1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-19 10:03:58 +03:00

92 Commits

Author SHA1 Message Date
Jeremy Allison
e8f7c60ec2 My algorithm for determining whan an incoming sequence number can be allowed is incorrect.
(I based it on the text in MS-SMB2, silly me :-). Fix it so incoming sequence numbers
can range over the entire allowable bitmap range. This fixes a repeatable
disconnect against Win7.

Jeremy.
2010-12-21 18:07:52 -08:00
Jeremy Allison
2ac579ca76 Add a SMB2 crediting algorithm, by default the same as Windows. Defaults to 128 credits.
Jeremy.
2010-12-10 15:46:41 -08:00
Stefan Metzmacher
dbc934ee4b s3:include: move MAX_DEBUG_LEVEL from local.h to debug.h
metze
2010-10-24 18:40:13 +00:00
Pierre Carrier
eeb24afd78 Allows changing the maximum number of simultaneous clients in winbindd through an smb.conf option.
Signed-off-by: Jeremy Allison <jra@samba.org>
2010-09-14 16:43:39 -07:00
Jeremy Allison
7b4387f765 Fix bug #7146 - Samba miss-parses authenticated RPC packets.
Parts of the Samba RPC client and server code misinterpret authenticated
packets.

DCE authenticated packets actually look like this :

+--------------------------+
|header                    |
| ... frag_len (packet len)|
| ... auth_len             |
+--------------------------+
|                          |
| Data payload             |
...                     ....
|                          |
+--------------------------+
|                          |
| auth_pad_len bytes       |
+--------------------------+
|                          |
| Auth footer              |
| auth_pad_len value       |
+--------------------------+
|                          |
| Auth payload             |
| (auth_len bytes long)    |
+--------------------------+

That's right. The pad bytes come *before* the footer specifying how many pad
bytes there are. In order to read this you must seek to the end of the packet
and subtract the auth_len (in the packet header) and the auth footer length (a
known value).

The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long
as the pad alignment is on an 8 byte boundary (there are some special cases in
the code for this).

Tridge discovered there are some (DRS replication) cases where on 64-bit
machines where the pad alignment is on a 16-byte boundary. This breaks the
existing S3 hand-optimized rpc code.

This patch removes all the special cases in client and server code, and allows
the pad alignment for generated packets to be specified by changing a constant
in include/local.h (this doesn't affect received packets, the new code always
handles them correctly whatever pad alignment is used).

This patch also works correctly with rpcclient using sign+seal from
the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow)
so even as a server it should still work with older libsmbclient and
winbindd code.

Jeremy
2010-02-17 15:27:59 -08:00
Jeremy Allison
8f4d4a6758 Final part of the fix for 6837 - "Too many open files" when trying to access large number of files
Win7 needs a min of 16k file handles to work against a
server.

Jeremy.
2009-12-16 10:19:19 -08:00
Jeremy Allison
b6fdecd112 Fix bug #6837 - "Too many open files" when trying to access large number of files
from Windows 7. Original patch by me fixed up with the correct open files number
by jmaggard10@hotmail.com.
Jeremy.
2009-12-02 10:01:14 -08:00
Jeremy Allison
49b52ec16f Parameterize in local.h the MAX_RPC_DATA_SIZE, and ensure
that "offered" read from the rpc packet in spoolss is under
that size. Tidyup from analysis from Veracode.
Jeremy.
2009-02-13 16:06:17 -08:00
Stefan Metzmacher
206e7eeb6f smbd: make it possible to change the write time delay for testing
metze
(This used to be commit df8c100c2b53575a0d425a2daf52e2d59904746a)
2008-04-07 12:29:31 +02:00
Jeremy Allison
38af904c31 r17107: Make the 200 ms timeout value tunable in local.h...
Might need to be a parameter ?
Jeremy.
(This used to be commit 98d8d9399bb287319578daaf2a2fb42f3c48f858)
2007-10-10 11:38:12 -05:00
Jeremy Allison
81d4f40bbe r14763: Add a new tuning parameter, open files database hash size,
this allows us to experiment with ensuring the tdb hash
size for our open files and locking db are appropriately
sized. Make the hash size larger by default (10007 instead
of 1049) and make the locking db hash size the same as the
open file db hash size.
Jeremy.
(This used to be commit e7225f7e813423c3e2a94af6a9d7ce8a1b50a166)
2007-10-10 11:15:46 -05:00
Gerald Carter
0af1500fc0 r13316: Let the carnage begin....
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10 11:06:23 -05:00
Jeremy Allison
a00c76d9fb r11435: Allow the hash size of the tdb open (locking) database
to be set in local.h. Change from the default (131) to
another prime (1049). Should this be an smb.conf tunable parameter
based on the number of open file descriptors available ?
If so what scaling factor ? More tests to follow.
Jeremy.
(This used to be commit 6a902ec49ffea5d0ca0308d5ff51584cece41043)
2007-10-10 11:05:16 -05:00
Jeremy Allison
02fdabc2a7 r5636: Re-add the allocation size - parameterized by share as
"allocation roundup size", by default set as 1Mb. From
advice by BlueArc about Windows client behaviour. VC++
people can set this to zero to turn it off.
Jeremy.
(This used to be commit 833ca101772bfab65dbd79eb64f63464177f144e)
2007-10-10 10:55:52 -05:00
Jeremy Allison
f95e9fc45b r5548: Stop lying about allocation sizes to Windows clients. It was a nice
idea, and aparently improved performance in some circumstances, but it
breaks the VC++ compiler :-(. Not cool. Fix bug #2146.
Jeremy.
(This used to be commit b9f147634df0126320ffe3b9a23068e76f6c1681)
2007-10-10 10:55:47 -05:00
Jeremy Allison
c531f726c4 r1325: Always use GetTimeOfDay() (wrapper). Ensure ldap replication
sleep time is not more than 5 seconds. Should fix issue
reported by Chris Garrigues <cwg@deepeddy.com>.
Jeremy.
(This used to be commit fbc06831d3a7e8645409158ee1ae1f9f192913a7)
2007-10-10 10:52:06 -05:00
Jeremy Allison
2fc57c9a2c r1085: Now it's had some proper user testing, merge in the deferred open fix. I'm
still doing more testing, but it fixes a behaviour that we've been wrong
on ever since the start of Samba.
Jeremy.
(This used to be commit 894cc6d16296b934c112786eec896846156aee5d)
2007-10-10 10:51:54 -05:00
Andrew Tridgell
059181a169 parameterise the listen backlog in smbd and make it larger by default. A backlog of 5 is way too small these days.
(This used to be commit bbb92d2b0ea6bc10c71bed62924bfc95c11172a5)
2003-10-29 04:58:48 +00:00
Jelmer Vernooij
10bf059b62 Backport my backtrace patch from HEAD
(This used to be commit 66fcf6b4938a87e5ded7c7e5830a6a54e4439544)
2003-04-14 21:49:49 +00:00
Jeremy Allison
e0989e1304 *Excellent* patch from Michael Steffens <michael_steffens@hp.com> to limit
the unix domain sockets used by winbindd (also solves FD_SETSIZE problem
in winbindd to boot !). Adds a "last_access" field to winbindd connections,
and will close the oldest idle connection once the number of open connections
goes over WINBINDD_MAX_SIMULTANEOUS_CLIENTS (defined in local.h as 200
currently).
Jeremy.
(This used to be commit 7a586552a3aeb4a26495f0965af4bd027456a011)
2003-02-28 00:25:55 +00:00
Jelmer Vernooij
9770ba3f4c Remove obsolete file lib/netatalk.c - We now have a vfs module
(This used to be commit fcc7a197b1ec85f9492e335a824317a904b0c919)
2003-02-15 02:03:55 +00:00
Jeremy Allison
6b2eb72df0 Fixed up mutex protection around winbindd logon code. Sync with APP-HEAD.
Jeremy.
(This used to be commit daf179bcd6297b525bfc644efb154734723f4d58)
2003-01-16 20:08:26 +00:00
Jeremy Allison
83219da302 Fix for systems that allow more than 65536 open files per process.
Jeremy.
(This used to be commit 947a56ce00e552e8b8d2ed64435eabde6225f044)
2002-10-22 22:17:29 +00:00
Jeremy Allison
3665777a5b Add a timeout to tdb_lock_bystring(). Ensure we never have more than
MAX_PRINT_JOBS in a queue.
Jeremy.
(This used to be commit 9fe3c0b90d4bff2217e3cb5a34b4683ca314c06e)
2002-10-04 22:53:18 +00:00
Gerald Carter
a834a73e34 sync'ing up for 3.0alpha20 release
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 15:19:00 +00:00
Jelmer Vernooij
b2edf254ed sync 3.0 branch with head
(This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
2002-08-17 17:00:51 +00:00
Andrew Tridgell
e90b652848 updated the 3.0 branch from the head branch - ready for alpha18
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 10:35:28 +00:00
Andrew Tridgell
9cd0306baa This split the mangling code up to allow for the possibility of multiple
mangling implementation, selectable using "mangling method = " in smb.conf

It also tidies the interface a little, although it is still nasty.
(This used to be commit be23d87a178e7d0691e7d942adf89bb3d2d533c2)
2002-04-11 02:20:56 +00:00
Jeremy Allison
9e007457e4 Removed MAXSTATUS which was set incorrectly - thus causing tdb traversal
of the connections db on smbd startup. This should fix the Solaris large
load bug.... (fingers crossed).
Jeremy.
(This used to be commit 5b2b9c25af28543e67762805d1387524cbb6c39d)
2002-01-14 19:34:28 +00:00
Andrew Tridgell
94dd5cded7 allow a MAX_DEBUG_LEVEL setting in local.h (or the Makefile)
This allows embedded systems to compile out the higher debug
levels. It should gain speed as well as reducing the code
size. Setting it to 1 saves about 300k of code on my system.
(This used to be commit f34cac3b312f273a2363919655ddd1e25cb91305)
2001-12-06 07:17:25 +00:00
Martin Pool
caef2d2884 LIBDIR and LOCKDIR are dynamically configured too.
(This used to be commit 868999ad3c82ad72f11d5b3208b0e42b1ed95096)
2001-11-19 03:35:27 +00:00
Jeremy Allison
22afba62c9 Fixed allocation bug in database prog. Some format fixes.
Jeremy.
(This used to be commit 9ff6b0c20cc88ef0bcd62a596fcb96f898b5b29d)
2001-11-12 01:00:54 +00:00
Andrew Tridgell
c6d1e75664 - fix handling of 0 last_change_time and must_change_time
- move the arbitrary 21 day timeout to local.h
(This used to be commit 11075f543470c3283accce0246d0b2983420695a)
2001-10-01 10:54:11 +00:00
Jeremy Allison
998fcd3f1e Patch from David_Tiller@ccnotes.ccity.com finally applied now I've thought
about it to stop account lockouts with "security=server" mode. Sorry for
the delay David.
Jeremy.
(This used to be commit e8819715038ed49b07ed5639b1b88ad12e994b53)
2001-05-06 20:56:14 +00:00
Jeremy Allison
aac630b382 Had to add a "pam password change" parameter (defaults to "off") and inlined
the pam password change code to ensure that existing and working password
chat scripts don't break with 2.2.1. PAM password changing has to be explicitly
requested.
Allowed wildcards in pam password change matching (matches password chat
script matching). Had to add const (sorry Tim :-) to ms_fnmatch() to
stop warnings. Don't worry - the const changes are isolated and don't
cause any other warnings :-).
Jeremy.
(This used to be commit 47b4d82536c09bffe3a0d9917fa31d935f1be7d8)
2001-05-02 23:32:09 +00:00
Jeremy Allison
e3ca9f33bb Ensure correct password change script gets selected --with-pam.
Jeremy.
(This used to be commit 6703f621ea798bd1877bd3baa523307ee288dccd)
2001-04-30 22:12:38 +00:00
Andrew Tridgell
9ce5a03ccb merge from 2.2
(This used to be commit f52a5014ee325f9d91f266f88eac51b6136a75b9)
2001-04-18 16:41:04 +00:00
Andrew Tridgell
23e5cf060d this patch does a number of things:
- removes SMB_ALIGNMENT. That macro caused all sorts of problems with
  getting unicode aligned right in sub-protocols (such as SMBtrans and
  SMBtrans2). I believe the performance reasons for having
  SMB_ALIGNMENT has gone away with the new variants of the SMB
  protocol anyway, as newer commands tend to have their own internal
  alignment.

- fix the locations where we set smb_flg2 to absolute values. We must
  never do this if we want a hope of coping with unicode.

- add initial support for unicode on the wire in smbd. Currently
  enabled using SMBD_USE_UNICODE environment variable.
(This used to be commit b98b1435e9d8f8622444c9ff33082977e661f16b)
2001-03-13 00:55:19 +00:00
Andrew Tridgell
a7f6c0a642 don't need shmem any more
(This used to be commit a81371a4fd6f7972b054bea90428d1d2fd6d1d22)
2000-07-06 03:53:49 +00:00
Andrew Tridgell
f3a861e04e - use full_name instead of real_name
- got rid of guest map code in lpq parser
(This used to be commit 8e53f781d3cf6a7007764916a0d8e8f1abea1f66)
2000-05-04 07:59:34 +00:00
Andrew Tridgell
d99bec7170 got rid of some more old configure tests and includes
(This used to be commit f137648504362479143d50477fa38ebf7147968b)
2000-04-17 06:11:08 +00:00
Andrew Tridgell
574788039f added the unexpected packet database (unexpected.tdb)
this means "nmblookup -S" now always works, even with broken servers
the database stores all unexpected replies and these can be accessed
by any client.
while doing this I cleaned up a couple of functions, and put in place
a better trn_id generator. in most places the code got quite a bit
simpler due to the addition of simple helper functions.

I haven't yet put the code in to take advantage of this for pdc
replies - that will be next. Jeremys pdc finding code will then work :)
(This used to be commit 280e6359d36c9bc8dcded302f15c3a1db8e3feeb)
2000-01-03 03:17:16 +00:00
Jeremy Allison
211697ee6c Converted most of the functions in lib/util_str.c to smb_ucs2_t equivalents.
Jeremy.
(This used to be commit 1ba42aca2163c534f6be4e4a733604e3dffe0ed8)
1999-12-29 02:00:38 +00:00
Andrew Tridgell
3db52feb1f first pass at updating head branch to be to be the same as the SAMBA_2_0 branch
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-12-13 13:27:58 +00:00
Jeremy Allison
375e53826c include/local.h:
include/smb.h:
param/loadparm.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
printing/printing.c: Added J.F.'s latest fix.
rpc_parse/parse_misc.c:
parse_reg.c:
rpcclient/cmd_reg.c:
rpcclient/display.c: SGI compiler signed/unsigned issues.
smbd/reply.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
utils/testparm.c: Added extra test.
Jeremy.
(This used to be commit 9668a5ef50be2e6b575f9989e87ee2ff8da5ac1d)
1998-11-10 20:51:25 +00:00
Andrew Tridgell
ab521a11a1 I talked to Dave Miller and he thinks that we should have TCP_NODELAY
on by default on OSes that support it, given the network IO pattern
that Samba uses. He doesn't think it will cause problems.
(This used to be commit 15016aa024854ca56ef20d1f29f54f9698a1911b)
1998-11-09 04:17:11 +00:00
Andrew Tridgell
053d6c605c at the interop Isaac (at least I _think_ it was Isaac) said that if a
MS client doesn't respond to a oplock break request then we might try
resending the request.

This morning Sues Win95 machine had this problem (thus forcing me to
do something about it!). When starting winword her box refused to
answer an oplock break request. I have added code to resend the oplock
break request up to 3 times at 10 second intervals before killing the
socket.

of course, as soon as I did this her box started to behave again so I
haven't been able to tell if this fix actually works, but it can't be
worse than dropping the socket immediately.
(This used to be commit a1c4d8351b9171416693e6d7a9045bdce9217edb)
1998-10-21 00:31:14 +00:00
Jeremy Allison
8883e74ed4 Upped default MAX_OPEN_FILES to 10000 after conversation with tridge.
As we're only using 1 bit per fd when idle it doesn't matter too much....
Jeremy.
(This used to be commit dba55b2d3453bd18e1a0cb031d012733e5a214b9)
1998-09-30 03:05:29 +00:00
Jeremy Allison
5b4d94e20f (Finally) implemented "max open files" as a global smb.conf parameter.
Sets up the files array correctly - limited by the smb.conf parameter
and by the max fd's per process as found by getrlimit().
Jeremy.
(This used to be commit eca24bd24352c688cdf48c1ef14adb8ac353468f)
1998-09-30 01:49:24 +00:00
Andrew Tridgell
6da95a6f1d changed the default filesystem type to NTFS (from Samba)
I've finally changed this because I've found a real effect that this
has. Win95 shows long filenames in a directory listing in a dos box
only if this is set to NTFS or HPFS (only ones I've found so far
anyway).

If NTFS poses problems of some kind then we should try HPFS

I wonder if this change will trigger any attempts to use ACLs ?
(This used to be commit 410d54fa0dba319e802d7327d89c4c1e61f2db65)
1998-09-26 10:31:40 +00:00