1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-14 19:24:43 +03:00

45114 Commits

Author SHA1 Message Date
Michael Adam
09fbc6c085 s3:passdb: fix and improve debug message in pdb_default_sid_to_id().
Signed-off-by: Michael Adam <obnox@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-05-03 07:57:13 +02:00
Alexander Werth
4b324f7f08 s3: Always cache idmapping results of pdb backend.
And don't cache in the pdb_ldap module on the id_to_sid calls.

Signed-off-by: Alexander Werth <alexander.werth@de.ibm.com>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Sat May  3 04:14:05 CEST 2014 on sn-devel-104
2014-05-03 04:14:05 +02:00
Jeremy Allison
ffaa2849e5 s3: smbd: Remove open_file_fchmod().
No longer used (hurrah!).

Bug 10564 - Lock order violation and file lost

https://bugzilla.samba.org/show_bug.cgi?id=10564

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May  2 23:47:38 CEST 2014 on sn-devel-104
2014-05-02 23:47:38 +02:00
Jeremy Allison
e6e40842d1 s3: smbd: change file_set_dosmode() to use get_file_handle_for_metadata() instead of open_file_fchmod().
get_file_handle_for_metadata() is a new function that
finds an existing open handle (fsp->fh->fd != -1) for
a given dev/ino if there is one available, and uses
INTERNAL_OPEN_ONLY with WRITE_DATA access if not.

Allows open_file_fchmod() to be removed next.

Bug 10564 - Lock order violation and file lost

https://bugzilla.samba.org/show_bug.cgi?id=10564

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
2014-05-02 21:27:07 +02:00
Jeremy Allison
580eb9424c s3: smbd : Ensure file_new doesn't call into smbXsrv_open_create() for INTERNAL_OPEN_ONLY.
This causes deadlocks which cause smbd to crash if the locking
database has already been locked for a compound operation we
need to be atomic (as in the file rename case).

Ensure INTERNAL_OPEN_ONLY opens are synonymous with req==NULL.

INTERNAL_OPEN_ONLY opens leave a NO_OPLOCK record in
the share mode database, so they can be detected by other
processes for share mode violation purposes (because
they're doing an operation on the file that may include
reads or writes they need to have real state inside the
locking database) but have an fnum of FNUM_FIELD_INVALID
and a local share_file_id of zero, as they will never be
seen on the wire.

Ensure validate_my_share_entries() ignores
INTERNAL_OPEN_ONLY records (share_file_id == 0).

Bug 10564 - Lock order violation and file lost

https://bugzilla.samba.org/show_bug.cgi?id=10564

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
2014-05-02 21:27:07 +02:00
Jeremy Allison
bed323cebc s3 : smbd : Protect all possible code paths from fsp->op == NULL.
In changes to come this will be possible for an INTERNAL_OPEN_ONLY.
The protection was already in place for some code paths, this
makes the coverage compete.

Bug 10564 - Lock order violation and file lost

https://bugzilla.samba.org/show_bug.cgi?id=10564

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2014-05-02 21:27:07 +02:00
Christof Schmitt
e8a323c731 smbd: Fix compile warning in dmapi.c
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Change-Id: I69297d91ab8c857204e1f78cafb210b9a05f3b77

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May  2 03:41:31 CEST 2014 on sn-devel-104
2014-05-02 03:41:31 +02:00
Volker Lendecke
042f94b560 torture3: Add a test deleting a different req
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Apr 30 17:09:59 CEST 2014 on sn-devel-104
2014-04-30 17:09:59 +02:00
Volker Lendecke
54118d24a7 torture3: Add local-messaging-read1
This covers deleting and re-adding a request in a callback

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-04-30 14:52:08 +02:00
Volker Lendecke
d0590eec7e messaging3: Fix messaging_read_send/recv
messaging_read_send/recv was okay for just one handler in the queue. For
multiple handlers it was pretty broken.

A handler that deletes itself as part of the callback (pretty typical use
case...) drops the message for a subsequent handler that responds to the same
message type. In messaging_dispatch_rec we walk the array, however
messaging_read_cleanup has already changed the array. tevent_req_defer_callback
does not help here: It only defers the callback, it does not defer the cleanup
function.

This also happens when a callback deletes a different handler

A handler that re-installs itself in the callback might get a message twice.

This patch changes the code such that only messaging_dispatch_rec adds records
to msg_ctx->waiters, new waiters are put into a staging area first
(msg_ctx->new_waiters). Also messaging_read_cleanup does not move anything
around in msg_ctx->waiters, it only nulls out itself. messaging_dispatch_rec is
changed to cope with this.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-04-30 14:52:08 +02:00
Volker Lendecke
8117dcd5fb messaging3: Make "presult" optional in messaging_read_recv
Callers might not be interested in the rec, just the fact that something
arrived

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-04-30 14:52:08 +02:00
Volker Lendecke
3af130ea93 torture3: Add a bit more coverage to messaging_read
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-04-30 14:52:08 +02:00
Volker Lendecke
93796a38af messaging3: Fix formatting
This went over the 80-char limit

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-04-30 14:52:08 +02:00
Jeremy Allison
41c5277f57 s3: smbd : Fix wildcard unlink to fail if we get an error rather than trying to continue.
This can break smbd if we end up leaving a SHARING_VIOLATION
retry record on the queue.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2014-04-30 14:52:08 +02:00
Andrew Bartlett
77b04f1df6 winbind: Allow winbindd to be run from inside "samba"
Change-Id: I6b90a9b62ba5821e0feedb23cd20642078ba0ca6
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Apr 29 05:28:39 CEST 2014 on sn-devel-104
2014-04-29 05:28:39 +02:00
Michael Adam
2372bd7d0c autorid: Add allocation from above in alloc range for well known sids
This way, we achieve a better determinism for the id mappings
of the well knowns without wasting a separate range.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Apr 25 17:52:10 CEST 2014 on sn-devel-104
2014-04-25 17:52:10 +02:00
Michael Adam
90d9445da4 autorid: use dbwrap_trans_do() in idmap_autorid_sid_to_id_alloc()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
0df8988c08 autorid: add high_id to range config and fill it where we also fill range->low_id.
This corresponds to low_id for convenience and allows
for computations without going back to the global config.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
a1adc881cf autorid: reserve 500 IDs at the top of the ALLOC range.
The wellknowns are now allocated into this sub-range.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
57e49d90f2 autorid: reverse order of arguments of idmap_autorid_sid_to_id_alloc()
for consistency

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
3f1297f363 autorid: introduce idmap_autorid_domsid_is_for_alloc()
Currently, this checks if the sid is a wellknown domain sid.
But the code reads more nicely and more domains might be added
in the future.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
eaf770a611 autorid: factor idmap_autorid_sid_to_id() out of idmap_autorid_sids_to_unixids()
- reduces indentation
- unifies error code paths and bumping counters
- makes the code more easy to read

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
64e267c2fe autorid: make the checks for bumping num_mapped identical for alloc and rid case
in idmap_autorid_sids_to_unixids()

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
5d7b1363f0 autorid: explicitly return NTSTATUS_OK in idmap_autorid_sid_to_id_alloc().
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
79a245808c autorid: more explicitly and reasonably set map->state in idmap_autorid_sid_to_id_alloc
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
e32f6a278d autorid: rename idmap_autorid_sid_to_id() -> idmap_autorid_sid_to_id_rid()
For consistency. This is the function that does the calculation
if the sid is treated by a rid range.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
31241beec6 autorid: rename idmap_autorid_map_sid_to_id() -> idmap_autorid_sid_to_id_alloc()
for consistency. this is the sid->id function for the alloc range.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
22f712628b autorid: rename idmap_autorid_map_id_to_sid() -> idmap_autorid_id_to_sid_alloc()
for consistency. This is the function that maps id to sid
for the alloc range.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
5d9d4c73d7 autorid: factor idmap_autorid_get_alloc_range() out of idmap_autorid_allocate_id()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
3c706e9f01 autorid: fix discard-const warning in idmap_autorid_init_hwm()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
1da7b5b50c autorid: fix uninitialized return code for successful autorid.tdb creation/opening
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
04a4dc961e autorid: improve a debug message in idmap_autorid_map_sid_to_id()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
b1cb75a972 autorid: add debug messages to idmap_autorid_get_domainrange()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
b2ddea94cc autorid: improve wording in a debug message
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:09 +02:00
Michael Adam
840813793a autorid: remove a legacy comment from sid_to_id
With the introduction of the ID_TYPE_BOTH mapping
to idmap_autorid, it is not a deficiency but a
virtue of the autorid backend that it does not
care about the existence or type of the
sid to be mapped.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:08 +02:00
Michael Adam
1eeb4bc0ff idmap_rid: remove a legacy comment from sid_to_id
With the introduction of the ID_TYPE_BOTH mapping
to idmap_rid, it is not a deficiency but a
virtue of the rid backend that it does not
care about the existence or type of the
sid to be mapped.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:08 +02:00
Michael Adam
26062b4a9d idmap_tdb_common: remove legacy comment.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:08 +02:00
Michael Adam
11b3937ddd idmap_tdb_common: fix a debug message in idmap_tdb_common_set_mapping()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-04-25 15:35:08 +02:00
Michael Adam
377091a065 idmap_tdb_common: fix a debug message in idmap_tdb_common_unixid_to_sid()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-25 15:35:08 +02:00
Andreas Schneider
d50c0077de s3-rpc_server: Remove ncalrpc_as_system from make_server_pipes_struct().
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Apr 24 13:39:10 CEST 2014 on sn-devel-104
2014-04-24 13:39:10 +02:00
Andreas Schneider
76a89a38fe s3-rpc_server: Remove ncalrpc_as_system from pipes_struct.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-24 11:21:05 +02:00
Andreas Schneider
6ede575fc4 s3-rpc_server: Use gensec for NCALRPC_AS_SYSTEM.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-24 11:21:05 +02:00
Andreas Schneider
000168b002 s3-rpc_server: Add special tsocket address for ncalrpc_as_system.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-24 11:21:05 +02:00
Stefan Metzmacher
6a5cd1857f s3:rpc_client: Use gensec for NCALRPC_AS_SYSTEM.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-24 11:21:05 +02:00
Andreas Schneider
8729d990a3 s3-auth: Register ncalrpc_as_system gensec module.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2014-04-24 11:21:05 +02:00
Stefan Metzmacher
1f4c20f2c3 s3:rpc_server: pass everything but AUTH_TYPE_{NONE,NCALRPC_AS_SYSTEM} to gensec
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-24 11:21:05 +02:00
Andreas Schneider
06922f92e4 s3-rpc_server: Call pipe_auth_verify_final() if needed.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2014-04-24 11:21:05 +02:00
Andreas Schneider
bfdd22b316 s3-rpc_server: Return the status code from gensec.
We need to know the difference between NT_STATUS_OK
and NT_STATUS_MORE_PROCESSING_REQUIRED.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2014-04-24 11:21:05 +02:00
Stefan Metzmacher
2c5ed102b7 s3:rpc_server: let auth_generic_server_step() handle gensec_security == NULL
This simplifies the caller, we don't need to look at the auth_type anymore.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-24 11:21:05 +02:00
Stefan Metzmacher
5d3bb5671e s3:rpc_server: make sure we have a unix token
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-24 11:21:05 +02:00