IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Because we should not call smbd_smb2_request_error() on an
request that is still running.
If the subreq implementes a cancel function, this should
take care of triggering smbd_smb2_request_error.
metze
Signed-off-by: Michael Adam <obnox@samba.org>
removes unnneccary checks/assignments for compound_related and next_status
and duplicate setting of error status.
And remove (now) unused next_status from struct smbd_smb2_request.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
If we can find a valid session or tcon we'll set it after the lookup,
but it need to make sure to reset it if we don't find the session.
This fixes a problem where a compound unrelated request between
related requests doesn't reset the session.
If we have 3 requests in a compound chain, request 3 should never
use the id's cached from request 1. It should only every inherit
handles from request 2.
metze
Replaces blanket root allow if set. Set to 'false' for
all current callers.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep 15 00:37:49 CEST 2012 on sn-devel-104
Sorry for the mistake, but the LastDir singleton cache in vfs_ChDir()
actually plays an important role. When we're processing a stream of
SMB1/SMB2/SMB3 requests we don't want to add a chdir()/getcwd()
system call pair on every request if they're all on the same connection
and dealing with the same base path.
I did some testing with a program that times 1,000,000 chdir()
requests vs. 1,000,000 strcmp requests and it's a penalty of 10x
doing the system calls.
Just because it's old code, doesn't mean it's bad :-(.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Sep 13 21:31:42 CEST 2012 on sn-devel-104
This will allow us to hash this, rather than the NT ACL it maps to.
This will in turn allow us to know if the NT ACL is valid even if we
have to change the mapping code.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep 12 07:06:01 CEST 2012 on sn-devel-104
Ensure we know after the destructor fires we're never going to
look at this again.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 12 03:00:21 CEST 2012 on sn-devel-104
The only difference between batch and exclusive oplocks is the time of
the check: Batch is checked before the share mode check, exclusive after.
Signed-off-by: Jeremy Allison <jra@samba.org>
We only grant durable handles for CIFS/SMB2 only access,
that means "kernel oplocks", "kernel share modes" and "posix locking"
need to be set to "no".
For now we also don't grant durable handles if delete on close
is active on the handle.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Sep 8 13:05:05 CEST 2012 on sn-devel-104
This does not yet cover persistent handle support which is also
negotiated through these create request blobs.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
When a client disconnects while we have aio open, there is no close
request that cleans up. We can't send out the replies anymore, so
just drop the aio requests that are pending.
Found using the new python lib writing multiple files simultaneously
TODO: check tdis and logoff
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Sep 8 01:27:34 CEST 2012 on sn-devel-104
Signed-off-by: Björn Jacke <bj@sernet.de>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Thu Sep 6 10:47:18 CEST 2012 on sn-devel-104
This should be essentially dead code, as while it is possible to disable sysquotas, the sysquotas has since 2003 supported the 4A varient used on IRIX.
Andrew Bartlett
Signed-off-by: Björn Jacke <bj@sernet.de>
This should be essentially dead code, as while it is possible to disable sysquotas, the sysquotas has since 2003 supported the 4A varient used on HPUX.
Andrew Bartlett
Signed-off-by: Björn Jacke <bj@sernet.de>
This is essentially dead code, as while it is possible to disable
sysquotas, the default for BSD is now to use sysquotas with the
addition of 4B support via the recent Darwin patch by James Peach.
NFS support has been in sysquotas for quite some time now.
Andrew Bartlett
Signed-off-by: Björn Jacke <bj@sernet.de>
This is essentially dead code, as while it is possible to disable sysquotas, the default
for Linux has been to use sysquotas for quite some time now.
Andrew Bartlett
Signed-off-by: Björn Jacke <bj@sernet.de>
Unicos machines are long gone now (Cray now make Linux compute nodes),
so remove the quota support.
Andrew Bartlett
Signed-off-by: Björn Jacke <bj@sernet.de>
Replace an if-statement by a direct assignment
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 5 01:56:46 CEST 2012 on sn-devel-104
Fix indentation a bit
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep 1 07:07:12 CEST 2012 on sn-devel-104
The estimated EA size needs to be of the main file. However, the fsp
may point to the stream, so we need to ignore it if this is the case.
This may mean we estimate wrong if there has been a rename.
Andrew Bartlett
This ensures that we return the ea size of the stream, not the overall file.
This is important as if there is an EA on the main file, the raw.streams
test was failing.
Andrew Bartlett
It's not the client fault, if he doesn't know that encryption is required.
We should just return ACCESS_DENIED and let the client work on other
shares and open files on the current SMB connection.
metze
We no longer do struct smb_acl_t manipuations via the VFS layer,
which is now reduced to handling the get/set functions.
The only backend that implemented these functions (aside from audit)
was the vfs_default module calling the sys_acl code. The various ACL
implementation modules either worked on the fully initilaised
smb_acl_t object or on NT ACLs.
This not only makes the operation of the posix ACL code more efficient
(as allocation and free is not put via the VFS), it makes it easier to
test and removes the fantasy that a module could safely redefine this
structure or the behaviour here.
The smb_acls.idl now defines the structure, and it is now allocated
with talloc.
These operations were originally added to the VFS in commit
3bb219161a.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.
Andrew Bartlett
As the test for a valid posix ACL is based on the unix uid/gid only appearing once in the ACL
the merge process also needs to be UID/GID based.
This is a problem when we have multiple builtin groups mapped to the same POSIX group
as happens in a Samba4 provision.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
This is consistent with the rest of Samba which uses this structure to represent
a unix uid or gid.
World values remain represented by the owner_type being WORLD_ACE in the containing
structure. A -1 value is filled in to the unixid.id in the same way the .world value
was initialised in the union.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
When a user owns a file, but does not have specific permissions on that file, we need to
make up the user permissions. This change ensures that the first thing that we do
is to look up the SID, and confirm it is a user. Then, we avoid the getpwnam()
and directly create the token via the SID.
Andrew Bartlett
Signed-off-by: Jeremy Allison <jra@samba.org>
This reverts commit 98ccca8dca.
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 10 17:35:38 CEST 2012 on sn-devel-104
req->in.vector[0] is reserved for the transport and might be removed in future.
This is currently always { NULL, 0 }, as it's not used, by our
transport layer code. The SMB2 layer should never touch this!
metze
A timed brlock with 2 locks comes in and the second one blocks,
file is closed. smbd_cancel_pending_lock_requests_by_fid sets
blr->fsp to NULL. reply_lockingX_error (called via
MSG_SMB_BLOCKING_LOCK_CANCEL) deferences blr->fsp because
blr->lock_num==1 (the second one blocked).
This patch fixes the bug by only undoing the locks if fsp!=NULL.
fsp==NULL is the close case where everything is undone anyway.
Thanks to Peter Somogyi, somogyi@hu.ibm.com for this bug report.
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Aug 8 04:12:04 CEST 2012 on sn-devel-104
We need to defer the signing until we know the response
doesn't change anymore before it goes over the wire.
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug 7 20:29:30 CEST 2012 on sn-devel-104
Use straight talloc strings. This is the only user outside loadparm.c.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This changes the way we read SMB2 traffic from the socket,
now as create just one large buffer for the whole NBT payload
and then split it into iovec elements in smbd_smb2_inbuf_parse_compound()
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Aug 6 21:54:35 CEST 2012 on sn-devel-104
If we reach this code i is currently always 1, but it's easier to unstand this
way.
metze
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Aug 5 20:00:26 CEST 2012 on sn-devel-104
Look for Server.Session.SessionKeyState in [MS-SMB].
The first SMBtconX sets the state to available, which makes it possible
to protect the session key at that stage, if client and server
support TREE_CONNECT_ANDX_EXTENDED_SIGNATURE.
metze
We already have a server address in sockaddr_storage format.
Also the name "client_socket" was very miss leading,
as it returns the local address of the socket.
metze
Only Windows8 Beta uses this and it's broken, the client send wrong
capabilities. Just returning an error seems to be fine for the Windows8 Beta
client.
metze
The core smbd must have taken care of this. If we don't do this properly,
we have a race of the close(2) against a pwrite(2). We might end up
writing to the wrong file.
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 19 03:40:17 CEST 2012 on sn-devel-104