IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This fixes a bug when using encrypted transport and DFS links. Found
by my basic DFS torture test, which I'll check in next. Testing *rocks* :-).
Jeremy.
This patch introduces
struct stat_ex {
dev_t st_ex_dev;
ino_t st_ex_ino;
mode_t st_ex_mode;
nlink_t st_ex_nlink;
uid_t st_ex_uid;
gid_t st_ex_gid;
dev_t st_ex_rdev;
off_t st_ex_size;
struct timespec st_ex_atime;
struct timespec st_ex_mtime;
struct timespec st_ex_ctime;
struct timespec st_ex_btime; /* birthtime */
blksize_t st_ex_blksize;
blkcnt_t st_ex_blocks;
};
typedef struct stat_ex SMB_STRUCT_STAT;
It is really large because due to the friendly libc headers playing macro
tricks with fields like st_ino, so I renamed them to st_ex_xxx.
Why this change? To support birthtime, we already have quite a few #ifdef's at
places where it does not really belong. With a stat struct that we control, we
can consolidate the nanosecond timestamps and the birthtime deep in the VFS
stat calls.
At this moment it is triggered by a request to support the birthtime field for
GPFS. GPFS does not extend the system level struct stat, but instead has a
separate call that gets us the additional information beyond posix. Without
being able to do that within the VFS stat calls, that support would have to be
scattered around the main smbd code.
It will very likely break all the onefs modules, but I think the changes will
be reasonably easy to do.
This file is mysteriously getting included when built via the makefile,
but when you try to build mtab.o by hand it fails to build. Directly
include it to remove any ambiguity.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Windows allows up to 127 byte passwords, and we using a 64 byte limit
in most places and a 16 byte limit when using the "pass=" mount option
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Convert all uses of cli_open(), cli_nt_createXXX to NTSTATUS versions.
This is smaller than it looks, it just fixes a lot of old code.
Next up, ensure all cli_XX functions return NTSTATUS.
Jeremy.
callers pass in a struct user_auth_info * instead. This commit causes
smbc_set_credentials() to print out a message telling callers to use
smbc_set_credentials_with_fallback() instead, as smbc_set_credentials()
has a broken API (no SMBCCTX * pointer). No more global variables used
in the connection manager API for client dfs calls.
Jeremy.
the problem that stops libsmbclient being thread safe. Subsidiary
DFS connections are now hung off a list inside the cli_state struct.
Much more to do in order to get libsmbclient to thread safety, but
this is a good start.
Jeremy.
This reverts commit 9579a6f193.
It's confusing to have a boolean to alter the behavior of cli_push
and as the new feature isn't used yet I revert it.
We can readd a extra function later.
metze
guest session setup, login (user id) as anonymous.
This patch is for samba bugzilla bug 4640.
Signed-off-by: Shirish Pargaonkar <shirishp@us.ibm.com>
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@samba.org>
The value of rc in main() isn't initialized in the declaration. This
wasn't a problem before, but Shirish's fakemount patch can make it so
that we return the uninitialized variable if the -n flag is used.
Fix this by initializing rc to 0.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
This patch removes the remaining entry in /etc/mtab after a filesystem
is unmounted by canonicalizing the mountpoint supplied on the command
line.
Please refer to bug 4370 in samba bugzilla.
version.h changes rather frequently. Since it is included via includes.h,
this means each C file will be a cache miss. This applies to the following
situations:
* When building a new package with a new Samba version
* building in a git branch after calling mkversion.sh
after a new commit (i.e. virtually always)
This patch improves the situation in the following way:
* remove inlude "version.h" from includes.h
* Use samba_version_string() instead of SAMBA_VERSION_STRING
in files that use no other macro from version.h instead of
SAMBA_VERSION_STRING.
* explicitly include "version.h" in those files that use more
macros from "version.h" than just SAMBA_VERSION_STRING.
Michael
The current name resolution scheme in mount.cifs is IPv4 only. Expand
it to be protocol-independent. Also take advantage of the fact that
getaddrinfo() returns a list of addresses and have mount.cifs try each
in turn until it hits one that's reachable and allows the socket to
connect.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
smbfs also would use the USER environment variable if the user was not
specified on the mount command and no credential file specified, and
mount.cifs man page says that we will use this environment variable
(in most cases this will not cause a behavior change, because
we were doing getuid of the current process which will usually be
the same name).
Fixes Samba bug #5934
Acked-by: Jeff Layton
The util-linux-ng sources have a good, but rather complex scheme for
locking the mtab before updating it. Mount helpers need to follow the
same scheme. Advisory locking only works if everyone is using the same
locking scheme.
Copy the routines we need from util-linux-ng into a separate source file
and then have mount.cifs and umount.cifs link in this object.
The long term goal is to have these routines in a separate helper
library (libmount). Mount helpers can then dynamically link in that lib.
Until that happens, this should serve as a suitable stopgap solution.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
The manpage for /bin/mount specifies that the return code should be a
positive integer (actually, it's a bitfield). Clean up the return
codes from mount.cifs to make them match the expected return values
from /bin/mount. This necessary for proper integration with autofs.
This is the third attempt at this patch. The changes here are minor,
just changing some return's from main() into exit() calls for
consistency's sake.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
We currently don't attempt to uppercase the device portion of the mount
string if there isn't a prefixpath. Fix that by making uppercase_string
return success without doing anything on a NULL pointer.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
...to silence -Wmissing-prototypes and some uninit'ed variable
warnings. Thanks to GD for the extra-paranoid compiler flags.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(This used to be commit f0ee2c145f)
When we added the ability for the kernel to send sec=mskrb5 to the
upcall, we subtly broke old cifs.upcall versions that don't understand
it. Bump the spnego message version to 2 to make this clear. Also,
change cifs.upcall to not reject requests with a version that's lower
than the current one, and to send the reply with the same version that
the request sent. The idea is to try and keep cifs.upcall backward
compatible with old kernels.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(This used to be commit b868463015)
When the kernel sends the upcall a sec=mskrb5 parameter, that means
the the MSKRB5 OID is preferred by the server. This patch fixes the
upcall to use that OID in place of the "normal" krb5 OID when it
gets a sec=mskrb5 parameter.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <smfrench@gmail.com>
(This used to be commit 6287e13b34)
krb5 mounts require that the user already have a valid krb5 ticket.
Since we can't currently use the password entered, don't prompt for it.
Also, switch to using strncmp instead of strcmp here.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(This used to be commit c75791c34a)
When a request-key upcall exits without instantiating a key, the kernel
will negatively instantiate the key with a 60s timeout. Older kernels,
however seem to also link that key into the session keyring. This
behavior can interefere with subsequent mount attempts until the
key times out. The next request_key() call will get this negative key
even if the upcall would have worked the second time.
Fix this by having cifs.upcall negatively instantiate the key itself
with a 1s timeout and don't attach it to the session keyring.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(This used to be commit f760dd3f31)
client/cifs.upcall.c:205: warning: function declaration isn’t a prototype
This patch fixes this by properly declaring usage() args as void.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@samba.org>
(This used to be commit 148a012421)
The "cifs.resolver" key type has been changed to "dns_resolver". Fix
the comments at the top of cifs.upcall and the manpage accordingly.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@samba.org>
---
docs-xml/manpages-3/cifs.upcall.8.xml | 4 ++--
source/client/cifs.upcall.c | 8 ++++----
2 files changed, 6 insertions(+), 6 deletions(-)
(This used to be commit 24a93d03c2)
(so parsing for domain parameter in mount.cifs matches online help)
and rephrasing original code to make it more clear.
The check for "domain" was meant to allow for "dom" or "DOM" and the
option ("dom") described in the help (e.g. "/sbin/mount.cifs -?") is the
shorter ("dom") form. The reason that the string we compare against
is larger was to improve readability (we could compare against "dom"
but note /* "domain" or "DOMAIN" or "dom" or "DOM" */ but it seemed
terser to just show the larger string in the strcmp target. The
change to "workgoup" from workg* (anything which begins with "workg"
doesn't matter - it is a minor behavior change - but probably few
scripts depend on the "alias" for this option).
Rework code so that it is clearer what we are comparing against.
(This used to be commit 92fad0fc53)
(as a synonym for the older "cifs.resolver" name) when resolving host
names to ip addresses for the kernel.
Acked-by: Jeff Layton
(This used to be commit 22c36b27c6)
Steve French noticed these warnings when building cifs.upcall:
Compiling client/cifs.upcall.c
client/cifs.upcall.c: In function 'usage':
client/cifs.upcall.c:204: warning: declaration of 'prog' shadows a global declaration
client/cifs.upcall.c:33: warning: shadowed declaration is here
Change the usage function to not take and arg and have it just use the global
"prog" variable. Fix a typo in the log message generated when an unknown
option is specified. Also getopt() always returns '?' when it sees an unknown
option so there's no point in printing it out.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(This used to be commit 4b8362f977)
binary. The biggest change is that it renames it from cifs.spnego
to cifs.upcall since the cifs.spnego name really isn't applicable
anymore.
It also fixes a segfault when the program is run without any args
and adds a manpage. Comments and/or suggestions appreciated.
This set should apply cleanly to the 3.3 test branch.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Jeremy.
(This used to be commit c633f10d9e)
All,
Noticed that smbspool.c still has my Easy Software Products copyright
on it. The following patch fixes it to match the other code I've
contributed over the years...
Jeremy.
(This used to be commit 9f5897e28d)
SAFE_FREE. Use #define constants not arbitrary numbers. Stevef
please check. Karolyn, once Steve has checked please pull for
3.2-stable.
Jeremy.
(This used to be commit cc23f91d63)
There were a couple of places where we weren't checking for
authentication correctly. This chance fixes those places and properly
supports Kerberos where available.
(This used to be commit 8eff35bc4a)
To summarize the changes, the patches remove the old (probably non-
working) Kerberos support code which is unnecessary with CUPS 1.3
and adds some checks on the NT status we get back to see whether
the connection error is related to authentication. If so, we send
the ATTR: message to tell CUPS we need a username and password and
return exit code 2 so cupsd will do the right thing.
AUTH_USERNAME, AUTH_PASSWORD, and KRB5CCNAME are set and supported
by CUPS 1.3. The new exit code is supported by CUPS 1.2.x and 1.3,
and it treated as a general failure in CUPS 1.1. The ATTR: message
is only supported by CUPS 1.3, while CUPS 1.2 will assume the
"username,password" value we are setting.
The current code only uses the AUTH_* env vars if they are set.
If not, we fall back to the previous behavior.
I really can't tell whether the Kerberos code that was in there
would work at all. It did not work for Mac OS X which is why
I dropped it.
(This used to be commit 8c12c5cea0)
This patch is the second patch to attempt to fix up some of the problems
with mounting subdirectories of shares. The earlier patch didn't handle
this correctly when POSIX extensions were enabled. This one does.
This is a bit of a confusing area since the different components of
a service string have different rules:
1) hostname: no '/' (slash) or '\' (backslash) is allowed to be
embedded within the string
2) sharename: same rules as hostname
3) prefixpath: '\' *is* allowed to be embedded in a path component,
iff POSIX extensions are enabled. Otherwise, neither
character is allowed.
The idea here is to allow either character to act as a delimiter when we
know that the character can't be anything but a delimiter (namely
everywhere up to the start of the prefixpath). The patch will convert
any '\' unconditionally to '/' in the UNC portion of the string.
However, inside the prefixpath, we can't make assumptions about what
constitutes a delimiter because POSIX allows for embedded '\'
characters. So there we don't attempt to do any conversion, and pass the
prefixpath to the kernel as is. Once the kernel determines whether POSIX
extensions are enabled, it can then convert the path if needed and it's
able to do so. A patch to handle this has already been committed to the
cifs-2.6 git tree.
This patch also fixes an annoyance. When you mount a subdir of a share,
mount.cifs munges the device string so that you can't tell what the
prefixpath is. So if I mount:
//server/share/p1/p2/p3
..then /proc/mounts and mtab will show only:
//server/share
Finally, it also tries to apply some consistent rules to the uppercasing
of strings.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(This used to be commit e03d1dfdb8)
I did not do any scientific tests, but the dummy test on my laptop against a
w2k3 vmware shows that in this specific situation going beyond 512k seems not
to gain anything anymore.
smb: \> iosize 64512
iosize is now 64512
smb: \> lcd /dev
smb: \> get random null
getting file \random of size 104857600 as null (33453,1 kb/s) (average 19718,5 kb/s)
smb: \> get random null
getting file \random of size 104857600 as null (34236,0 kb/s) (average 20509,1 kb/s)
smb: \> iosize 524288
iosize is now 524288
smb: \> get random null
getting file \random of size 104857600 as null (49042,1 kb/s) (average 22521,9 kb/s)
smb: \> get random null
getting file \random of size 104857600 as null (49420,8 kb/s) (average 23432,9 kb/s)
smb: \> iosize 1048576
iosize is now 1048576
smb: \> get random null
getting file \random of size 104857600 as null (49420,8 kb/s) (average 24284,2 kb/s)
smb: \> get random null
getting file \random of size 104857600 as null (49136,3 kb/s) (average 25076,9 kb/s)
(This used to be commit 1bcfef6a90)
This is the big (and potentially controversial) one. It took a phone call to
explain to metze what is going on inside cli_pull_read_done, but I would really
like everybody to understand this function. It is a very good and reasonably
complex example of async programming. If we want more asynchronism in s3, this
is what we will have to deal with :-)
Make use of it in the smbclient "get" command.
Volker
(This used to be commit 76f9b360ee)
This is the big (and potentially controversial) one. It took a phone call to
explain to metze what is going on inside cli_pull_read_done, but I would really
like everybody to understand this function. It is a very good and reasonably
complex example of async programming. If we want more asynchronism in s3, this
is what we will have to deal with :-)
Make use of it in the smbclient "get" command.
Volker
(This used to be commit 844a163458)
This reverts commit 6b1a118eaa.
We found that this patch does not play well with currently released cifs.ko
code, so after discussions with Jeff Layton and Steve french we decided it
is best to back it off and re-think a better approach. Jeff will send new
patches later, but for now it is better to just revert to the previous code
(This used to be commit c5b7d538ec)
Here is a patch for userspace cifs.spnego handler that adds support for cifs.resolver
upcall used in DFS code.
Any comments are appreciated.
#############################
Cifs upcall with key type cifs.resolver is used for resolving
server names in handling DFS refferals.
Signed-off-by: Igor Mammedov <niallain@gmail.com>
(This used to be commit dfc80b4f1c)
on a share (or global) and have the server reply with
ACCESS_DENIED for all non-encrypted traffic (except
that used to query encryption requirements and set
encryption state).
Jeremy.
(This used to be commit d241bfa577)
Only client.c and clitar.c used this, I think they should carry the static
themselves. Also move the a bit funny routine toktocliplist to clitar.c, the
only place where it is used.
(This used to be commit 86d9412611)
for bug #4780. Cause user mounts to inherit uid= and gid= from the
calling user when called as non-root, except when overridden on the
commandline.
Jeremy.
(This used to be commit 7fad5f38ea)
