sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code
84,749 Commits 60 Branches 1,145 Tags 452 MiB
12ebb1ba15
Commit Graph

7448 Commits

Author SHA1 Message Date
Volker Lendecke
f67a6c463c s3: Factor out calculation of clear_ads 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-09-04 15:15:00 -07:00
Volker Lendecke
0d869327ed s3: Slightly simplify open_file_ntcreate 
We have not set flags2 before, so do direct assignment and not |=

Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-09-04 15:15:00 -07:00
Volker Lendecke
93e10db3dd s3: Make "open_match_attributes" static 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-09-04 15:15:00 -07:00
Michael Adam
b1966f3118 s3:smbd: in sys_disk_free(), improve a debug message 2012-09-04 20:39:20 +02:00
Michael Adam
cc99189de1 s3:smbd: in sys_disk_free(), improve a debug message 2012-09-04 20:39:20 +02:00
Michael Adam
04ac781626 s3:smbd: in sys_disk_free(), fix line length and indentation of debug statement 2012-09-04 20:39:20 +02:00
Michael Adam
a56d2dea06 s3:smbd: in sys_disk_free(), fix a debug message 2012-09-04 20:39:20 +02:00
Björn Jacke
9dd0e1608e s3: remove some duplicate quota code 2012-09-02 21:44:54 +02:00
Volker Lendecke
d5f845c0d3 s3: Make an if statement a bit easier to read 
Fix indentation a bit

Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep  1 07:07:12 CEST 2012 on sn-devel-104
 2012-09-01 07:07:12 +02:00
Jeremy Allison
46455642a7 Change the S3 fileserver over to se_file_access_check(). 
Don't set the priv_open_requested yet until the open-for-backup
request is correctly passed in.
 2012-08-31 20:29:13 -07:00
Jeremy Allison
3d34406c7b Windows does canonicalization of inheritance bits. Do the same. 
We need to filter out the
SEC_DESC_DACL_AUTO_INHERITED|SEC_DESC_DACL_AUTO_INHERIT_REQ
bits. If both are set we store SEC_DESC_DACL_AUTO_INHERITED
as this alters whether SEC_ACE_FLAG_INHERITED_ACE is set
when an ACE is inherited. Otherwise we zero these bits out.
See:

http://social.msdn.microsoft.com/Forums/eu/os_fileservices/thread/11f77b68-731e-407d-b1b3-064750716531

for details.
 2012-08-30 10:08:50 -07:00
Jeremy Allison
795920cf4a Change the other two places where we set a security descriptor given by the client to got through set_sd(), 
the canonicalize sd function.
 2012-08-30 10:08:50 -07:00
Jeremy Allison
70ebf1da67 Re-add set_sd(), called from set_sd_blob(). Allows us to centralize all ACL canonicalization. 2012-08-30 10:08:50 -07:00
Jeremy Allison
8c84ecef89 Rename set_sd() to set_sd_blob() - this describes what it does. 2012-08-30 10:08:50 -07:00
Andreas Schneider
ba862f47d7 s3-smbd: Fix flooding the logs with records we don't find in pcap. 
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Aug 28 16:38:55 CEST 2012 on sn-devel-104
 2012-08-28 16:38:55 +02:00
Andrew Bartlett
dc8d29cdae s3-vfs: Indicate the symlink destination when failing check_reduced_name 2012-08-28 15:47:37 +10:00
Andrew Bartlett
0aed29105e s3-smbd: Add security_info_wanted argument to get_nt_acl_no_snum 
I need to get at the owner, group, DACL and SACL when testing correct
ACL storage.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
e058dfb3b0 s3-pysmbd: Fix return type of smbd.get_nt_acl 
The security_ prefix is stripped off in the python bindings.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
e8e24a251b s3-smbd: Add talloc_stackframe() to get_nt_acl_no_snum() 
This is required because the functions it calls use talloc_tos().

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
8c71dc3505 param: Add startup checks for valid server role/binary combinations 
This should eliminate confusion from our users about what they can
expect to successfully run.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Andrew Bartlett
332efe1539 s3-pysmbd: Fix error message 2012-08-23 15:02:26 +02:00
Andrew Bartlett
51e3547426 s3-pysmbd: Allow a mode to be specified for the simple ACL 
The additional group for the ACL is now optional.

Andrew Bartlett
 2012-08-23 15:02:26 +02:00
Stefan Metzmacher
069db9b630 s3:smb2_break: encrypt OPLOCK BREAK notifications 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Aug 23 10:01:14 CEST 2012 on sn-devel-104
 2012-08-23 10:01:14 +02:00
Stefan Metzmacher
54dfd08cb2 s3:smb2_server: use smbXsrv_session->nonce_* 
metze
 2012-08-23 08:23:07 +02:00
Stefan Metzmacher
6c7ffa9092 s3:smb2_server: remove dump_data() from smbd_smb2_request_pending_timer() 
This was just for debugging...

metze
 2012-08-23 08:23:07 +02:00
Andrew Bartlett
125e93cdde s3-pysmbd: Correct the python type for smb_acl_t 
The t is weird, but the python bindings trim the traditional IDL name
prefix of each element, as it is usually rudundent.

Andrew Bartlett
 2012-08-22 01:31:57 +02:00
Andrew Bartlett
dc063bf3bd s3-pysmbd: Add get/set functions for the posix ACL layer 
These will be used to verify that an ACL set as an NT ACL creates
the correct posix ACL.

Andrew Bartlett
 2012-08-21 15:25:50 +10:00
Andrew Bartlett
4df2c65ea6 s3-pysmbd: Correct comments in python VFS bindings 2012-08-21 15:25:50 +10:00
Andrew Bartlett
d963aaf73b s3-pysmbd: Add hook for a VFS chown() 2012-08-21 15:25:49 +10:00
Andrew Bartlett
0f2d288f76 s3-smbd: ensure we give appropriate errors for EA requests on streams 2012-08-20 21:57:47 +10:00
Andrew Bartlett
6ce084f092 s3-smbd: Do not look for EA information on a stream 
The estimated EA size needs to be of the main file.  However, the fsp
may point to the stream, so we need to ignore it if this is the case.

This may mean we estimate wrong if there has been a rename.

Andrew Bartlett
 2012-08-20 21:57:46 +10:00
Andrew Bartlett
f9f8a8c3d8 s3-smbd: Push smb_fname into estimate_ea_size 
This ensures that we return the ea size of the stream, not the overall file.

This is important as if there is an EA on the main file, the raw.streams
test was failing.

Andrew Bartlett
 2012-08-20 21:57:46 +10:00
Stefan Metzmacher
45471f4d8f s3:smb2_negprot: annouce/negotiate SMB3 encryption support 
metze
 2012-08-17 14:51:57 +02:00
Stefan Metzmacher
9397d6709f s3:smb2_server: add SMB3 encryption support 
metze
 2012-08-17 14:51:57 +02:00
Stefan Metzmacher
9f1dfd8fac s3:smbd: don't disconnect the client when a share has "smb encrypt = required" 
It's not the client fault, if he doesn't know that encryption is required.
We should just return ACCESS_DENIED and let the client work on other
shares and open files on the current SMB connection.

metze
 2012-08-17 14:51:57 +02:00
Stefan Metzmacher
e5d4e8df6b s3:smbd: lp_smb_encrypt() returns SMB_SIGNING_* values 
metze
 2012-08-17 14:51:57 +02:00
Stefan Metzmacher
8b3da9a1f4 s3:smbd: make use of ENCRYPTION_REQUIRED() 
metze
 2012-08-17 14:51:57 +02:00
Stefan Metzmacher
16edb6eb7b s3:smb2_server: try to sign an error response if we have a signing key 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 17 00:54:01 CEST 2012 on sn-devel-104
 2012-08-17 00:54:01 +02:00
Stefan Metzmacher
19ca98a162 s3:smb2_server: verify the signature before the session_status 
metze
 2012-08-16 23:13:07 +02:00
Stefan Metzmacher
f4432fea6a s3:smb2_server: add some const to print_req_vectors() 
metze
 2012-08-16 23:13:07 +02:00
Volker Lendecke
fbebd7530e s3-libsmb: Add a python wrapper 
Please note that this is not finished and only for internal use.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-08-16 21:10:32 +02:00
Andrew Bartlett
1157db293f s3-smbd: Do not check no_acl_syscall_error(errno) after sys_acl_init() 
This is no longer a VFS call, so will no longer fail in this way.

Andrew Bartlett
 2012-08-16 15:25:39 +10:00
Stefan Metzmacher
b596a116fd s3:smb2_server: do calculations based on SMBD_SMB2_NUM_IOV_PER_REQ in smbd_smb2_request_validate() 
metze
 2012-08-15 14:45:04 +02:00
Andrew Bartlett
24b1143068 s3-sysacls: Remove sys_acl_free_qualifier() as it is a no-op 
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Aug 15 05:23:18 CEST 2012 on sn-devel-104
 2012-08-15 05:23:18 +02:00
Andrew Bartlett
6ccfd05e72 s3-sysacls: Remove sys_acl_free_acl() and replace with TALLOC_FREE() 2012-08-15 11:44:50 +10:00
Andrew Bartlett
e25830dcd8 s3-smbd: Remove sys_acl_*() VFS wrapper functions 
We no longer do struct smb_acl_t manipuations via the VFS layer,
which is now reduced to handling the get/set functions.

The only backend that implemented these functions (aside from audit)
was the vfs_default module calling the sys_acl code.  The various ACL
implementation modules either worked on the fully initilaised
smb_acl_t object or on NT ACLs.

This not only makes the operation of the posix ACL code more efficient
(as allocation and free is not put via the VFS), it makes it easier to
test and removes the fantasy that a module could safely redefine this
structure or the behaviour here.

The smb_acls.idl now defines the structure, and it is now allocated
with talloc.

These operations were originally added to the VFS in commit
3bb219161a.

Andrew Bartlett
 2012-08-15 11:44:50 +10:00
Andrew Bartlett
a63a2a72eb s3-smbd: Remove unused conn argument from convert_permset_to_mode_t() 2012-08-15 11:44:50 +10:00
Andrew Bartlett
3d031f2189 s3-smbd: Call sys_acl_set_permset() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:49 +10:00
Andrew Bartlett
9f16fcfd3f s3-smbd: Call sys_acl_set_qualifier() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:49 +10:00
Andrew Bartlett
21e0b91e9c s3-smbd: Call sys_acl_set_tag_type() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:49 +10:00
Andrew Bartlett
50d147b858 s3-smbd: Call sys_acl_create_entry() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:48 +10:00
Andrew Bartlett
db544790f1 s3-smbd: Call sys_acl_add_perm() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:48 +10:00
Andrew Bartlett
631a356ea2 s3-smbd: Call sys_acl_clear_perms() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:48 +10:00
Andrew Bartlett
d78c7c32dc s3-smbd: Call sys_acl_init() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:47 +10:00
Andrew Bartlett
8b3227eb45 s3-smbd: Call sys_acl_free_acl() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:47 +10:00
Andrew Bartlett
6a46fbb393 s3-smbd: Call sys_acl_free_qualifier() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:47 +10:00
Andrew Bartlett
e019b93f0e s3-smbd: Call sys_acl_get_entry() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:46 +10:00
Andrew Bartlett
d8fb9e77ec s3-smbd: Call sys_acl_free_qualifier() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:46 +10:00
Andrew Bartlett
6a2f142b49 s3-smbd: Call sys_acl_get_qualifier() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:45 +10:00
Andrew Bartlett
d83276c13f s3-smbd: Call sys_acl_get_tagtype() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:45 +10:00
Andrew Bartlett
3b409324d3 s3-smbd: Call sys_acl_get_permset() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:45 +10:00
Andrew Bartlett
7dff34f5d0 s3-smbd: Call sys_acl_get_perm() directly rather than via the VFS 
This will allow us to remove the struct smb_acl_t manipuations from the VFS layer,
which will be reduced to handling the get/set functions.

Andrew Bartlett
 2012-08-15 11:44:44 +10:00
Björn Jacke
f7403d838f s3: skip loading vfs modules for printer connections 
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Sun Aug 12 23:40:23 CEST 2012 on sn-devel-104
 2012-08-12 23:40:23 +02:00
Andrew Bartlett
c991ac0ebf s3-smbd: Merge ACE entries based on mapped UID/GID not SID 
As the test for a valid posix ACL is based on the unix uid/gid only appearing once in the ACL
the merge process also needs to be UID/GID based.

This is a problem when we have multiple builtin groups mapped to the same POSIX group
as happens in a Samba4 provision.

Andrew Bartlett

Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-08-10 14:38:47 -07:00
Andrew Bartlett
d3188a0480 s3-smbd: Convert posix_acls.c to use struct unixid internally 
This is consistent with the rest of Samba which uses this structure to represent
a unix uid or gid.

World values remain represented by the owner_type being WORLD_ACE in the containing
structure.  A -1 value is filled in to the unixid.id in the same way the .world value
was initialised in the union.

Andrew Bartlett

Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-08-10 14:38:47 -07:00
Andrew Bartlett
1c3c5e2156 s3-smbd: Create a shortcut for building the token of a user by SID for posix_acls 
When a user owns a file, but does not have specific permissions on that file, we need to
make up the user permissions.  This change ensures that the first thing that we do
is to look up the SID, and confirm it is a user.  Then, we avoid the getpwnam()
and directly create the token via the SID.

Andrew Bartlett

Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-08-10 14:38:47 -07:00
Stefan Metzmacher
8defcb8bd1 Revert "s3:smbd: include smbXsrv.h before smbd/proto.h to have the smbXsrv_ structs available" 
This reverts commit 98ccca8dca.

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 10 17:35:38 CEST 2012 on sn-devel-104
 2012-08-10 17:35:38 +02:00
Stefan Metzmacher
0e76bbc520 Revert "s3:smbd: Include smbXsrv.h before vfs.h (in smbd.h) so that the smbXsrv structures are available" 
This reverts commit e332bfaff5.
 2012-08-10 15:56:33 +02:00
Jeremy Allison
b70f23c2b5 Correctly check for errors in strlower_m() returns. 2012-08-09 12:08:18 -07:00
Jeremy Allison
c13887defc Check error returns on strnorm(). 2012-08-09 12:07:32 -07:00
Jeremy Allison
526e875cec Check error returns from strupper_m() (in all reasonable places). 2012-08-09 12:06:54 -07:00
Stefan Metzmacher
0d7b17f4db s3:smb2_sesssetup: setup global->[en|de]cryption_key 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Aug  9 09:59:02 CEST 2012 on sn-devel-104
 2012-08-09 09:59:02 +02:00
Stefan Metzmacher
0cb11efa87 s3:smb2_read: don't try sendfile if encryption is used 
metze
 2012-08-09 08:21:35 +02:00
Stefan Metzmacher
a0cf42b709 s3:smb2_server: add smbd_smb2_request->do_encryption 
For now it's always false...

metze
 2012-08-09 08:21:35 +02:00
Stefan Metzmacher
95e4270813 s3:smb2_tcon: set global->encryption_required and enforce it 
This the account or client doesn't support encryption we should
reject the tree connect.

metze
 2012-08-09 08:21:35 +02:00
Stefan Metzmacher
64dce26533 s3:smb2_sesssetup: set global->encryption_required and enforce it 
This the account or client doesn't support encryption we should
reject the session setup.

metze
 2012-08-09 08:21:35 +02:00
Stefan Metzmacher
b5a72f4f35 s3:smb2_server: check the session before we could response with an error. 
metze
 2012-08-09 08:21:35 +02:00
Stefan Metzmacher
f15d9a6670 s3:smb2_server: do central file_id check if the operation requires it 
Note that it's fine to call file_fsp_smb2() twice, the 2nd call
just returns smb2req->compat_chain_fsp without a 2nd lookup.

metze
 2012-08-09 08:21:35 +02:00
Stefan Metzmacher
1c76e99ae4 s3:smb2_server: s/i/idx in smbd_smb2_request_pending_queue() 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Aug  8 17:32:26 CEST 2012 on sn-devel-104
 2012-08-08 17:32:26 +02:00
Stefan Metzmacher
83d262088b s3:smb2_server: make use of SMBD_SMB2_OUT_HDR_PTR() in smbd_smb2_request_pending_queue() 
metze
 2012-08-08 12:52:52 +02:00
Stefan Metzmacher
0067de2074 s3:smb2_server: remove useless variable 'i' 
metze
 2012-08-08 12:52:51 +02:00
Stefan Metzmacher
63d92a192d s3:smb2_server: rewrite dup_smb2_vec3() using SMBD_SMB2_*_IOV_OFS and helper variables 
metze
 2012-08-08 12:52:51 +02:00
Stefan Metzmacher
fc8e3bd569 s3:smb2_server: make use of SMBD_SMB2_* macros in smbd_smb2_request_done_ex() 
metze
 2012-08-08 12:52:51 +02:00
Stefan Metzmacher
97b5aaa648 s3:smb2_server: make use of SMBD_SMB2_* macros in smbd_smb2_request_verify_sizes() 
metze
 2012-08-08 12:52:50 +02:00
Stefan Metzmacher
05ae95a0d5 s3:smb2_server: use the common buffer layout for smbd_smb2_request_pending* 
metze
 2012-08-08 12:52:50 +02:00
Stefan Metzmacher
644eab32af s3:smb2_read: use SMBD_SMB2_NUM_IOV_PER_REQ when checking for sendfile() support 
metze
 2012-08-08 12:52:50 +02:00
Stefan Metzmacher
2b9dd9049e s3:smb2_read: fix indentation in schedule_smb2_sendfile_read() 
metze
 2012-08-08 12:52:50 +02:00
Stefan Metzmacher
9f51d610d2 s3:smb2_server: don't try to update req->in.vector[0] in smbd_smb2_request_pending_queue() 
req->in.vector[0] is reserved for the transport and might be removed in future.
This is currently always { NULL, 0 }, as it's not used, by our
transport layer code. The SMB2 layer should never touch this!

metze
 2012-08-08 12:50:22 +02:00
Stefan Metzmacher
6bfdca4786 s3:smb2_sesssetup: remove unused code in smbd_smb2_reauth_generic_return() 
A reauth exchange is already signed, with the channel signing key.

metze
 2012-08-08 05:37:49 +02:00
Stefan Metzmacher
5f7d786b08 s3:smb2_sesssetup: remove TALLOC_FREE(session) from smbd_smb2_[re]auth_generic_return 
The caller does this via the smbd_smb2_session_setup_state_destructor()

metze
 2012-08-08 05:37:49 +02:00
Stefan Metzmacher
c9ecfd6f3d s3:smb2_server: sign the last request at the start of smbd_smb2_request_reply() 
This means we correctly sign all responses in a compound chain.

metze
 2012-08-08 05:13:42 +02:00
Volker Lendecke
64c0367335 s3: Fix a crash in reply_lockingX_error 
A timed brlock with 2 locks comes in and the second one blocks,
file is closed. smbd_cancel_pending_lock_requests_by_fid sets
blr->fsp to NULL. reply_lockingX_error (called via
MSG_SMB_BLOCKING_LOCK_CANCEL) deferences blr->fsp because
blr->lock_num==1 (the second one blocked).

This patch fixes the bug by only undoing the locks if fsp!=NULL.
fsp==NULL is the close case where everything is undone anyway.

Thanks to Peter Somogyi, somogyi@hu.ibm.com for this bug report.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Aug  8 04:12:04 CEST 2012 on sn-devel-104
 2012-08-08 04:12:04 +02:00
Stefan Metzmacher
c3016915a1 s3:smb2_server: fix SMB2 signing of compound responses 
We need to defer the signing until we know the response
doesn't change anymore before it goes over the wire.

metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug  7 20:29:30 CEST 2012 on sn-devel-104
 2012-08-07 20:29:30 +02:00
Stefan Metzmacher
40f771e010 s3:smb2_server: there's no need to copy req->out.vector when we just keep the last request 
metze
 2012-08-07 18:32:47 +02:00
Stefan Metzmacher
8d63efe273 s3:smb2_server: use memmove instead of copying single vector elements 
metze
 2012-08-07 18:32:47 +02:00
Stefan Metzmacher
9b8973d3b5 s3:smb2_server: make use of SMBD_SMB2_OUT_HDR_PTR() smbd_smb2_request_pending_queue() 
metze
 2012-08-07 18:32:46 +02:00
Stefan Metzmacher
bfc87a4a76 s3:smb2_server: check for compound based on SMBD_SMB2_NUM_IOV_PER_REQ 
metze
 2012-08-07 18:32:46 +02:00
Stefan Metzmacher
5730272690 s3:smb2_server: make use of SMBD_SMB2_OUT_*_IOV smbd_smb2_request_reply() 
metze
 2012-08-07 18:32:46 +02:00
Stefan Metzmacher
727b1d1fa8 s3:smb2_server: check for compound based on SMBD_SMB2_NUM_IOV_PER_REQ 
metze
 2012-08-07 18:32:45 +02:00
Stefan Metzmacher
2da62179de s3:smb2_server: make use of SMBD_SMB2_*_IOV_OFS 
metze
 2012-08-07 18:32:45 +02:00
Stefan Metzmacher
d609bb9b42 s3:smb2_server: make use of helper macros in smb2_calculate_credits() 
metze
 2012-08-07 18:32:45 +02:00
Stefan Metzmacher
efaea8e0e1 s3:smb2_server: make use of helper macros in smbd_smb2_request_validate() 
metze
 2012-08-07 18:32:45 +02:00
Stefan Metzmacher
4e6e1ecb6e s3:smb2_server: make use of SMBD_SMB2_NUM_IOV_PER_REQ 
metze
 2012-08-07 18:32:44 +02:00
Stefan Metzmacher
337604a0cf s3:smb2_server: add some more SMBD_SMB2_* defines/macros 
metze
 2012-08-07 18:32:44 +02:00
Rusty Russell
3bb65aa159 source3/smbd/conn.c: wean off string_set/string_free 
Use straight talloc strings.  This is the only user outside loadparm.c.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2012-08-07 23:20:05 +10:00
Stefan Metzmacher
e7bf8e7e23 s3:smb2_server: do one central as_root check if the operation requires it 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug  7 13:14:38 CEST 2012 on sn-devel-104
 2012-08-07 13:14:38 +02:00
Stefan Metzmacher
eec941e411 s3:smb2_server: do one central tcon check if the operation requires it 
metze
 2012-08-07 11:16:37 +02:00
Stefan Metzmacher
59b9dfa0cb s3:smb2_server: do one central session check if the operation requires it 
metze
 2012-08-07 11:16:37 +02:00
Stefan Metzmacher
aba6df9f55 s3:smb2_server: add and use smbd_smb2_call() 
metze
 2012-08-07 11:16:37 +02:00
Stefan Metzmacher
e01333242f s3:smb2_server: add .as_root to smbd_smb2_dispatch_table 
metze
 2012-08-07 11:16:36 +02:00
Stefan Metzmacher
f69ed57d0f s3:smb2_server: add .need_tcon to smbd_smb2_dispatch_table 
metze
 2012-08-07 11:16:36 +02:00
Stefan Metzmacher
46f7a60e78 s3:smb2_server: add .need_session to smbd_smb2_dispatch_table 
metze
 2012-08-07 11:16:36 +02:00
Stefan Metzmacher
357110c10b s3:smb2_server: introduce a smbd_smb2_dispatch_table (for now just with names) 
metze
 2012-08-07 11:16:36 +02:00
Stefan Metzmacher
5ac4d3d274 s3:smb2_server: move 'conn' to main block of smbd_smb2_request_dispatch() 
metze
 2012-08-07 11:16:36 +02:00
Andrew Bartlett
f06c216d0b s3-pysmbd: Try opening as a file, then as a directory 
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug  7 08:59:21 CEST 2012 on sn-devel-104
 2012-08-07 08:59:21 +02:00
Andrew Bartlett
e571d5c03e s3-pysmbd: Use talloc_zero() 
This avoids operating on uninitialised data

Andrew Bartlett
 2012-08-07 14:57:33 +10:00
Andrew Bartlett
227d490477 s3-pysmbd: Add talloc_stackframe() to smbd_set_simple_acl wrapper 2012-08-07 14:57:07 +10:00
Stefan Metzmacher
721096b1ad s3:smb2_server: make use of smbd_smb2_inbuf_parse_compound() in smbd_smb2_request_read*() 
This changes the way we read SMB2 traffic from the socket,
now as create just one large buffer for the whole NBT payload
and then split it into iovec elements in smbd_smb2_inbuf_parse_compound()

metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Aug  6 21:54:35 CEST 2012 on sn-devel-104
 2012-08-06 21:54:35 +02:00
Stefan Metzmacher
fbd663c143 s3:smb2_server: make use of smbd_smb2_inbuf_parse_compound() in smbd_smb2_request_create() 
metze
 2012-08-06 20:02:32 +02:00
Stefan Metzmacher
9e9d784def s3:smb2_server: remove const from smbd_smb2_first_negprot() 
metze
 2012-08-06 20:02:32 +02:00
Stefan Metzmacher
c1b3454259 s3:smb2_server: add smbd_smb2_inbuf_parse_compound() 
metze
 2012-08-06 20:02:32 +02:00
Stefan Metzmacher
1c7bd2b71c s3:smbd: remove unused variable in sesssetup.c 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Aug  5 23:09:06 CEST 2012 on sn-devel-104
 2012-08-05 23:09:06 +02:00
Stefan Metzmacher
4384b1e73b s3:smb2_server: make use of SMBD_SMB2_* macros 
metze
 2012-08-05 20:55:41 +02:00
Stefan Metzmacher
47c67f2eac s3:smb2_ioctl: make use of SMBD_SMB2_* macros 
metze
 2012-08-05 20:55:40 +02:00
Stefan Metzmacher
e281b9f798 s3:smb2_lock: make use of SMBD_SMB2_* macros 
metze
 2012-08-05 20:55:40 +02:00
Stefan Metzmacher
e67d07f639 s3:smb2_setinfo: make use of SMBD_SMB2_* macros 
metze
 2012-08-05 20:55:40 +02:00
Stefan Metzmacher
9c58a0a870 s3:smb2_getinfo: make use of SMBD_SMB2_* macros 
metze
 2012-08-05 20:55:40 +02:00
Stefan Metzmacher
e9a21e5c8b s3:smb2_negprot: make use of SMBD_SMB2_* macros 
metze
 2012-08-05 20:55:39 +02:00
Stefan Metzmacher
f28b2ac65a s3:smb2_write: make use of SMBD_SMB2_* macros 
metze
 2012-08-05 20:55:38 +02:00
Stefan Metzmacher
f08e478d2f s3:smb2_tcon: make use of SMBD_SMB2_* macros 
metze
 2012-08-05 20:55:37 +02:00
Stefan Metzmacher
6e9a65ded3 s3:smb2_create: make use of SMBD_SMB2_* macros 
metze
 2012-08-05 20:55:37 +02:00
Stefan Metzmacher
926379ae79 s3:smb2_find: make use of SMBD_SMB2_* macros 
metze
 2012-08-05 20:55:36 +02:00
Stefan Metzmacher
559742f45f s3:smb2_sesssetup: make use of SMBD_SMB2_* macros 
metze
 2012-08-05 20:55:36 +02:00
Stefan Metzmacher
048c8d3db4 s3:smb2_glue: make use of SMBD_SMB2_IN_HDR_PTR() 
metze
 2012-08-05 20:55:36 +02:00
Stefan Metzmacher
8cf817d7fd s3:smb2_read: make use of SMBD_SMB2_IN_BODY_PTR() 
metze
 2012-08-05 20:55:35 +02:00
Stefan Metzmacher
121dbd6210 s3:smb2_notify: make use of SMBD_SMB2_IN_*_PTR() 
metze
 2012-08-05 20:55:35 +02:00
Stefan Metzmacher
88a34026f5 s3:smb2_flush: make use of SMBD_SMB2_IN_BODY_PTR() 
metze
 2012-08-05 20:55:35 +02:00
Stefan Metzmacher
52805c4169 s3:smb2_close: make use of SMBD_SMB2_IN_BODY_PTR() 
metze
 2012-08-05 20:55:34 +02:00
Stefan Metzmacher
21742c3693 s3:smb2_break: make use of SMBD_SMB2_IN_BODY_PTR() 
metze
 2012-08-05 20:55:34 +02:00
Stefan Metzmacher
7ee54cd9c4 s3:smbd: add helper macros to access smb2req->{in,out}.vector[] 
For SMB3 encryption we need to change the vector layout
and we better hide this behind some central macros.

metze
 2012-08-05 20:55:34 +02:00
Stefan Metzmacher
7327310754 s3:smb2_server: use 'i' instead of '1' as vector index in smbd_smb2_request_pending_timer() 
If we reach this code i is currently always 1, but it's easier to unstand this
way.

metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Aug  5 20:00:26 CEST 2012 on sn-devel-104
 2012-08-05 20:00:26 +02:00
Stefan Metzmacher
1a0c40f537 s3:smb2_lock: remove unused in_smbpid 
metze
 2012-08-05 16:39:31 +02:00
Stefan Metzmacher
96fa47f56e s3:smb2_write: remove unused in_smbpid 
metze
 2012-08-05 16:39:31 +02:00
Stefan Metzmacher
056070f395 s3:smb2_read: remove unused in_smbpid 
metze
 2012-08-05 16:39:30 +02:00
Stefan Metzmacher
401860cab6 s3:smbd: add support for SMB_EXTENDED_SIGNATURES in SMBtconX 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Aug  4 14:28:04 CEST 2012 on sn-devel-104
 2012-08-04 14:28:04 +02:00
Stefan Metzmacher
ff75fd9eda s3:smbd: setup the application session key with the first tcon on a session 
Look for Server.Session.SessionKeyState in [MS-SMB].
The first SMBtconX sets the state to available, which makes it possible
to protect the session key at that stage, if client and server
support TREE_CONNECT_ANDX_EXTENDED_SIGNATURE.

metze
 2012-08-04 12:33:06 +02:00
Stefan Metzmacher
49d0432efd s3:smbd: setup session->global->signing_/application_key during SPNEGO SMB1 session setups 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Aug  4 11:09:42 CEST 2012 on sn-devel-104
 2012-08-04 11:09:42 +02:00
Stefan Metzmacher
2265e4633a s3:smbd: setup session->global->signing_/application_key during old SMB1 session setups 
metze
 2012-08-04 09:10:23 +02:00
Stefan Metzmacher
3d63e4da17 s3:smbd: keep the "application session key" during SMB1 reauth 
metze
 2012-08-04 09:10:22 +02:00
Stefan Metzmacher
b1a0fda73d libcli/smb: pass hdr/len to smb_signing_check/sign_pdu() and skip the nbt header 
metze
 2012-08-04 09:10:21 +02:00
Stefan Metzmacher
b1c5efbfea s3:smbd: skip nbt header in srv_check_sign_mac() 
metze
 2012-08-04 09:10:20 +02:00
Andrew Bartlett
1e5098d5e1 s3-pysmbd: Add hook for get_nt_acl() 
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Aug  2 13:27:55 CEST 2012 on sn-devel-104
 2012-08-02 13:27:54 +02:00
Andrew Bartlett
64f494de5e s3-pysmbd: fix DEBUG 2012-08-02 11:35:19 +02:00
Andrew Bartlett
e5686a4cf0 s3-pysmbd: Add my copyright 2012-08-02 11:35:19 +02:00
Andrew Bartlett
55a0d6606c s3-pysmbd: Add set_nt_acl() function based on parts of vfstest 
This will allow us to set the full NT ACL on a file, using the VFS
layer, during provision of the AD DC.

Andrew Bartlett
 2012-08-02 11:35:19 +02:00
Stefan Metzmacher
b93e6ef5e7 s3:smbd: add a optional_support helper variable to reply_tcon_and_X() 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Aug  1 18:25:26 CEST 2012 on sn-devel-104
 2012-08-01 18:25:26 +02:00
Stefan Metzmacher
3fb6549db0 s3:smbd: make use of TCONX_FLAG_DISCONNECT_TID define 
metze
 2012-08-01 14:17:16 +02:00
Volker Lendecke
d1dccfbda6 s3: Fix Coverity ID 710818 Resource leak 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-07-31 11:40:23 +02:00
Volker Lendecke
2ddc3a280e s3: Fix Coverity ID 710827 Resource leak 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-07-31 11:40:22 +02:00
Volker Lendecke
d2eb26cfbd s3: Make request_timed_out() static 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-07-31 11:40:22 +02:00
Stefan Metzmacher
35c0f164bc s3:smbd: do a clean shutdown during release_ip() after CTDB_SRVID_RELEASE_IP 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 31 11:33:27 CEST 2012 on sn-devel-104
 2012-07-31 11:33:27 +02:00
Stefan Metzmacher
d73b7938bb s3:smbd: use print_sockaddr() instead of client_socket_addr() 
We already have a server address in sockaddr_storage format.

Also the name "client_socket" was very miss leading,
as it returns the local address of the socket.

metze
 2012-07-31 09:34:21 +02:00
Stefan Metzmacher
13de233fc6 s3:smbd: move smbd_register_ips() next to release_ip() 
metze
 2012-07-31 09:34:21 +02:00
Andrew Bartlett
b181a0b96b lib/param: Remove use of lp{cfg,}_socket_address outside the NBT client and server 
In these other cases, control of the sockets to bind to can be obtained using
"bind interfaces only = yes" and "interfaces = ".

Andrew Bartlett
 2012-07-27 17:59:51 +10:00
Stefan Metzmacher
a67daa3aa6 s3:smb2_negprot: return the current system time in the SMB2 NEGPROT response 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 26 11:56:02 CEST 2012 on sn-devel-104
 2012-07-26 11:56:02 +02:00
Stefan Metzmacher
f6592c427d s3:smbd: fix compiler warnings in notify_internal.c 
metze
 2012-07-26 10:02:07 +02:00
Stefan Metzmacher
df08929d28 s3:smb2_sesssetup: reject SMB2_SESSION_FLAG_BINDING requests 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 26 02:08:56 CEST 2012 on sn-devel-104
 2012-07-26 02:08:56 +02:00
Stefan Metzmacher
859e5be070 s3:smb2_ioctl: fix GUID_compare() check in FSCTL_VALIDATE_NEGOTIATE_INFO 
metze
 2012-07-25 23:32:18 +02:00
Stefan Metzmacher
3a85737191 s3:smb2_ioctl: allow clients to send padding at the end of FSCTL_VALIDATE_NEGOTIATE_INFO 
metze
 2012-07-25 23:31:02 +02:00
Stefan Metzmacher
3cce5214f9 s3:smb2_ioctl: remove FSCTL_VALIDATE_NEGOTIATE_INFO_224 implementation 
Only Windows8 Beta uses this and it's broken, the client send wrong
capabilities. Just returning an error seems to be fine for the Windows8 Beta
client.

metze
 2012-07-25 23:29:28 +02:00
Stefan Metzmacher
c66a45d3f2 s3:smb2_server: simplify the talloc_pool handling for smbd_smb2_request 
metze
 2012-07-25 12:15:01 +02:00
Andrew Bartlett
f3562424b6 lib/param: Move all enum declarations to lib/param 
This is in preperation for the parameter table being made common.

Andrew Bartlett

Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
 2012-07-24 11:01:17 +02:00
Andrew Bartlett
9521cd0409 param: Make the 'unicode' parameter common 
This parameter is most useful for interop testing, rather than production use.

Andrew Bartlett
 2012-07-24 10:46:12 +10:00
Jeremy Allison
61cec270c2 Fix unused variable. 2012-07-24 00:09:46 +02:00
Jeremy Allison
e5a3218b0e Fix compiler warning. 2012-07-24 00:09:46 +02:00
Jeremy Allison
111c2159de Fix problem found by Andrew Bartlett - correctly check encrypted flag. 2012-07-23 20:15:33 +02:00
Stefan Metzmacher
88f326a2c0 s3:smb2_tcon: reject access to shares mark as "smb encrypt = required" 
We do not support SMB2 transport encryption yet.

metze
 2012-07-23 18:19:36 +02:00
Stefan Metzmacher
0b903e1cf5 s3:smbd: if a fsp has fsp->deferred_close, clients shouldn't be able to use it 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jul 23 16:22:03 CEST 2012 on sn-devel-104
 2012-07-23 16:22:03 +02:00
Jeremy Allison
e8dbf2889f Move everything to use the common pidfile functions. 
The extra code in source3/lib/pidfile.c is no longer needed.
 2012-07-19 16:36:18 -07:00
Jeremy Allison
0d24370c76 Make the s3 pidfile use the common code inside lib/util/pidfile.c 2012-07-19 16:08:49 -07:00
Jeremy Allison
2922fdaaf0 Move source4/smbd/pidfile into lib/util in preparation for making it in common. 2012-07-19 15:41:52 -07:00
Andrew Bartlett
0f57da57e3 lib/param: bring lp_smb_ports() into common by making it a list everywhere 2012-07-19 08:02:32 +02:00
Volker Lendecke
8ef968a23d s3-aio: Panic if we try to close a fsp with outstanding aio requests 
The core smbd must have taken care of this. If we don't do this properly,
we have a race of the close(2) against a pwrite(2). We might end up
writing to the wrong file.

Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 19 03:40:17 CEST 2012 on sn-devel-104
 2012-07-19 03:40:17 +02:00
Volker Lendecke
a6b5836741 s3-smb2: Postpone close_file until all aio is handled 
Thanks to Jeremy for this simple idea

Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:58:43 -07:00
Volker Lendecke
3e9f58be7e s3-smb1: Postpone close_file until all aio is handled 
Thanks to Jeremy for this simple idea

Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:57:53 -07:00
Volker Lendecke
f79fb4429c s3: Slightly simplify reply_close() 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:54:04 -07:00
Volker Lendecke
ed31e20115 s3-aio: Make the strict sync after write async 
This restores cb405947ca, which was
lost during the refactoring of aio.c and vfs_aio_pthread.c.

Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:51:11 -07:00
Volker Lendecke
56aae9f754 s3: Add a _nosync version of smb2_write_complete 
This will be used in aio.c to avoid a second fsync after write

Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:48:27 -07:00
Volker Lendecke
5d09cec6fe s3-vfs: async fsync 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:48:04 -07:00
Volker Lendecke
3882113e6f s3: Fix the build 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:47:27 -07:00
Volker Lendecke
fd351b6ebb s3: Make us survive base-delaywrite with aio enabled 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:46:54 -07:00
Volker Lendecke
c4efaabbd9 s3: Move the aio_pthread read/write functionality to vfs_default 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:46:29 -07:00
Volker Lendecke
9dc78c90f3 s3-aio: Remove unused VFS functions and more 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:45:58 -07:00
Volker Lendecke
ff701ceae2 s3: Add vfs_aio_posix 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:41:36 -07:00
Volker Lendecke
f9df073a31 s3: Make smbd/aio.c not depend on aio.h anymore 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:40:35 -07:00
Volker Lendecke
66eb7bc6ec s3: Remove the unused completion handling from aio.c 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:38:15 -07:00
Volker Lendecke
f5dc8837d9 s3: Properly handle shutdown with the _send/_recv based aio 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:37:28 -07:00
Volker Lendecke
aff6956d35 s3: Use SMB_VFS_PWRITE_SEND in schedule_smb2_aio_write 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:35:32 -07:00
Volker Lendecke
6df7ba3af9 s3: Use SMB_VFS_PREAD_SEND in schedule_smb2_aio_read 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:34:27 -07:00
Volker Lendecke
2bad405a4e s3: Use SMB_VFS_PWRITE_SEND in schedule_aio_write_and_X 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:33:22 -07:00
Volker Lendecke
7c32017064 s3: Use SMB_VFS_PREAD_SEND in schedule_aio_read_and_X 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:13:04 -07:00
Volker Lendecke
e24aed15fa s3-vfs: async pread 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 15:11:56 -07:00
Volker Lendecke
c6e456d9c0 s3-vfs: async pwrite 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-18 13:49:21 -07:00
Rusty Russell
fe72740e82 loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *. 
They use talloc_tos() internally: hoist that up to the callers, some
of whom don't want to us talloc_tos().

A simple patch, but hits a lot of files.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
 2012-07-18 15:07:23 +09:30
Volker Lendecke
27e20d5d60 s3: Make us survive smb2.lock.rw-shared with aio enabled 
schedule_aio_smb2_write can return NT_STATUS_FILE_LOCK_CONFLICT.
This is a valid error code that smb2.lock.rw-shared expects and
checks for. The code before this patch maps this to NT_STATUS_FILE_CLOSED,
masking the real, correct error message.

Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 13 21:53:51 CEST 2012 on sn-devel-104
 2012-07-13 21:53:51 +02:00
Andrew Bartlett
15fedb3c68 s3-auth Remove unused global_machine_account_needs_changing 
This boolean was only set if the old machine account store (with an
MD4 hash in it) was returned.  We have not set that password type for
years.  If this call ever worked, it would store a plaintext password,
so we could only ever be here if we had set a password using a version
of Samba so old as not to store plaintext, and then never honered the
flag anyway.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 13 07:52:40 CEST 2012 on sn-devel-104
 2012-07-13 07:52:40 +02:00
Jeremy Allison
a7c63ac1b7 Set fsp->initial_allocation_size before calling open_file_ntcreate(). 
Allows an SMB_VFS_OPEN() vfs module to do something interesting with
the request.
 2012-07-12 22:46:07 +02:00
Jeremy Allison
775014bd9c Make sure we reset fsp->initial_allocation_size to zero if we didn't create the file. 
This will become important as we set fsp->initial_allocation_size before
create.
 2012-07-12 22:46:07 +02:00
Jeremy Allison
cb405947ca Add an optimization to pthread aio writes to also do fsync if requested. 
Should help by ensuring complete writes done in sub-thread, not in
the main thread.
 2012-07-12 22:46:07 +02:00
Volker Lendecke
622eb59eb4 s3: Make us survive base-delaywrite with aio enabled 
Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 12 21:28:19 CEST 2012 on sn-devel-104
 2012-07-12 21:28:19 +02:00
Volker Lendecke
67e7e14e62 s3: Factor out "mark_file_modified" 
This is in preparation of making us survive base-delaywrite with async I/O activated

Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-07-12 10:13:12 -07:00
Jeremy Allison
6d903bf189 Cope with a (non-security) open race we've had for ever as NTCreateX isn't atomic on POSIX. 
On open without create, the file did exist, but some
other (local or NFS) process either renamed/unlinked
and re-created the file with different dev/ino after
we walked the path, but before we did the open. We
could retry the open but it's a rare enough case it's
easier to just fail the open to prevent creating any
problems in the open file db having the wrong dev/ino
key.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 10 21:57:33 CEST 2012 on sn-devel-104
 2012-07-10 21:57:33 +02:00
Jeremy Allison
69a3e947b6 Now we have a guaranteed indication of a file being created, use it to set the create disposition correctly. 2012-07-10 09:39:36 -07:00
Jeremy Allison
02d42be258 Add function fd_open_atomic() which uses O_CREAT|O_EXCL to return a guaranteed indication of creation of a new file. 2012-07-10 09:39:29 -07:00
Jeremy Allison
3aa186f1d4 Simplify the logic in open_file() some more. 
Move the inheritance work into the if block
where we created the file. We can never have
created the file (and thus need no inheritance)
for a stat-open.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 10 03:30:22 CEST 2012 on sn-devel-104
 2012-07-10 03:30:22 +02:00
Jeremy Allison
3a705e5f3d Simplify the logic in open_file(). 
Move the fstat call into the block which opens a file descriptor.
Remove the stat() call in the stat-open case. We already failed
the open if !file_existed.
 2012-07-09 16:20:45 -07:00
Jeremy Allison
9d5e026bde Make check_same_stat() and check_same_dev_ino() common functions. 2012-07-09 12:26:56 -07:00
Jeremy Allison
1f37ed7a52 Factor out check_same_dev_ino() from check_same_stat() so it can be called separately. 2012-07-09 11:35:20 -07:00
Björn Jacke
f9fb1ef85c s3: evaluate MNT_QUOTA and MNT_RDONLY in statvfs also on darwin 2012-07-05 22:00:52 +02:00
Björn Jacke
b40fb6eec5 s3: if we know a file is immutable, report it to be readonly 
on *BSD we get the immutable flag via st_flags, we should use that if possible.
 2012-07-04 12:01:20 +02:00
Andreas Schneider
d0878b3b81 s3-smbd: Remove deprecated 'share modes' option. 2012-07-03 21:56:49 +02:00
Volker Lendecke
abda9d3347 s3: Fix Coverity ID 709217 Dereference after null check 
A few lines before we did check for x != NULL. I think this might
fix a potential remote crash.

Signed-off-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Jul  3 15:30:17 CEST 2012 on sn-devel-104
 2012-07-03 15:30:16 +02:00
Volker Lendecke
6710e4edc5 s3: Fix Coverity ID 709218 Uninitialized pointer read 
Signed-off-by: Michael Adam <obnox@samba.org>
 2012-07-03 13:39:42 +02:00
Michael Adam
e332bfaff5 s3:smbd: Include smbXsrv.h before vfs.h (in smbd.h) so that the smbXsrv structures are available 
This is currently needed for files_struct and connection_struct
that contain backlinks to smbXsrv_open and smbXsrv_tcon, respectively.
Finally, these backlinks to the smb level structures should be removed.
 2012-07-03 13:39:41 +02:00
Michael Adam
8a32d62abc s3:smbd:smb2: fix prototype of make_connection_smb2() to use smbXsrv_tcon 
instead of internal smbXsrv_tcon0.
 2012-07-03 13:39:40 +02:00
Michael Adam
98ccca8dca s3:smbd: include smbXsrv.h before smbd/proto.h to have the smbXsrv_ structs available 2012-07-03 13:39:40 +02:00
Michael Adam
bfc38d74cc s3:smbd:smb2: change smbXsrv_tcon0 to smbXsrv_tcon in smbd_smb2_request_check_tcon() 
smbXsrv_tcon0 is the internal name for the (current) version0 of the
structure. Externally, only smbXsrv_tcon should be used.
 2012-07-03 13:39:40 +02:00
Michael Adam
cca51e2f55 s3:smbd:smb2: change smbXsrv_session0 to smbXsrv_session in struct user_struct. 
smbXsrv_session0 is the internal name of (current) version 0 of
the structure. Externally, only smbXsrv_session should be used.
 2012-07-03 13:39:39 +02:00
Jeremy Allison
5679ba1018 Don't allow asynchronous creates to be canceled in SMB2. 
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 30 04:10:02 CEST 2012 on sn-devel-104
 2012-06-30 04:10:02 +02:00
Jeremy Allison
6617c2c1f5 Make schedule_deferred_open_message_smb() return an indication of success. 2012-06-30 02:23:39 +02:00
Jeremy Allison
0d2f6cae41 Make schedule_deferred_open_message_smb2() return an indication of success. 2012-06-30 02:23:39 +02:00
Jeremy Allison
b004121d9b Allow for async opens. 
If the SMB_VFS_OPEN() function returns -1, EINTR -> NT_STATUS_RETRY,
then queue the open up to be completed when the async open completes.
 2012-06-30 02:23:39 +02:00
Jeremy Allison
d1e1aa552d Add new bool field async_open to struct deferred_open_record. Not used yet. 2012-06-30 02:23:39 +02:00
Jeremy Allison
0362dcbd09 Fix defer_open() fuction in the open code path to cope with a NULL lck parameter. 2012-06-30 02:23:39 +02:00
Jeremy Allison
34bb743ce3 Add uint64_t mid field to the files_struct. 
Ensure it is initialized so we know what mid created this file.
 2012-06-30 02:23:39 +02:00
Stefan Metzmacher
7d1395536b s3:smbd: make use of smbXsrv_open for smb1/2/3 
This makes sure we generate unique persistent file ids,
which are stored in smbXsrv_open_global.tdb.

Pair-Programmed-With: Michael Adam <obnox@samba.org>

metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jun 29 21:01:11 CEST 2012 on sn-devel-104
 2012-06-29 21:01:11 +02:00
Stefan Metzmacher
f7762e2730 s3:smbd: add smbXsrv_open* infrastructure 
Pair-Programmed-With: Michael Adam <obnox@samba.org>

metze
 2012-06-29 19:11:04 +02:00
Björn Jacke
143b711c23 s3: fix the logic in bsd_statvfs 2012-06-29 17:19:21 +02:00
Stefan Metzmacher
1a622fe641 s3:smb2_server: remove max_charge check in smbd_smb2_request_verify_creditcharge() 
The client can send any credit charge value, it's ok to send more than needed.

metze

Signed-off-by: Michael Adam <obnox@samba.org>
 2012-06-29 15:21:08 +02:00
Björn Jacke
b526a0d673 s3: merge bsd_statvfs and darwin_statvfs 2012-06-29 12:47:23 +02:00
Jeremy Allison
821bd95156 Replace all uses of setXX[ug]id() and setgroups with samba_setXX[ug]id() calls. 
Will allow thread-specific credentials to be added by modifying
the central definitions. Deliberately left the setXX[ug]id()
call in popt as this is not used in Samba.
 2012-06-28 17:15:16 -07:00
Stefan Metzmacher
34a9892ec1 s3:smb2_server: make the logic in smbd_smb2_request_verify_creditcharge() simpler 
We just need a max_charge variable to make the algorithm independent
of multi_credit support.

metze
 2012-06-29 00:14:56 +02:00
Stefan Metzmacher
967f2c44b3 s3:smb2_server: simplify smbd_smb2_request_verify_creditcharge() a bit. 
A credit charge of 0 is really not a special case, it just means the same
as 1.

metze
 2012-06-29 00:14:56 +02:00
Stefan Metzmacher
5b7f5d02b5 s3:smb2_negprot: support SMB2_CAP_LARGE_MTU on everything but port 139 
In future we'll have other transports like RDMA.
This makes NBT (tcp port 139) special instead of port 445.

metze
 2012-06-29 00:14:56 +02:00
Stefan Metzmacher
1db83d2b37 s3:smb2_server: grant extra credits for multi-credit requests 
metze
 2012-06-29 00:14:55 +02:00
Stefan Metzmacher
648b959b13 s3:smb2_server: implement credit granting similar to windows 
This makes it much easier to compare traces.

metze
 2012-06-29 00:14:55 +02:00
Stefan Metzmacher
82dc0b33b9 s3:smb2_server: make sure sequence numbers don't wrap at UINT64_MAX 
metze
 2012-06-29 00:14:54 +02:00
Stefan Metzmacher
ee8ae459ae s3:smb2_server: make sure we don't grant more credits than we allow 
If the client hasn't consumed the lowest seqnum, but the distance
between lowest and highest seqnum has reached max credits.

In that case we should stop granting credits.

metze
 2012-06-29 00:14:54 +02:00
Stefan Metzmacher
4fe41c0bb1 s3:smb2_server: check the credit_charge against the already granted credits 
metze
 2012-06-29 00:14:54 +02:00
Stefan Metzmacher
984fdaf914 s3:smb2_server: split out a smb2_validate_sequence_number() function 
metze
 2012-06-29 00:14:53 +02:00
Stefan Metzmacher
d6e7a76461 s3:smb2_server: clear sequence window if we got the lowest sequence id 
Otherwise we'll never consume sequence id '0'.

metze
 2012-06-29 00:14:53 +02:00
Stefan Metzmacher
bd6d415cae s3:smb2_server: fix calculation of the next bitmap_offset 
metze
 2012-06-29 00:14:52 +02:00
Stefan Metzmacher
d1ee774ed0 s3:smb2_server: remove unused and confusing DEFAULT_SMB2_MAX_CREDIT_BITMAP_FACTOR 
metze
 2012-06-29 00:14:52 +02:00
Stefan Metzmacher
925994e42e s3:smb2_server: call smbd_smb2_request_validate() also in smbd_smb2_first_negprot() 
We need to consume message_id 0, for SMB1 negprot starts.

metze
 2012-06-29 00:14:51 +02:00
Stefan Metzmacher
0b8eac9b79 s3:smb2_server: start the connection with one credit granted to the client 
metze
 2012-06-29 00:14:51 +02:00
Björn Jacke
7560b1cea6 s3: fine tune and clean up statvfs tests 
This should also fix the build on Tru64. Tru64 has a POSIX compliant statvfs()
function while most *BSD systems ignore POSIX.

Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Thu Jun 28 23:07:23 CEST 2012 on sn-devel-104
 2012-06-28 23:07:23 +02:00
Stefan Metzmacher
d6939c39c0 s3:smbd: change nt_open_pipe() to uint16_t pnum/fnum 
This is SMB1 code...

metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 28 14:47:45 CEST 2012 on sn-devel-104
 2012-06-28 14:47:45 +02:00
Stefan Metzmacher
d7d1bb9444 s3:smb2_create: add usefull DEBUG() message 
All calls which take an file handle have the same,
so we should also log it, when we create a handle.

metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 28 12:41:49 CEST 2012 on sn-devel-104
 2012-06-28 12:41:48 +02:00
Stefan Metzmacher
66fa891d2d s3:smbd/files: fsp->fnum is uint64_t not int! 
metze
 2012-06-28 10:08:03 +02:00
Andrew Bartlett
666dba3353 s3-param: Rename loadparm_s3_context -> loadparm_s3_helpers 
This helps clarify the role of this structure and wrapper function.

The purpose here is to provide helper functions to the lib/param
loadparm_context that point back at the s3 lp_ functions.  This allows
a struct loadparm_context to be passed to any point in the code, and
always refer to the correct loadparm system.  If this has not been
set, the variables loaded in the lib/param code will be returned.

As requested by Michael Adam.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 27 17:11:16 CEST 2012 on sn-devel-104
 2012-06-27 17:11:16 +02:00
Volker Lendecke
5df1fda0f5 s3: Restore async i/o with the "native" AIO interface 
eff3609 moved the async signal handler initialization to later in the process
to enable aio_fork and aio_pthread on platforms without realtime signals. This
commit broke the use of the native aio interface. aio_pending_size is
initialized to 0, so aio.c will not allow async i/0 at all if modules do not
set that variable correctly. Initialize to 100 right from the start.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jun 26 14:08:22 CEST 2012 on sn-devel-104
 2012-06-26 14:08:22 +02:00
Stefan Metzmacher
93399c1ec3 s3:smbXsrv_tcon: pass max_tcons explicitly for smbXsrv_tcon_table_init() 
metze
 2012-06-26 12:18:03 +02:00
Stefan Metzmacher
9c36781580 s3:smbXsrv_session: pass max_sessions explicitly for smbXsrv_session_table_init() 
metze
 2012-06-26 12:17:33 +02:00
Stefan Metzmacher
45cd2bc2b3 s3:smb2_sesssetup: make use of smb2srv_session_close_previous_send/recv 
metze
 2012-06-25 20:55:07 +02:00
Stefan Metzmacher
299b63f875 s3:smbXsrv_session: react on MSG_SMBXSRV_SESSION_CLOSE 
metze
 2012-06-25 20:55:07 +02:00
Stefan Metzmacher
8acf6c90bd s3:smbXsrv_session: add smb2srv_session_close_previous_send/recv 
metze
 2012-06-25 20:55:07 +02:00
Stefan Metzmacher
ed75069460 s3:smb2_sesssetup: inline gensec_session_info() call 
metze
 2012-06-25 20:55:07 +02:00
Stefan Metzmacher
1b8bcaeda3 s3:smb2_sesssetup: make use of gensec_update_send/recv 
metze
 2012-06-25 20:55:07 +02:00
Stefan Metzmacher
f32e99a0fc s3:smb2_sesssetup: inline most of smbd_smb2_session_setup() 
metze
 2012-06-25 20:55:07 +02:00
Stefan Metzmacher
e77000259c s3:smbd/sesssetup: implement dynamic re-authentication and expire session if client supports it 
metze
 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
d2e1058f42 s3:smb2_sesssetup: implement dynamic re-authentication and expire sessions 
metze
 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
9854ed6d01 s3:smbd: remove now unused invalidate_all_vuids() 
Pair-Programmed-With: Michael Adam <obnox@samba.org>

metze
 2012-06-25 20:55:06 +02:00
Michael Adam
77d1173aa2 s3:smbd: remove now unused conn_close_all() 
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
 2012-06-25 20:55:06 +02:00
Michael Adam
d693ff54db s3:smbd: use smbXsrv_session_logoff_all() and smb1srv_tcon_disconnect_all() in exit_server_common() 
This removes the use of conn_close_all() and invalidate_all_vuids()

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
a129e271b5 s3:smbd: make use of smbXsrv_session for smb1 
Pair-Programmed-With: Michael Adam <obnox@samba.org>

metze
 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
faa8edccef s3:smbd: make use of smbXsrv_tcon for smb1 
Pair-Programmed-With: Michael Adam <obnox@samba.org>

metze
 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
463b308f16 s3:smbd: make use of smbXsrv_tcon and smbXsrv_session for smb2 
The removes the protocol specific smbd_smb2_session and
smbd_smb2_tcon.

Pair-Programmed-With: Michael Adam <obnox@samba.org>

metze
 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
ef408e5068 s3:smb2_sesssetup: add support for SMB 2.24/3.00 signing 
metze
 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
02d206ee64 s3:smb2_sesssetup: make use of the smbXsrv_session infrastructure 
We still have smbd_smb2_session as primary structure,
but that will went away once we got rid of smbd_smb2_tcon.

metze
 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
1fffd35692 s3:smbXsrv_session: init and disconnect smbXsrv_tcon for SMB2/3 
metze
 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
c36bd677f3 s3:smbd: add smbXsrv_tcon infrastructure 
Pair-Programmed-With: Michael Adam <obnox@samba.org>

metze
 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
f3dce4cc95 sq smbXsrv_session_global_store no connection 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
85f8c14f30 s3:smbd: add smbXsrv_session infrastructure 
Pair-Programmed-With: Michael Adam <obnox@samba.org>

metze
 2012-06-25 20:55:06 +02:00
Stefan Metzmacher
130436f2fc s3:smbd: add smbXsrv_version_* infrastructure 
metze
 2012-06-25 20:55:05 +02:00
Volker Lendecke
754b925ccd s3: Fix a typo 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jun 25 17:13:59 CEST 2012 on sn-devel-104
 2012-06-25 17:13:59 +02:00
Stefan Metzmacher
b40fa94360 s3:smbd: fix warning in smbd_tevent_trace_callback() without profile support 
metze
 2012-06-22 12:56:47 +02:00
Jeremy Allison
dd763d6d8e Fix bug #8974 - Kernel oplocks are broken when uid(file) != uid(process). 
Based on a fix from "Etienne Dechamps " <e-t172@akegroup.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 21 21:53:58 CEST 2012 on sn-devel-104
 2012-06-21 21:53:58 +02:00
Andrew Bartlett
33ff033204 s4-provision: Give better clues on what Samba needs for s3fs ACL support 
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 21 14:07:55 CEST 2012 on sn-devel-104
 2012-06-21 14:07:55 +02:00
Michael Adam
73b200064f s3:util: rename procid_equal() to serverid_equal() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-06-21 08:27:32 +02:00
Volker Lendecke
53cfde7204 s3: Remove a user of procid_is_me 
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2012-06-21 08:27:30 +02:00
Stefan Metzmacher
cd260391fa s3:smbd: fix the build with the --with-profiling-data option 
metze
 2012-06-20 12:58:58 +02:00
Jeremy Allison
818fd7e917 Remove unused code now we set the correct command codes. 2012-06-19 10:27:24 -07:00
Jeremy Allison
6cef2a613c Fix warning: variable ‘in_start_time’ set but not used. 2012-06-19 10:27:23 -07:00
Rusty Russell
6244f668a3 TDB2: make SAMBA use tdb1 again for the moment. 
Otherwise the following surgery will break the SAMBA build and testsuite.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
 2012-06-19 05:38:05 +02:00
Jeremy Allison
bbb7cbfb7c Same fix as bug 8989 - Samba 3.5.x (and probably all other versions of Samba) does not send correct responses to NT Transact Secondary when no data and no params 
for the Trans2 calls. See MS-CIFS 2.2.4.47.2 for details.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 16 07:59:19 CEST 2012 on sn-devel-104
 2012-06-16 07:59:19 +02:00
Jeremy Allison
816c40cb0d Fix Bug 8989 - Samba 3.5.x (and probably all other versions of Samba) does not send correct responses to NT Transact Secondary when no data and no params 
Found by Richard Sharpe <realrichardsharpe@gmail.com>. The correct
command code in a reply to NT Transact Secondary (0xa1) is
NT Transact (0xa0).
 2012-06-15 21:10:37 -07:00
Volker Lendecke
985dbedf27 s3: Slightly simplify grant_fsp_oplock_type 
The "else" is not necessary, we did a return in the if-branch

Signed-off-by: Jeremy Allison <jra@samba.org>
 2012-06-15 21:07:55 -07:00
Stefan Metzmacher
8cca7b09ad s3:smb2_server: remember the request_time on an incoming request 
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jun 15 09:17:33 CEST 2012 on sn-devel-104
 2012-06-15 09:17:32 +02:00
Stefan Metzmacher
d8b3687fcb s3:smbd: remember the request_time on an incoming request 
metze
 2012-06-15 07:18:00 +02:00
Michael Adam
b27f88898a s3:vfs: change files_struct.fnum from int to uint64_t 
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jun 15 05:22:41 CEST 2012 on sn-devel-104
 2012-06-15 05:22:41 +02:00