ goto out; -+ } -+ } else if (SERVER_HAS_UNIX_CIFS(cli2)) { -+ uint16_t major, minor; -+ uint32_t caplow, caphigh; -+ -+ status = cli_unix_extensions_version(cli2, -+ &major, &minor, -+ &caplow, &caphigh); -+ if (!NT_STATUS_IS_OK(status)) { -+ goto out; -+ } -+ } -+ -+ status = cli_ntcreate(cli2, fname, 0, FILE_READ_DATA, -+ FILE_ATTRIBUTE_NORMAL, 0, FILE_OPEN, -+ 0, 0, &fnum2); -+ if (!NT_STATUS_IS_OK(status)) { -+ d_printf("Second open %s failed: %s\n", fname, nt_errstr(status)); -+ goto out; -+ } -+ -+ /* All reads must return less than file_size bytes. */ -+ if (!large_readx_tests(cli2, fnum2, buf)) { -+ goto out; -+ } -+ -+ status = cli_close(cli2, fnum2); -+ if (!NT_STATUS_IS_OK(status)) { -+ d_printf("cli_close failed: %s\n", nt_errstr(status)); -+ goto out; -+ } -+ fnum2 = -1; -+ -+ if (!torture_close_connection(cli2)) { -+ goto out; -+ } -+ cli2 = NULL; -+ } -+ -+ correct = true; -+ printf("Success on large_readx test\n"); -+ -+ out: -+ -+ if (cli2) { -+ if (!torture_close_connection(cli2)) { -+ correct = false; -+ } -+ } -+ -+ if (cli1) { -+ if (fnum1 != UINT16_MAX) { -+ status = cli_close(cli1, fnum1); -+ if (!NT_STATUS_IS_OK(status)) { -+ d_printf("cli_close failed: %s\n", nt_errstr(status)); -+ } -+ fnum1 = UINT16_MAX; -+ } -+ -+ status = cli_unlink(cli1, fname, -+ FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN); -+ if (!NT_STATUS_IS_OK(status)) { -+ printf("unlink failed (%s)\n", nt_errstr(status)); -+ } -+ -+ if (!torture_close_connection(cli1)) { -+ correct = false; -+ } -+ } -+ -+ TALLOC_FREE(frame); -+ -+ printf("finished large_readx test\n"); -+ return correct; -+} -+ - static bool run_cli_echo(int dummy) - { - struct cli_state *cli; -@@ -9151,6 +9486,7 @@ static struct { - { "CHAIN2", run_chain2, 0}, - { "CHAIN3", run_chain3, 0}, - { "WINDOWS-WRITE", run_windows_write, 0}, -+ { "LARGE_READX", run_large_readx, 0}, - { "NTTRANS-CREATE", run_nttrans_create, 0}, - { "NTTRANS-FSCTL", run_nttrans_fsctl, 0}, - { "CLI_ECHO", run_cli_echo, 0}, --- -1.8.1.3 - - -From a583f665617302e4e554e01014eb34aeaaece16c Mon Sep 17 00:00:00 2001 -From: Jeremy Allison -Date: Wed, 13 Mar 2013 15:45:12 -0700 -Subject: [PATCH 14/16] s3:selftest: Add LARGE_READX test into our make test - infrastructure. - -Tested against non-encrypted and encrypted connections. - -Signed-off-by: Jeremy Allison -Reviewed-by: Stefan Metzmacher ---- - source3/selftest/tests.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py -index 57c80f2..4453c4d 100755 ---- a/source3/selftest/tests.py -+++ b/source3/selftest/tests.py -@@ -54,7 +54,7 @@ plantestsuite("samba3.blackbox.registry.upgrade", "s3dc:local", [os.path.join(sa - tests = ["FDPASS", "LOCK1", "LOCK2", "LOCK3", "LOCK4", "LOCK5", "LOCK6", "LOCK7", "LOCK9", - "UNLINK", "BROWSE", "ATTR", "TRANS2", "TORTURE", - "OPLOCK1", "OPLOCK2", "OPLOCK4", "STREAMERROR", -- "DIR", "DIR1", "DIR-CREATETIME", "TCON", "TCONDEV", "RW1", "RW2", "RW3", "RW-SIGNING", -+ "DIR", "DIR1", "DIR-CREATETIME", "TCON", "TCONDEV", "RW1", "RW2", "RW3", "LARGE_READX", "RW-SIGNING", - "OPEN", "XCOPY", "RENAME", "DELETE", "DELETE-LN", "PROPERTIES", "W2K", - "TCON2", "IOCTL", "CHKPATH", "FDSESS", "CHAIN1", "CHAIN2", - "CHAIN3", --- -1.8.1.3 - - -From 6aabf00e5d4dbab653bc60164d855e2f8452541f Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Tue, 19 Mar 2013 17:11:03 +0100 -Subject: [PATCH 15/16] s4:torture: raw.read fix large reads against windows - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Jeremy Allison ---- - source4/torture/raw/read.c | 12 +++--------- - 1 file changed, 3 insertions(+), 9 deletions(-) - -diff --git a/source4/torture/raw/read.c b/source4/torture/raw/read.c -index 6586177..5a5ffee 100644 ---- a/source4/torture/raw/read.c -+++ b/source4/torture/raw/read.c -@@ -529,7 +529,7 @@ static bool test_readx(struct torture_context *tctx, struct smbcli_state *cli) - printf("SAMBA: large read extension\n"); - CHECK_VALUE(io.readx.out.nread, 80000); - } else { -- CHECK_VALUE(io.readx.out.nread, 0); -+ CHECK_VALUE(io.readx.out.nread, 0x10000); - } - CHECK_BUFFER(buf, seed, io.readx.out.nread); - -@@ -569,13 +569,7 @@ static bool test_readx(struct torture_context *tctx, struct smbcli_state *cli) - io.readx.in.maxcnt = 0x10000; - status = smb_raw_read(cli->tree, &io); - CHECK_STATUS(status, NT_STATUS_OK); -- if (torture_setting_bool(tctx, "samba3", false) || -- torture_setting_bool(tctx, "samba4", false)) { -- printf("SAMBA: large read extension\n"); -- CHECK_VALUE(io.readx.out.nread, 0x10000); -- } else { -- CHECK_VALUE(io.readx.out.nread, 0); -- } -+ CHECK_VALUE(io.readx.out.nread, 0x10000); - - io.readx.in.maxcnt = 0x10001; - status = smb_raw_read(cli->tree, &io); -@@ -585,7 +579,7 @@ static bool test_readx(struct torture_context *tctx, struct smbcli_state *cli) - printf("SAMBA: large read extension\n"); - CHECK_VALUE(io.readx.out.nread, 0x10001); - } else { -- CHECK_VALUE(io.readx.out.nread, 0); -+ CHECK_VALUE(io.readx.out.nread, 0x10000); - } - } else { - printf("Server does not support the CAP_LARGE_READX extension\n"); --- -1.8.1.3 - - -From d51a804664e5525c12d979da7788a4aa21e42af3 Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Wed, 20 Mar 2013 08:49:20 +0100 -Subject: [PATCH 16/16] s4:torture: let raw.read accept larger reads than - 0x10000 - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Jeremy Allison ---- - source4/torture/raw/read.c | 6 ++---- - 1 file changed, 2 insertions(+), 4 deletions(-) - -diff --git a/source4/torture/raw/read.c b/source4/torture/raw/read.c -index 5a5ffee..59089bf 100644 ---- a/source4/torture/raw/read.c -+++ b/source4/torture/raw/read.c -@@ -524,8 +524,7 @@ static bool test_readx(struct torture_context *tctx, struct smbcli_state *cli) - CHECK_STATUS(status, NT_STATUS_OK); - CHECK_VALUE(io.readx.out.remaining, 0xFFFF); - CHECK_VALUE(io.readx.out.compaction_mode, 0); -- if (torture_setting_bool(tctx, "samba3", false) || -- torture_setting_bool(tctx, "samba4", false)) { -+ if (io.readx.out.nread == io.readx.in.maxcnt) { - printf("SAMBA: large read extension\n"); - CHECK_VALUE(io.readx.out.nread, 80000); - } else { -@@ -574,8 +573,7 @@ static bool test_readx(struct torture_context *tctx, struct smbcli_state *cli) - io.readx.in.maxcnt = 0x10001; - status = smb_raw_read(cli->tree, &io); - CHECK_STATUS(status, NT_STATUS_OK); -- if (torture_setting_bool(tctx, "samba3", false) || -- torture_setting_bool(tctx, "samba4", false)) { -+ if (io.readx.out.nread == io.readx.in.maxcnt) { - printf("SAMBA: large read extension\n"); - CHECK_VALUE(io.readx.out.nread, 0x10001); - } else { --- -1.8.1.3 - diff --git a/samba.spec b/samba.spec index 85fcf65..eda5a72 100644 --- a/samba.spec +++ b/samba.spec @@ -1,13 +1,13 @@ # Set --with testsuite or %bcond_without to run the Samba torture testsuite. %bcond_with testsuite -%define main_release 3 +%define main_release 1 -%define samba_version 4.0.4 +%define samba_version 4.0.5 %define talloc_version 2.0.7 %define ntdb_version 0.9 %define tdb_version 1.2.11 -%define tevent_version 0.9.17 +%define tevent_version 0.9.18 %define ldb_version 1.1.15 # This should be rc1 or nil %define pre_release %nil @@ -76,11 +76,6 @@ Source6: samba.pamd Source200: README.dc Source201: README.downgrade -Patch0: samba-4.0.3-fix_pidl_with_gcc48.patch -Patch1: samba-4.0.3-fix_pdb_ldapsam.patch -Patch2: samba-4.0.3-fix_libcmdline-credentials_linking.patch -Patch3: samba-4.0.4-fix_large_read_handling.patch - BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) Requires(pre): /usr/sbin/groupadd @@ -435,11 +430,6 @@ the local kerberos library to use the same KDC as samba and winbind use %prep %setup -q -n samba-%{version}%{pre_release} -%patch0 -p1 -b .pidl_gcc48 -%patch1 -p1 -b .pdb_ldapsam -%patch2 -p1 -b .libreplace_linking -%patch3 -p1 -b .large_read - %build %global _talloc_lib ,talloc,pytalloc,pytalloc-util %global _tevent_lib ,tevent,pytevent @@ -868,7 +858,6 @@ rm -rf %{buildroot} %{_sbindir}/samba_dnsupdate %{_sbindir}/samba_spnupdate %{_sbindir}/samba_upgradedns -%{_sbindir}/samba_upgradeprovision %{_libdir}/mit_samba.so %{_libdir}/samba/bind9/dlz_bind9.so %{_libdir}/samba/libheimntlm-samba4.so.1 @@ -1357,6 +1346,9 @@ rm -rf %{buildroot} %{_mandir}/man7/winbind_krb5_locator.7* %changelog +* Tue Apr 10 2013 - Andreas Schneider - 2:4.0.5-1 +- Update to Samba 4.0.5. + * Fri Mar 22 2013 - Andreas Schneider - 2:4.0.4-3 - resolves: #919405 - Fix and improve large_readx handling for broken clients. - resolves: #924525 - Don't use waf caching.