IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This is in preparation of connection passing for multichannel where we
have to set seq_low to the mid of the passed negprot.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
ad_pack() in vfs_fruit.c returns false on failure and 0 on success -
i.e. return value is interpreted as success even when it fails.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Tue Oct 6 16:14:42 CEST 2015 on sn-devel-104
At the same time, avoid chmod in favor of fchmod
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Oct 6 13:12:48 CEST 2015 on sn-devel-104
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct 3 03:04:39 CEST 2015 on sn-devel-104
I can just assume this is a bad hack for a condition that should have been
fixed in a different way. Today we pretty much expect a messaging_context to be
properly initialized everywhere, and this includes a ctdb connection.
If something later fails due to this commit, we need to do a
messaging_init before the offending call
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We also verified that we cannot simply remove the prompter as several older
versions of Heimdal would crash.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Oct 2 07:29:43 CEST 2015 on sn-devel-104
Thanks to "L.P.H. van Belle" <belle@bazuin.nl>
for help in reproducing the issue.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11038
From the bug report:
"With e551cdb37d re-applied the problem is gone with
and without kerberos. Moreover, if correctly configured,
sshd requests you to change your password at logon time,
which then succeeds.
The problem why I had this reverted was because I had not
gone through the pain to correctly configure all the PAM
services (in particular the "account" section), leading
to sshd letting the user in when the password had to be
changed."
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit e551cdb37d)
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 2 00:16:29 CEST 2015 on sn-devel-104
Ensure dirpath can never be NULL.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11535
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Oct 1 08:58:36 CEST 2015 on sn-devel-104
Some error code paths may result in dirpath being NULL.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11535
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11053
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Oct 1 05:55:42 CEST 2015 on sn-devel-104
The only reason for this complex monster was an overload of ctdbd.
When opening files, we unconditionally checked all share modes for
validity. This meant thousands of serverid_exists calls per second
for popular directories. This has long gone, now we only check for
validity if a conflict happens.
The only remaining caller is net serverid wipedbs, an administrative
command. If that loads ctdbd, so be it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is a relevant change: I was experimenting with
server_id_db_set_exclusive() in "net" and got failures all over the
place. The main reason was that "net" by default does not do a
serverid_register. With messaging_dgm we have the process' unique
id available via the lockfile contents. Using open/read/close is a
bit slower than local tdb access, but this version is safe for all
processes which have done messaging_init()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
If there's another process around there will typically be at most
one process. So there is no real need to run the plural version of
serverid_exists.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
To be able to read, we need to open the lockfile O_RDWR instead of O_WRONLY
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
These changes enable the default installation prefix settings to
take effect in both Waf 1.5 and 1.8 with no additional code changes.
Signed-off-by: Thomas Nagy <tnagy@waf.io>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Fix a crash that happens when executing "net ads keytab create"
and the machine account in AD does not have setvice principal names
attached to it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11528
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Found by Max of LoadDynamix <adx.forum@gmail.com>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11486
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This happens on every store to locking.tdb for example, so we should
make it cheap.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Sep 22 07:50:58 CEST 2015 on sn-devel-104
It took a bit for me to figure out what the rec_key parameter to
dbwrap_record_watchers_key does. I think it's simpler to parse the watcher key
in dbwrap_record_watch_recv to retrieve the watched record key than to store it
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This is for forward compatibility with waf 1.8. All other tests
use CHECK_CFG, but check_cfg was re-introduced for some reason.
Signed-off-by: Thomas Nagy <tnagy@waf.io>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Regression test for:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11522
Remember to remove the ARCHIVE attribute from the toplevel
share when done (can only be done over SMB2+).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Sep 18 11:00:44 CEST 2015 on sn-devel-104
setmode <file> attribute is a valid smbclient command even if libarchive
isn't on the system and tarmode isn't compiled in.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
In Samba 4.2, we used lock_path("msg") (with 0700) for the socket directory,
while we use lock_path("msg") (with 0755) for the lock file directory.
This generates a conflict that prevents samba, smbd, nmbd and winbindd
from starting after an upgrade.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11515
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11509
Signed-off-by: Har Gagan Sahai <SHarGagan@novell.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@wakeful.net>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 11 06:39:19 CEST 2015 on sn-devel-104
This allows to create more than one channel.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Sep 10 21:33:47 CEST 2015 on sn-devel-104
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Only put session_info to the session->global context if we use it.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Make the items nicely aligned again and do not exceed 80 columns.
A few typos are fixed along the way.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
If called with this option, 'net ads join' will not attempt
to perform dns updates.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Sep 9 21:33:49 CEST 2015 on sn-devel-104
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Sep 9 13:12:43 CEST 2015 on sn-devel-104
In all other "goto fail;" paths we had already dereferenced fsp,
so the if-statement checking for fsp!=NULL was unnecessary. This
fix gives us an additional error message in case check_aapl fails.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Sep 8 13:47:01 CEST 2015 on sn-devel-104
Asks gpfs as long as a file is offline. Once it was reported online once,
we'll not ask anymore. This assumes that while we have a file open it
won't be migrated away. This might not *always* be true, but probably
close enough. And as long as we don't have a proper notification mechanism
and as long as polling is too expensive, this seems like a good strategy.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Sat Sep 5 01:50:09 CEST 2015 on sn-devel-104
Cached logon doesn't mean the ticket is bad, wait until we go
online again to determine that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11198
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 4 01:35:16 CEST 2015 on sn-devel-104
0 byte resource fork streams are not listed by vfs_streaminfo, as a
result stream cleanup/deletion of file deletion doesn't remove the
resourcefork stream.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11467
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Opening the resource fork stream with O_CREAT mustn't create a visible
node in the filesystem, only create a file handle. As long as the
creator didn't write into the stream, other openers withour O_CREAT
MUST get an ENOENT error. This is way OS X SMB server implements it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11467
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This reverts commit e551cdb37d.
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Sep 1 20:47:50 CEST 2015 on sn-devel-104
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10770
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Sep 1 03:33:13 CEST 2015 on sn-devel-104
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11444
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Aug 31 15:50:49 CEST 2015 on sn-devel-104
notify_ctx will be NULL when "change notify = no" is set in smb.conf.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11444
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11472
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 29 07:05:10 CEST 2015 on sn-devel-104
Thanks to "L.P.H. van Belle" <belle@bazuin.nl>
for help in reproducing the issue.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11038
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 28 22:03:31 CEST 2015 on sn-devel-104
This fixes the build on ubuntu 14.04, which failed like this:
[2852/3952] Compiling source3/smbd/smb2_create.c
../source3/smbd/smb2_create.c: In function ‘smbd_smb2_create_send’:
../source3/smbd/smb2_create.c:678:28: error: variable ‘svhdx’ set but not used [-Werror=unused-but-set-variable]
struct smb2_create_blob *svhdx = NULL;
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Also handle a review comment by Metze.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 28 03:19:36 CEST 2015 on sn-devel-104
This should be an implementation detail in lib/crypto/aes.h.
In future we may add support for other implementations.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We marshall into a binary buffer, uint8_t better reflects that.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 27 00:40:58 CEST 2015 on sn-devel-104
sid_parse takes a binary blob, uint8_t reflects this a bit
better than char * does
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This fixes a problem where is_myname() returns true if one of our names
is a substring of the specified name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11427
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This obsoletes the domain name in the xid2sid calls
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
So far we have initialized idmap domains on demand indexed by name.
For sid2xid this works okay, because we could do lookupsids before
and thus get the name. For xid2sid this is more problematic. We
have to rely on enumtrustdoms to work completely, and we have to
look at the list of winbind domains in the parent to get the domain
name. Relying on domain->have_idmap_config is not particularly nice.
This patch re-works initialization of idmap domains by scanning all
parametric parameters, scanning for :backend configuration settings.
This way we get a complete list of :range definitions. This means
we can rely on the idmap domain array to be complete. This in turn
means we can live without the domain name to find a domain, we can
do a range search by uid or gid.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Just moving code, idmap_init will need to reference the variables
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
This routine takes a regex and goes through all parametric parameters
in [global], matching the regex. It can easily be extended to also
look at shares, but right now it will only be used to list all idmap
config domain names.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
We call make_server_info(NULL) and it is possible that we do not free
it, because server_info is not allocated on the memory context we pass
to the function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
We set nt_username above but do not use it in this function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11459
Signed-off-by: Robin Hack <hack.robin@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 21 07:17:35 CEST 2015 on sn-devel-104
'!module' disables a non-required module for a static/shared build.
'!DEFAULT' disables all modules defaulting to a static/shared build.
'!FORCED' disables all (non-required) modules forced to a static/shared build.
'ALL' switches the default for all non forced modules from static to shared
or from shared to static.
The most specific specification wins
e.g.
--with-static-modules='!FORCED,!DEFAULT' --with-shared-modules='!FORCED,!DEFAULT' will only
build modules which are required for the compilation. Might be useful
if someone only wants to use client utils.
--with-static-modules=ALL will build all modules statically linked.
--with-static-modules='!DEFAULT,ALL' --with-shared-modules='!DEFAULT,ALL'
might be useful for testing, it reverses the default build for all modules
which can be build shared or static.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The init functions of all static modules should be ignored.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
When idmap_tdb is build as shared module we need to allow undefined symbols
which callback into winbindd code.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
"goto out;" is sufficient before
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug 20 15:52:20 CEST 2015 on sn-devel-104
The "mode = " from a very casual view looked as if it was part of the
if-condition
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Callgrind showed that we use 28,165,720,719 cpu cycles to send
a 100MB file to a client using aes-ccm.
With aes-gcm this is raises up to 723,094,413,831 cpu cycles.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
In case of timeouts we retry the async_connect_send() and forgot
to remember it, this results in an abort() in async_connect_cleanup()
as the fd is already closed when calling fcntl(F_SETFL).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
It is kindof unexpected that we get params for something else but
"nfs4:"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug 13 17:45:31 CEST 2015 on sn-devel-104
We don't need the nt_ace_list beyond this function, make_sec_acl makes
a copy and make_sec_desc makes another one
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
With the anonymous struct SMB4ACE_T we can rely on the compiler
to warn us
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
With the anonymous struct SMB4ACL_T we can rely on the compiler
to warn us
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
We can make the _INT_ structure now be the representation of the
published anonymous struct
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
We can make the _INT_ structure now be the representation of the
published anonymous struct
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
-typedef struct _SMB4ACE_T {char dontuse;} SMB4ACE_T;
+struct SMB4ACE_T;
Same as for ACL_T
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
The relevant change:
-typedef struct _SMB4ACL_T {char dontuse;} SMB4ACL_T;
+struct SMB4ACL_T;
We can use anonymous structs to prevent direct use. This patch will
trigger a set of simplifications in the next patches
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
With vfs_fruit option "fruit:encoding = native" we're already converting
stream names that contain illegal NTFS characters from their on-the-wire
Unicode Private Range encoding to their native ASCII representation.
Unfortunately the reverse mapping for stream names was not perfomed.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11278
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
With vfs_fruit option "fruit:encoding = native" we're already converting
stream names that contain illegal NTFS characters from their on-the-wire
Unicode Private Range encoding to their native ASCII representation.
As as result the name of xattrs storing the streams (via
vfs_streams_xattr) may contain a colon, so we have to use strrchr_m()
instead of strchr_m() for matching the stream type suffix.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11278
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Aug 7 01:31:23 CEST 2015 on sn-devel-104
This can be useful for narrowing down problems without taking a full
level 10 trace.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11426
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Aug 4 16:48:36 CEST 2015 on sn-devel-104
This is useful for debugging overwritten machine accounts, e.g. a
second machine is joined to a domain with the same name as the
first one.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Move the special stuff of the hand-written lp_cups_encrypt()
function into a handler that is called once at load time.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is achieved by moving the special treatment from
the lp_smb2_max_credits() function in the the special
handler that is called only once upon lp_load().
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
If the query return status is not OK, the query answer pointer could
be uninitialised.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
They are now taken from the pending_auth member (smbXsrv_session_auth0).
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jul 31 01:03:13 CEST 2015 on sn-devel-104
This contains various auth related items for a session,
in particular preauth. This is in preparation to take
the direct member preauth from smbXsrv_session and have
all session auth code operate on session->pending_auth
instead of session->preauth and friends.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11320
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 30 00:36:14 CEST 2015 on sn-devel-104
For session bind, and the channel is only to be bound to the given
session just now, so it is not valid. The early request validation
code can hence not check it, and hence validation is defered to the
actual session setup code, which can look at the session binding flags.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Jul 29 21:31:09 CEST 2015 on sn-devel-104
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This is a variant of smb2srv_session_lookup_conn() that does
not verify the session on the channel.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This is in preparation of adding a variant that operates
on the client and does in particular not verify that the
connection belongs to a session as a channel.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This way, we can verify that the session is valid on a channel.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This way, we can verify that a session is valid on the channel.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Somewhere along the line, a config line like "valid users = @foo"
broke when "foo" also exists as a user.
user_ok_token() already does the right thing by adding the LOOKUP_NAME_GROUP
flag; but lookup_name() was not respecting that flag, and went ahead and looked
for users anyway.
Regression test to follow.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11320
Signed-off-by: Justin Maggard <jmaggard@netgear.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 28 21:35:58 CEST 2015 on sn-devel-104
On i386, unsigned long long is 64 bit while the pointer is 32, and
this fails under autobuild with -WError.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 21 05:14:20 CEST 2015 on sn-devel-104
The new default is to disable SSLv3, as this is no longer considered
secure after CVE-2014-3566. Newer GnuTLS versions already disable SSLv3.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
This adds a new option to the smb.conf to allow administrators to disable
TLS protocols in GnuTLS without changing the code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11076
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jul 17 22:09:34 CEST 2015 on sn-devel-104
If we have a broken system which reports incorrect sizes we provide the
'dfree command'. This command makes sure Samba gets the correct values.
However after that we call the quota command which then reports the
broken values. The dfree command should take care to provide the correct
values and in case of quota's it should also calculate the quote
correctly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11403
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
We should not leave this uninitialized.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jul 17 19:06:08 CEST 2015 on sn-devel-104
The input value of count is ignored by the server,
but we should not send an uninitialized value.
Found by valgrind.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11404
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jul 17 14:04:01 CEST 2015 on sn-devel-104
config.h may have some flags which affect glibc behavior, e.g.
_FILE_OFFSET_BITS=64. To make sure these flags have the desired
effect, config.h must be included before any glibc header files.
This commit does not fix a specific known bug. It changes the code to
comply with coding conventions.
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: "Stefan Metzmacher" <metze@samba.org>
config.h may have some flags which affect glibc behavior, e.g.
_FILE_OFFSET_BITS=64. To make sure these flags have the desired
effect, config.h must be included before any glibc header files.
This commit does not fix a specific known bug. It changes the code to
comply with coding conventions.
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: "Stefan Metzmacher" <metze@samba.org>
This patch sets dns_lookup_realm=false in samba-generated krb5.conf.
Disabling dns_lookup_realm in krb5.conf is the recommended practice for
Kerberos usage in Active Directory environment. dns_lookup_realm is enabled
by default, at least in Heimdal.
When used by samba, Kerberos libraries operate based on either the system
krb5.conf, or a private krb5.conf generated specifically for the domain by
samba code. In the former case, it's the responsibility of the administrator
to set dns_lookup_realm=false. In the latter case, it's the responsibility
of samba - which is what this patch does.
In many usage scenarios the value of this variable is of no consequence
since samba knows the realm in which it is operating, and knows how to
generate service principal names. However, there are some scenarios
in which samba calls kerberos_get_principal_from_service_hostname(),
and here samba consults the Kerberos libraries and this parameter comes
into play. One primary example is cli_full_connection() function.
Not setting dns_lookup_realm leads to a series of DNS TXT record lookups.
This can be observed by running "net ads join -k -U <user>".
In AD environments, the TXT queries typically fail quickly, but test setups
or misconfigured DNS may lead to large timeouts (for example, if the domain
is dept.example.com but there's no parent example.com domain and no DNS
zones for example.com). At the very least we want to avoid those lookups
because they are hardly documented and lead to confusion.
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Logging at level 0 may result in log flooding. Additionally log the
share name that failed in SMB_VFS_CONNECT.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Jul 16 20:24:47 CEST 2015 on sn-devel-104
Counting on the client list being sorted by last access time,
the list scan for removing timed-out clients is shortened - once
the list is scanned oldest to newest, and once a non-timed-out
client is found, the scan can stop.
Also, finding the oldest idle client for removing an idle client
is simplified - oldest idle client is last idle client.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 16 01:45:20 CEST 2015 on sn-devel-104
Keep client list sorted by last access time, newest
to oldest.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Add some routines that support keeping the client list sorted
(by last access time) and traversing the list from oldest to
newest
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Periodically scan winbind client list and close connections
in which either the client is idle, or the request is taking
too long to complete.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
A recent change was to remove a client if the client socket
has become readable. In this change, a check is added to
determine the source of the readbility (actual readability,
closed connection, or some other error), and a suitable
debug message is printed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Add an option to wait_for_read_send(), so that the request, upon
calling back, report whether the socket actually contains data
or is in EOF/error state. EOF is signalled via the EPIPE error.
This is useful for clients which do not expect data to arrive but
wait for readability to detect a closed socket (i.e. they do not
intend to actually read the socket when it's readable). Actual data
arrival would indicate a bug in this case, so the check can
be used to print an error message.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This patch allows for early cleanup of client connections if the client
has given up.
Before this patch, any received request would be processed, and then only
upon transmitting the result to the client would winbindd find out the
client is no longer with us, possibly leading to a situation where the
same client tries over and over and increases the number of client
connections.
This patch monitors the client socket for readability while the request
is being processed, and closes the client connection if the socket
becomes readable. The client is not supposed to be writing anything to
the socket while it is waiting, so readability means either that the client
has closed the connection, or that it has broken the protocol.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Set the winbindd process file descriptor limit according to
the values that affect it in the configuration:
- Maximum number of clients
- Number of outgoing connections per domain
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
We check for dir == NULL but dereference it during variable declaration.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jul 14 16:10:44 CEST 2015 on sn-devel-104
This will allow an early return from ctdbd_msg_call_back so that we can also
handle CTDB_SRVID_RELEASE_IP via register_with_ctdbd.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
"z" is only for size_t, here we have off_t
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 13 11:53:47 CEST 2015 on sn-devel-104
Result: better seeded random numbers that are cryptographically secure
(not that it matters in this case)
Please let it be right this time...
Signed-off-by: Robin McCorkell <rmccorkell@karoshi.org.uk>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Reviewed-by: Jeremy Allison <jra@samba.org>
elem was dereferenced already a few lines above
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jul 10 01:01:36 CEST 2015 on sn-devel-104
Quoting the full message:
Potentially overflowing expression "total_octets * 8U" with type "unsigned int"
(32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a
context that expects an expression of type "uint64_t" (64 bits, unsigned).
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Logging the returned mode bits should be only "informational" (level 5).
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 9 15:36:30 CEST 2015 on sn-devel-104
"Informational" is a better description for this message; change the log
level accordingly (level 5).
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The interesting information is already logged later; having an
additional message when entering the function should be only done as
debug message (level 10).
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The dsgetdcname() function is able to try just DNS lookup, just NetBIOS,
or start with DNS and fall back to NetBIOS. For "net ads join", we know
most of the time whether the name of the domain we're joining is a DNS
name or a NetBIOS name. In that case, it makes no sense to try both lookup
methods, especially that DNS may fail and we want to fall back from site-aware
DNS lookup to site-less DNS lookup, with no NetBIOS lookup in between.
This change lets "net ads join" tell libnet what is the type of the domain
name, if it is known.
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Reviewed-by: Jeremy Allison <jra@samba.org>
This allows the netlogon server to forward netr_DrsGetForestTrustInformation()
to winbindd in order to do the work.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We use in internal connection to our local LSA server
in order to update the local msDS-TrustForestTrustInfo attribute.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This will be used by the netr_DrsGetForestTrustInformation()
in order to contact remote domains via winbindd.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This can be called by the netlogon server to pass netr_LogonControl*()
to a winbindd child process in order to do the real work.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This implements NETLOGON_CONTROL_{REDISCOVER,TC_QUERY,TC_VERIFY,CHANGE_PASSWORD}.
These are triggered by the netlogon server (currently only as AD DC) via IRPC.
While NETLOGON_CONTROL_REDISCOVER ignores an optional '\dcname' at the end of
the specified domain name for now.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This will be used by the netr_LogonControl()
in order to contact remote domains via winbindd.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
dsdb_trust_search_tdo() is almost the same as sam_get_results_trust(),
so we can remove sam_get_results_trust() later.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Jul 8 11:54:24 CEST 2015 on sn-devel-104
GPFS 3.5 is now the oldest support version. Cleanup the ACL code by
using the defines and structs from the 3.5 header file.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This was only used in notify_internal.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 8 02:53:33 CEST 2015 on sn-devel-104
This used to be a tdb traverse wrapper. Now we get the notify db from
notifyd via messages.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The database format notifyd is "private" to it. This makes it
possible for smbcontrol and others to query notifyd's database with
MSG_SMB_NOTIFY_GET_DB and inspect it without having to know exactly what
format it uses.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
For the moment, this removes smbstatus -N output. It will come back with
the next commits.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
For this we need the kernel change notify stuff to be global: There's only one
notifyd and we have to pass over the kernel change notify watch function
Signed-off-by: Volker Lendecke <vl@samba.org>
This adds the notify daemon listening on MSG_SMB_NOTIFY_REC_CHANGE
and MSG_SMB_NOTIFY_TRIGGER messages. It relies on ctdbd to distribute
the notify database and events in a cluster.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
notifyd won't have the VFS around, it is a systemwide daemon without
a connection to specific shares. To continue FAM support, notifyd
needs to be able to link it directly. This adds code to make fam
equivalent to inotify.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
With a central notifyd, we can't do this per share anymore. Notifyd will
only look at absolute paths, not shares.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
With a central notifyd, we can't do this per share anymore. Notifyd will
only look at absolute paths, not shares.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is used for server names where only one instance can exist.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Add a lexer and parser for translating Spotlight query strings to
SPARQL.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Implement all Spotlight RPC commands with the Tracker SPARQL async query
API.
Tracker uses glib for implemeting async tasks, we thus have to use a
glib mainloop for processing sheduled tasks in threads.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Add mappings for metadata attribute between Spotlight and NEPOMUK for
use with Tracker.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Add code for marshalling and unmarshalling Spotlight RPC blobs
from/into a dalloc object store.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
dalloc is a hack with a bizarre API, but it does its job: it's a
simple object store that allows for storing simple and complex data
types.
We'll use it for storing Spotlight query data.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Per share option: it reflects whether a share is indexed by Tracker or
not. The global switch that controls whether Spotlight is enabled or
not, are the mdsvc RPC switches.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
'mdssvc' aka 'Metadata Search Service' is an RPC service used by Apple
for passing marshalled Spotlight search queries and results between
client to server.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
configure check with pkg-config for libtracker-sparql, default is
disabled.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Don't enforce it but only announce DATA_ENCRYPT,
making use of encryption_desired in tcon.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Don't enforce it but only announce ENCRYPT_DATA, using the
encryption_desired flag in session setup.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
this means we:
- accept unencrypted requests if encryption only desired
and not required,
- but we always send encrypted responses in the desired
case, not only when the request was encrypted.
For this purpose, the do_encryption in the request
structure is separated into was_encrypted and do_encryption.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This is to indicate that we should sen the ENCRYPT_DATA
flag on session or tcon replies.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
We should not call memcpy if the offset is exactly AFP_INFO_SIZE
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jul 7 14:04:39 CEST 2015 on sn-devel-104
In a cluster setup, running sharesec -D results in an empty record that
triggers this message. The situation is correctly handled in the code
(unmarshall_sec_desc fails and sharesec uses the default), so simply
remove the message in this case.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
fruit_pread doesn't check the offset and length parameters and instead
always writes 60 bytes, the size of the AFP_AfpInfo blob, to the the
passed buffer. If the passed in buffer is smaller, we overwrite
something somewhere.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11363
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
We should not flood the logs (and syslog) with fallback warnings.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jul 2 14:41:31 CEST 2015 on sn-devel-104
Use a dynamically allocated copy_chunk buffer size with an upper bound
of 8 MB for now.
The previous size of 64 KB has proven to really hurt performance,
especially with "strict locking = yes".
The SMB2 protocol level maximum allowed copy_chunk size is 1 MB, that's
what will be used as buffer size in the typical case.
With the AAPL copyfile extension the requested copy_chunk size is the
size whole file, which would then make use of a larger buffer up to the
limit of 8 MB.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
