From ed0c52128384fccceee538a04db01a28db00f40d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 7 Jun 2018 00:47:30 -0700 Subject: [PATCH 1/3] WHATSNEW.txt: Updated with VFS ABI changes for 4.9.0. Signed-off-by: Jeremy Allison Reviewed-by: Kai Blin --- WHATSNEW.txt | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 574e9b27e68..b9c80cf9d80 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -72,6 +72,21 @@ to allow better Windows fileserver compatibility in a default install. store dos attributes Default changed yes ea support Default changed yes +VFS interface changes +===================== + +The VFS ABI interface version has changed to 39. Function changes +are: + +SMB_VFS_FSYNC: Removed: Only async versions are used. +SMB_VFS_READ: Removed: Only PREAD or async versions are used. +SMB_VFS_WRITE: Removed: Only PWRITE or async versions are used. +SMB_VFS_CHMOD_ACL: Removed: Only CHMOD is used. +SMB_VFS_FCHMOD_ACL: Removed: Only FCHMOD is used. + +Any external VFS modules will need to be updated to match these +changes in order to work with 4.9.x. + KNOWN ISSUES ============ -- 2.11.0 From ba00798db520973b3367bca63896f64ef557889a Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Fri, 8 Jun 2018 18:20:16 +0200 Subject: [PATCH 2/3] dns: Add a test to trigger the LDB casefolding issue on invalid chars Signed-off-by: Kai Blin --- python/samba/tests/dns_invalid.py | 87 +++++++++++++++++++++++++++++++++++++++ selftest/knownfail.d/dns | 3 ++ source4/selftest/tests.py | 3 ++ 3 files changed, 93 insertions(+) create mode 100644 python/samba/tests/dns_invalid.py diff --git a/python/samba/tests/dns_invalid.py b/python/samba/tests/dns_invalid.py new file mode 100644 index 00000000000..9f87cd56084 --- /dev/null +++ b/python/samba/tests/dns_invalid.py @@ -0,0 +1,87 @@ +# Unix SMB/CIFS implementation. +# Copyright (C) Kai Blin 2018 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +import os +import sys +import struct +import random +import socket +import samba.ndr as ndr +from samba import credentials, param +from samba.dcerpc import dns, dnsp, dnsserver +from samba.netcmd.dns import TXTRecord, dns_record_match, data_to_dns_record +from samba.tests.subunitrun import SubunitOptions, TestProgram +from samba import werror, WERRORError +from samba.tests.dns_base import DNSTest +import samba.getopt as options +import optparse + +parser = optparse.OptionParser("dns_invalid.py [options]") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) + +# This timeout only has relevance when testing against Windows +# Format errors tend to return patchy responses, so a timeout is needed. +parser.add_option("--timeout", type="int", dest="timeout", + help="Specify timeout for DNS requests") + +# use command line creds if available +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +subunitopts = SubunitOptions(parser) +parser.add_option_group(subunitopts) + +opts, args = parser.parse_args() + +lp = sambaopts.get_loadparm() +creds = credopts.get_credentials(lp) + +timeout = opts.timeout + +if len(args) < 1: + parser.print_usage() + sys.exit(1) + +server_ip = args[0] +creds.set_krb_forwardable(credentials.NO_KRB_FORWARDABLE) + + +class TestBrokenQueries(DNSTest): + def setUp(self): + super(TestBrokenQueries, self).setUp() + global server, server_ip, lp, creds, timeout + self.server_ip = server_ip + self.lp = lp + self.creds = creds + self.timeout = timeout + + def test_invalid_chars_in_name(self): + """Check the server refuses invalid characters in the query name""" + p = self.make_name_packet(dns.DNS_OPCODE_QUERY) + questions = [] + + name = "\x10\x11\x05\xa8.%s" % self.get_dns_domain() + q = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN) + print "asking for ", q.name + questions.append(q) + + self.finish_name_packet(p, questions) + (response, response_packet) = self.dns_transaction_udp(p, host=server_ip) + self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXDOMAIN) + + +TestProgram(module=__name__, opts=subunitopts) diff --git a/selftest/knownfail.d/dns b/selftest/knownfail.d/dns index cb3003240ea..140ded24fa0 100644 --- a/selftest/knownfail.d/dns +++ b/selftest/knownfail.d/dns @@ -45,3 +45,6 @@ samba.tests.dns.__main__.TestSimpleQueries.test_qtype_all_query\(rodc:local\) # The SOA override should not pass against the RODC, it must not overstamp samba.tests.dns.__main__.TestSimpleQueries.test_one_SOA_query\(rodc:local\) + +# This still needs to be fixed in LDB +samba.tests.dns_invalid.__main__.TestBrokenQueries.test_invalid_chars_in_name\(ad_dc:local\) diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py index 069128b2e84..a7dd1409e49 100755 --- a/source4/selftest/tests.py +++ b/source4/selftest/tests.py @@ -376,6 +376,9 @@ plantestsuite_loadlist("samba.tests.dns_forwarder", "fl2003dc:local", [python, o plantestsuite_loadlist("samba.tests.dns_tkey", "fl2008r2dc", [python, os.path.join(srcdir(), "python/samba/tests/dns_tkey.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT']) plantestsuite_loadlist("samba.tests.dns_wildcard", "ad_dc", [python, os.path.join(srcdir(), "python/samba/tests/dns_wildcard.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT']) + +plantestsuite_loadlist("samba.tests.dns_invalid", "ad_dc", [python, os.path.join(srcdir(), "python/samba/tests/dns_invalid.py"), '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT']) + for t in smbtorture4_testsuites("dns_internal."): plansmbtorture4testsuite(t, "ad_dc_ntvfs:local", '//$SERVER/whavever') -- 2.11.0 From 2d6c471b3a54d082d99fa6c4bb97f4b4c5160e44 Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Fri, 8 Jun 2018 21:20:58 +0200 Subject: [PATCH 3/3] ldb: fix crash in ltdb_index_dn_attr Still needs a cmocka test Signed-off-by: Kai Blin --- lib/ldb/ldb_tdb/ldb_index.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c index 04ffbad65cd..48dd75b7e8a 100644 --- a/lib/ldb/ldb_tdb/ldb_index.c +++ b/lib/ldb/ldb_tdb/ldb_index.c @@ -1585,6 +1585,10 @@ static int ltdb_index_dn_attr(struct ldb_module *module, /* work out the index key from the parent DN */ val.data = (uint8_t *)((uintptr_t)ldb_dn_get_casefold(dn)); + if (!val.data) { + return LDB_ERR_NO_SUCH_OBJECT; + } + val.length = strlen((char *)val.data); key = ltdb_index_key(ldb, ltdb, attr, &val, NULL, truncation); if (!key) { -- 2.11.0