IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We should get this from the packet itself.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
The 4 bytes of padding are always present and part of the header.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
They're always supported and using gensec_want_feature() on them would require
them in future.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
We need to calculate the signature length based on the negotiated
flags. This is most important on the server side where,
gss_accept_sec_context() doesn't get gss_want_flags, but fills
gss_got_flags.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Fixes CID 242325 - dir state and the talloc frame are leaked on
user_auth_info_init() failure.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 26 00:58:41 CEST 2016 on sn-devel-144
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jim McDonough <jmcd@samba.org>
Autobuild-User(master): Jim McDonough <jmcd@samba.org>
Autobuild-Date(master): Tue Oct 25 21:10:37 CEST 2016 on sn-devel-144
This fixes a regression introduced by commit
f98d10af2a
(smbd: Always use UCF_PREP_CREATEFILE for filename_convert calls to resolve a path for open)
The main problem was that Windows client seem to verify
the access to user.V2\ntuser.ini is rejected with NT_STATUS_ACCESS_DENIED,
using the machine credentials.
Passing UCF_PREP_CREATEFILE to filename_convert() triggers a code path
that implements a dropbox behaviour. A dropbox is a directory with only -wx permissions,
so get_real_filename fails with EACCESS, it needs to list the directory.
EACCESS is ignored with UCF_PREP_CREATEFILE.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10297
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 25 05:33:36 CEST 2016 on sn-devel-144
When mapping user and domain during NTLM authentication, an empty domain
is mapped to the local SAM db. However, an empty domain may legitimately
be used if the user field has both user and domain in upn@realm format.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12375
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
When doing NTLM validation of credentials, do not modify the
credentials - they might be used in the calculation of
the response.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12375
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
conn->cwd can change over the life of the connection,
conn->connectpath remains static.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12387
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Mon Oct 24 23:52:48 CEST 2016 on sn-devel-144
This makes us independent of the allocation
method used inside glfs_realpath.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct 22 00:28:41 CEST 2016 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12384
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 21 04:48:52 CEST 2016 on sn-devel-144
By the time we get to SMB_VFS_UNLINK/SMB_VFS_RMDIR the ACL
checks have already been done.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12384
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Otherwise the following patch breaks vfstest stream-depot test.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12384
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
There's tons of those, but you have to start somewhere :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Analysis by: Rebecca Gellman <rebecca@starfleet-net.co.uk>
Ignore cldap_socket_init() failure when sending
multiple cldap netlogon requests. Allow cldap_netlogon_send()
to catch the bad address and correctly return through a
tevent subreq.
Make sure cldap_search_send() copes with cldap parameter == NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12381
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 18 02:16:20 CEST 2016 on sn-devel-144
Yes, there is one.... I've seen two flaky builds on sn-devel with
pthreadpool after the coverity checks went in. They were in the
ret = pthread_mutex_unlock(&pool->mutex);
assert(ret == 0);
in pthreadpool_parent() and pthreadpool_child(). No idea what that was,
I could not really reproduce that. A build attempt on FreeBSD also gave
an erratic error, this time it was an EINVAL in
ret = pthread_mutex_lock(&pool->mutex);
assert(ret == 0);
pthreadpool_parent(). EINVAL means that the mutex is not a proper
mutex. What happened: Someone (a detached thread) does the
pthreadpool_free behind our back, while we are in pthreadpool_parent,
preparing the fork. Unfortunately the mutex was already destroyed before
we came to lock it.
The fix is simple: Remove the obsolete struct pthreadpool from the
linked list before the mutex is destroyed.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The patchset `git log -2 3031815f982e365be50148564d47d7d5afab46e0`
missed a change to vfs_gpfs_is_offline() which is now merely a helper
function that returns true or false and mustn't call into the VFS.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Oct 17 21:28:12 CEST 2016 on sn-devel-144
Coverity ID 1373624 says we have a deadlock between pthreadpool_prepare and
pthreadpool_destroy. Coverity somehow misses that pthreadpool_free unlocks
pool->mutex, so I think this is a false positive. Nevertheless this re-arranges
the code a bit for more clarity, hoping that Coverity now can better track the
locks and unlocks. Also, the human reader might have to jump between routines a
bit less.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is an incomplete playground to add a fuse client based on
the Samba-internal libsmb interfaces.
There's a few fuse smb clients out there, but they all suffer from
Samba not exporting the async internal libsmb interfaces.
We don't export those with an API, because we believe we need the ability
to mess with those interfaces. This is an attempt to create a fully
asynchronous user-space fuse client file system that might make it
easier to mess with fancy SMB features than it would be possible in
a kernel client.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
glusterfs:volfile_server option can be used in smb.conf to define where
to fetch the volfile from. Currently it supports only a single IP or a
hostname. The default is 'localhost'.
glfs_set_volfile_server() has been enhanced in gfapi to support
multiple invocations. A list is maintained in libgfapi which gets
appended on every invocation. When glfs_init is performed, libgfapi
would first try to fetch the volfile from glusterd on that node.
However, on failure to fetch the volfile, it would proceed to contact
glusterd on every node in the list until it gets the volfile or
exhausts the list. This enhacement was done in Gluster commit [2].
This commit is available in 3.6, 3.7, 3.8 versions of Gluster.
As we cannot have multiple lines having the same key of
glusterfs:volfile_server in a share definition in smb.conf, we propose
a scheme like this:
where value of glusterfs:volfile_server could be list of white space seperated
elements where each element could be unix+/path/to/socket/file or
[tcp+]IP|hostname|\[IPv6\][:port].
Note the restriction on naming a IPv6 host, it follows the same
restriction that is based on IPv6 naming in URL as per RFC 2732[1].
[1] http://www.ietf.org/rfc/rfc2732.txt
[2] 0c1d78f5c52c69268ec3a1d8d5fcb1a1bf15f243
Signed-off-by: Raghavendra Talur <rtalur@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Oct 14 17:09:24 CEST 2016 on sn-devel-144
This is described in
https://msdn.microsoft.com/en-us/library/cc232053.aspx
which is section 2.3.67 in the FSCC version available 2016-10-13.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 14 05:31:07 CEST 2016 on sn-devel-144
Signed-off-by: Trever L. Adams <trever.adams@gmail.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 13 04:26:26 CEST 2016 on sn-devel-144
Most callers just set "KRB5CCNAME", but leave ads->auth.ccache_name = NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12369
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 13 00:35:21 CEST 2016 on sn-devel-144
Most callers just set "KRB5CCNAME", but leave ads->auth.ccache_name = NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12369
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
We should not overload "p", this is used in the outer loop
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12276
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 11 23:59:18 CEST 2016 on sn-devel-144
domain->methods is always set to cache_methods; call those functions
directly instead of going through the indirection.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is in preparation for calling these directly instead of the
domain->methods indirection.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The previous commit removed all callers of this, so lets remove it.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Oct 11 14:44:03 CEST 2016 on sn-devel-144
