IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
place to do this, not in smbd/passwd.c
Please don't change this without asking first, I have run this past
Andrew so talk to him (I'm on vacation next week).
I also removed the g_newXXX macros. There are essentially a private C extension,
not used anywhere else in the code, and add no functionality over malloc(XX)
and make the code harder to understand (everyone knows what malloc does).
Jeremy.
jeremy, the intent is to call se_access_check() with usr-sid, grp-sid,
array-of-group-rids (but array-of-group-sids would do).
please do look at smbd/lanman.c's api_NetWkstaGetInfo, it will show you
that we really do need to store the entire NET_USER_INFO_3 structure.
then again, api_NetWkstaGetInfo is only used by win9x so who cares :)
as there is no infrastructure for it. Replaced it with a dynamic array
of group SIDs plus a user.
passdb/passdb.c: Added setup_user_sids() function. This is where the lookup should be done,
eventually calling winbind.
smbd/password.c: Changed to call setup_user_sids(). Removed spurious DEBUG(0) statements.
smbd/reply.c: Removed extra parameter to register_vuid().
Jeremy.
servers. Very intuitive.
Removed the dfs map parsing code and tdb maintenance code (files
msdfs/parse_dfs_map.c & msdfs/msdfs_tdb.c), dfs map loading and unloading
calls (param/loadparm.c smbd/server.c).
Added code to display msdfs format symlinks as directories in a
transact2_findfirst/findnext. (smbd/trans2.c)
Modified msdfs/msdfs.c to use the msdfs symlinks to
create dfs referrals.
Changed msdfs/README to reflect new operability.
rpc_server/srv_pipe.c: Use accessor functions rather than diddling with structure
internals directly.
smbd/process.c:
smbd/reply.c: Remove READ_PREDICTION #ifdefs.
Jeremy.
thsi function and the associated header structure were autogenerated
using a little awk based code geerator I wroe ths evening. I'll commit
that next ...
libsmb/clilist.c:
rpc_server/srv_spoolss_nt.c:
smbd/trans2.c: Changed unistr_to_ascii to unistr_to_dos - do codepage conversion.
msdfs/msdfs.c: Removed stub unistr_to_dos.
libsmb/pwd_cache.c: Removed obfuscation functions as they don't do anything and
don't add any security.
Jeremy.
rpc_server/srv_pipe_hnd.c: Bring into sync with 2.0.x.
smbd/blocking.c: Improve blocking debug reporting.
utils/torture.c: Added check for NT locking bug.
Jeremy.
we needed to accept usernames of the form DOMAIN/user, which means we
needed to pass the domain to a getpwnam() like routine in certain
critical spots.
What I'd rather do is get rid of "char *user" everywhere and use the
new userdom_struct, but that will have to wait a few days.
userdom_struct. As the name implies this also contains a domain
(unused at the moment).
This will be important shortly, as operation in appliance mode needs
the domain to be always carried with the username.
call to ms_fnmatch(). This also removes all the Win9X semantics stuff
and a bunch of other associated cruft.
- moved the stat cache code into statcache.c
- fixed the uint16 alignment requirements of ascii_to_unistr() and
unistr_to_ascii()
- trans2 SMB_FIND_FILE_BOTH_DIRECTORY_INFO returns the short name as
unicode always (at least thats what NT4 does)
- fixed some errors in the in-memory tdb code. Still ugly, but doesn't
crash as much
soon in smbd/service.c (file operations were being done after the
handle was closed).
It looks cleaner in smbd/conn.c as it is part of the closing of a conn
struct anyway.
Jeremy.
fd_close now calls fd_close_posix() directly.
set_posix_lock/release_posix_lock() now handle the reference counting.
More changes due when this gets moved to the file locking/posix.c
Jeremy.
When a file is being closed, once it passes the fnum and tid tests then
the locking context should be ignored when removing all locks. This is
what is done in the brl close case, but when you have outstanding
POSIX locks, then you cannot remove all the brl locks in one go, you
have to get the lock list and call do_unlock individually. As this
uses global_smbpid as the locking context, you need to make sure
that this is set correctly for the specific lock being removed. I
now do this by storing the smbpid in each entry in the unlock list returned from
the query call. I removed the smbpid from fsp (not needed) and
things seem ok (even with the stupid smbpid tricks that smbtorture plays :-).
Jeremy.
smbpid used when a file was opened in the files_struct. Else we use
the wrong global_smbpid when we are closing the file and trying to
remove the brl locks - this causes the brl locks to be left when the
file is closed as the samba_context check fails.
Jeremy.
removed from the smbd/open.c code.
We now use a dlink list of structures indexed by dev/inode to store
all pending fd's for close. This could be rewritten to use lib/hash.c
if this is discovered to be too slow in use.
Andrew, please take a look and let me know if this is what you
had in mind.
Jeremy.
test. Was miscounting posix locks, plus was not taking into account
the case where other_fsp == fsp in the 'move locks' case. DOH ! This
code will be re-written anyway :-).
Jeremy.
open on the same dev/inode pair with existing POSIX locks.
This is done at the smbd/open layer, so smbd just calls fd_close() and
the transfer of any open fd's is done under the covers of fd_close().
When an fsp is closed and no other fsp's open on the same dev/inode
pair have existing POSIX locks then all fd's associated with this fsp
are closed.
Now only the hard part of doing the POSIX range unlock code when read
locks overlap remains for full POSIX/SMB lock integration....
Jeremy.
fsp->open is no longer needed (if an fsp pointer is valid, then it's open :-).
NB for Luke, this patch also did not apply to TNG. TNG is not yet
identical w.r.t file serving with HEAD. This makes it impossible for
me to help maintain TNG. Please fix asap.
lib/substitute.c: Removed unused variable (pidstr).
Jeremy.
new open mechanism Andrew & I discussed.
config.sub:
configure: Included the QNX patch.
include/vfs.h:
smbd/vfs-wrap.c:
smbd/vfs.c: Added ftruncate vfs call (needed).
Note that we will also need locking calls in the vfs (to be added).
lib/util_unistr.c:
nmbd/nmbd_processlogon.c: Fix for NT domain logons causing nmbd to core dump.
Also fix for sidsize DOS bug.
locking/locking.c: Check value of ret before using it for memdup.
printing/printing.c: Convert print_fsp_open to return an allocated fsp.
rpc_server/srv_lsa.c: Fix for NT domain logons.
I have removed all use of lp_share_modes() from the code (although I
left the parameter in the table for backwards compatibility). It no longer makes
sense for this to exist.
smbd/close.c: Removed lp_share_modes().
smbd/fileio.c: Fixed parameters to unlock_share_entry call in panic code.
smbd/files.c: Correctly set the unix_ERR_code to ERRnofids on fsp allocation fail.
smbd/nttrans.c:
smbd/reply.c:
smbd/trans2.c: Changed all occurrences of open_file_shared/open_directory/
open_file_stat to return an fsp from the call.
smbd/open.c: Changed all occurrences of open_file_shared/open_directory/
open_file_stat to return an fsp from the call.
In addition I have fixed a long standing race condition in the deny mode
processing w.r.t. two smbd's creating a file. Andrew, please note that
your original idea of using open with O_EXCL in this case would not work
(I went over the races very carefully) and so we must re-check deny modes
*after* the open() call returns. This is because there is a race between
the open with O_EXCL and the lock of the share mode entry. Imagine the
case where the first smbd does the open with O_EXCL and a deny mode of DENY_ALL,
but is pre-empted before it locks the share modes and creates the deny
mode entry for DENY_ALL. A second smbd could then come in with O_RDONLY
and a deny mode of DENY_NONE and the two opens would be allowed.
The *only* way to fix this race is to lock the share modes after the
open and then do the deny mode checks *after* this lock in the case
where the file did not originally exist.
This code will need extensive testing but seems to initially work.
Jeremy.
printing/printing.c: Cast tdb_delete to (tdb_traverse_func) to stop warning.
tmpfile gives mirror warning.
smbd/groupname.c: Remember to file_lines_free() on exit.
tdb/tdb.h: Add tdb_traverse_func typedef.
Jeremy
------------
The following series of commits are for the new tdb based printing
backend. This completely replaces our old printing backend.
Major changes include:
- all print ops are now done in printing/*.c rather than scattered all
over the place
- system job ids are decoupled from SMB job ids
- the lpq parsers don't need to be nearly so smart, they only need to
parse the filename, the status and system job id
- we can store lots more info about a job, including the full job name
- the queue cache control is much better
I also added a new utility routine file_lines_load() that loads a text
file and parses it into lines. This is used in out lpq parsing and I
also want to use it to replace all of our fgets() based code in other
places.
Modified to do checks in timeout processing not in main loop. This (IMHO)
is the correct place as (a) we are already root, and (b) it is guarenteed
to be called every 200 smb requests.
Jeremy.
include/includes.h: Added SMB_BIG_UINT_BITS.
lib/util.c: Removed align2/align4 - use macros.
libsmb/namequery.c: Use ALIGN2.
locking/locking.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T.
Needed to move to hiding POSIX locks at a lower layer.
nmbd/nmbd_processlogon.c: Use ALIGN2/ALIGN4 macros.
smbd/blocking.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T.
smbd/reply.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T.
Jeremy.
assumption that we have one socket everywhere
while doing so I discovered a few bugs!
1) the clientgen session retarget code if used from smbd or nmbd would
cause a crash as it called close_sockets() which closed our main
socket! fixed by removing close_sockets() completely - it is unnecessary
2) the caching in client_addr() and client_name() was bogus - it could
easily get fooled and give the wrong result. fixed.
3) the retarget could could recurse, allowing an easy denial of
service attack on nmbd. fixed.
handling to printing/printing.c
most of this was just replacing things like fsp->fd_ptr->fd with fsp->fd
the changes in open.c are quite dramatic. Most of it is removing all
the functions that handled the fd multiplexing
was small enough to pass the SMBtrans max data test we weren't setting the
"more data needed" error. I was fogetting the RPC_HEADER_LEN.... I now
check the correct length (current pdu staging area length). More printer
spool enum stuff works now. This bug does not affect TNG.
Jeremy.
the previous definition could result is us overflowing a buffer. The
null termination was always added yet the size returned did not
include the null termination.
the new function takes a BOOL null_terminate, and always returns the
total number of bytes consumed by the string.
include/byteorder.h: Added alignment macros.
include/nameserv.h: Added defines for msg_type field options - from rfc1002.
lib/time.c: Typo fix.
lib/util_unistr.c: Updates from UNICODE branch.
printing/nt_printing.c: bzero -> memset.
smbd/connection.c: Added check for UT_SYSLEN for utmp code.
Other fixes : Rollback of unapproved commit from Luke.
Please *ask* next time before doing large changes to HEAD.
Jeremy.
smbd/negprot.c:
smbd/reply.c: Fixes to recognise Win2k.
param/loadparm.c: Put debug timestamp parameter back to correct default.
smbd/nttrans.c: Fix to detect Win2k unicode bug with transact create.
Jeremy.
Instead of a #ifdef MS_DFS in call_trans2getdfsreferral()... , now using a generic call leading to some #define problems.. hopefully I've corrected the last of them.
on the glibc source code and are safer than the traditional popen as
they don't use a shell to exec the requested command. Now we have
these functions they can be tightened up (environment etc.) as required
to make a safe popen. It should now be safe to add the environement
variable loading code to loadparm.c
Jeremy.
I've finally got the access table code right for the case where the
two opens are on the same connection. It is _incredibly_ complex, but
now all 1296 test cases pass.
I'll be very surprised if anyone by MS and us gets this right at
CIFS2000
*.sym and *.com files. I still find it incredible that SMB treats file
locking differently depending on the file name - that is so ugly it
stinks.
anyway, we now behave the same way as NT, except for the
same-connection case which I'm still working on.
note the ugly global_smbpid - I hope that won't bethere for long, I
just didn't want to do two lots of major surgery at the one time.
Using global_smbpid avoids the big change of getting rid of our
inbuf/outbuf interface to reply routines. I'll do that once the
locking stuff passes all tests.
: If a file is resident on NT and the first user opens it read/write with DENY_READ then a subsequent
: attempt by a second user (running under Windows 95) to open it read/write DENY_NONE fails.
: Under samba 2.0.5a the second open succeeds but the file is write only.
Jeremy.
This fixes our netbios scope handling. We now have a 'netbios scope' option
in smb.conf and the scope option is removed from make_nmb_name()
this was prompted by a bug in our PDC finding code where it didn't append
the scope to the query of the '*' name.
I also fixed up the lookup_pdc_name() code so that it now works, even
with a NT server that insists on replying to udp/138.
The method I used to match packets was to use the mailslot string as a
datagram ID. The true dgm_id doesn't work as NT doesn't set it
correctly. uggh.
PS: Jeremy, I had to change your code quite a bit, are you sure this
worked with a Samba PDC?? The code looked broken, it got the offsets
wrong in the SMB portion of the packet and filled in the IP
incorrectly.
yamd is much better, and doesn't require any source code changes
if you haven't seen yamd then take a look at
http://www3.hmc.edu/~neldredge/yamd/
its excellent!
- added TDB_CLEAR_IF_FIRST flag to clear the database if this is the
first attached process. Useful for non-persistent databases like our
locking area (this will also make upgrades to new database layouts easier)
- use lock_path() in a couple of places
- leave connections database open while smbd running
- cleaned up some tdb code a little, using macros for constants
instead of either sysv or mmap shared memory or lock files.
this means we can now completely remove
locking_shm.c
locking_slow.c
shmem.c
shmem_sysv.c
and lots of other things also got simpler
locking.c got a bit larger, but is much better compartmentalised now
done a minimal amout of clean-up in the Makefile, removing unnecessary
modules from the link stage. this is not complete, yet, and will
involve some changes, for example to smbd, to remove dependencies on
the password database API that shouldn't be there. for example,
smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa
API.
this first implementation has minor problems with not reinstantiating
the same services as the caller. the "homes" service is a good example.
pdus, and then feeds them over either a "local" function call or a "remote"
function call to an msrpc service. the "remote" msrpc daemon, on the
other side of a unix socket, then calls the same "local" function that
smbd would, if the msrpc service were being run from inside smbd.
this allows a transition from local msrpc services (inside the same smbd
process) to remote (over a unix socket).
removed reference to pipes_struct in msrpc services. all msrpc processing
functions take rpcsrv_struct which is a structure containing state info
for the msrpc functions to decode and create pdus.
created become_vuser() which does everything not related to connection_struct
that become_user() does.
removed, as best i could, connection_struct dependencies from the nt spoolss
printing code.
todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific
info on a per-connection basis, and if the connection dies then so does
the info, and that's a fairly serious problem.
had to put pretty much everything that is in user_struct into parse_creds.c
to feed unix user info over to the msrpc daemons. why? because it's
expensive to do unix password/group database lookups, and it's definitely
expensive to do nt user profile lookups, not to mention pretty difficult
and if you did either of these it would introduce a complication /
unnecessary interdependency. so, send uid/gid/num_groups/gid_t* +
SID+num_rids+domain_group_rids* + unix username + nt username + nt domain
+ user session key etc. this is the MINIMUM info identified so far that's
actually implemented. missing bits include the called and calling
netbios names etc. (basically, anything that can be loaded into
standard_sub() and standard_sub_basic()...)
damn, this one is bad.
started, at least two days ago, to add an authentication mechanism to
the smbd<->msrpc redirector/relay, such that sufficient unix / nt
information could be transferred across the unix socket to do a
become_user() on the other side of the socket.
it is necessary that the msrpc daemon inherit the same unix and nt
credentials as the smbd process from which it was spawned, until
such time as the msrpc daemon receives an authentication request
of its own, whereupon the msrpc daemon is responsible for authenticating
the new credentials and doing yet another become_user() etc sequence.
one horrible cut / paste job from smbd, plus a code split of shared
components between the two.
the job is not _yet_ complete, as i need to be able to do a become_user()
call for security reasons. i picked lsarpcd first because you don't
_need_ security on it (microsoft botched so badly on this one, it's not
real. at least they fixed this in nt5 with restrictanonymous=0x2).
fixing this involves sending the current smb and unix credentials down
the unix pipe so that the daemon it eventually goes to can pick them
up at the other end.
i can't believe this all worked!!!
