1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

85 Commits

Author SHA1 Message Date
Volker Lendecke
e73ccc06ef Rely on /dev/urandom
This removes quite a bit of code. All reasonable systems have /dev/urandom
these days. Linux, Solaris and the BSDs do.  In case we find a system
without /dev/urandom, we will have to go hunting in other libraries.

The main reason for this is speed: On Ubuntu 14.04 doing direct reads from
/dev/urandom is 2-3 times faster than our md4 based code. On virtualized
FreeBSD 10 the difference is even larger.

My first approach was to use fopen/fread. It was even faster, but less
than twice as fast. So I thought we could save the additional complexity
when having to deal with throwing away buffers when forking and the
additional memory footprint per process.

With this simple generate_random_buffer it will be easier to adapt new
syscalls to get randomness.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 13 04:25:39 CEST 2015 on sn-devel-104
2015-10-13 04:25:38 +02:00
Volker Lendecke
e241b739fb Fix a few printf format errors
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-05-07 20:20:19 +02:00
Andreas Schneider
3fb40b4bec s4-process_model: Panic if the standard init function fails
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-03-27 04:03:14 +01:00
Andreas Schneider
f75182841d s4-process_model: Do not close random fds while forking.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11180

The issue has been found with nss_wrapper debug output running:
    samba4.ntvfs.cifs.krb5.base.lock

In the case here, we fork a child and close the fd without resetting
the pipe fd variable. Then the fd was used to open the nss_wrapper
hosts file which got the same fd. We forked again in the process model
called close() on the re-used fd (of the pipe variable) again without
nss_wrapper noticing.  Now Samba opened the secrets tdb and got
the same fd as nss_wrapper was using for the hosts file and next
nss_wrapper tried to parse a TDB ...

Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-03-27 04:03:14 +01:00
Andrew Bartlett
30e0238646 s4-process_standard: Remove signal(SIGCHLD, SIG_IGN)
We replace this with a pipe between parent and child, and then watch
for a read event in the parent to indicate that the child has gone away.

The removal of signal(SIGCHLD, SIG_IGN) requires us to then call
waitpid().  We can't do that in a main loop as we want to get the exit
status to the legitimate waitpid calls in routines like
samba_runcmd_*().

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-03-17 04:29:06 +01:00
Jelmer Vernooij
78cb9fd91b Remove compatibility code for setproctitle() now moved to libreplace. 2012-09-24 23:06:07 +02:00
Michael Adam
25216d7537 s4:smbd: fix typos
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Jun 12 09:21:15 CEST 2012 on sn-devel-104
2012-06-12 09:21:14 +02:00
Simo Sorce
edc32665d0 s4:smbd: use tevent_ fn names instead of leagcy event_ ones 2011-08-13 09:54:16 -04:00
Jelmer Vernooij
c104e4ca54 source4/smbd: Fix prototypes for all functions. 2011-03-19 03:20:04 +01:00
Matthias Dieter Wallnöfer
faa7ae47d6 s4:smbd/process*.c - fix PID warnings on Solaris
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Dec 12 13:21:13 CET 2010 on sn-devel-104
2010-12-12 13:21:13 +01:00
Andrew Tridgell
046d38faa5 s4-smbd: don't initialise process models more than once
this also removes the event_context parameter from process model
initialisation. It isn't needed, and is confusing when a process model
init can be called from more than one place, possibly with different
event contexts.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-30 23:49:00 +11:00
Andrew Tridgell
6b266b85cf s4-loadparm: 2nd half of lp_ to lpcfg_ conversion
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-16 18:24:27 +10:00
Stefan Metzmacher
6dbcffb51d s4:lib: merge LDB_WRAP and LDBSAMBA and make LDBSAMBA a library.
This is needed to remove samba specifc symbols from the bundled
ldb, in order to get the ABI right.

metze

Signed-off-by: Andreas Schneider <asn@samba.org>
2010-06-16 14:07:28 +02:00
Andrew Bartlett
ad197f6f15 s4:process_model Fix process_standard and process_onefork not to use
multiple event contexts

It is NEVER valid to free an event context that anybody else may have
a reference to, and never normally valid to have two 'live' at once.
We must instead call tevent_re_initialise() to wipe clean an existing
pointer.

Andrew Bartlett
2010-05-14 23:25:45 +10:00
Andrew Tridgell
789d67c499 s4-smbd: use tevent_re_initialise()
This fixes a crash bug on startup
2010-03-26 21:13:55 +11:00
Andrew Tridgell
f69135e0e9 s4-smbd: fix crash in notify code on client termination
We need to free the lp_ctx after we free the event context, otherwise
the teardown code in the notify backend dies when it tries to use the
iconv_convenience ptr

Fixes bug 7053
2010-02-13 23:12:29 +11:00
Andrew Tridgell
278d2f75ba s4-smbd: setup the default event contexts for other process models 2010-01-08 13:03:05 +11:00
Andrew Tridgell
890e7719cf s4-ldb: move the tdb_reopen_all() calls to ldb_wrap.c 2009-10-23 14:52:18 +11:00
Andrew Tridgell
a7cc448dc2 s4-server: call the ldb_wrap_fork_hook() after a fork()
This will be used to allow us to cancel any pending transactions
after a fork.
2009-10-23 14:52:18 +11:00
Andrew Tridgell
7c807de6b8 s4-smbd: minimise includes in smbd/ and smb_server 2009-09-19 14:11:54 -07:00
Andrew Tridgell
c271dc998b ensure that child tasks die when the parent dies
Previously we relied on process groups and SIGTERM to ensure that
child tasks died in the standard process model when the parent task
died. This doesn't work when the server is run in interactive mode, as
in that case we don't call become_daemon() and don't get a separate
process group.

The fix is to have a pipe held open by the parent server process, and
inherited by child tasks. If the parent exits then the write side of
the pipe is implicitly closed, which causes an event in the child
tasks that causes them to exit
2009-08-07 17:24:48 +10:00
Stefan Metzmacher
29cc638c2c s4:smbd: s/private/private_data
metze
2009-02-02 13:08:36 +01:00
Stefan Metzmacher
183c379fe5 s4:lib/tevent: rename structs
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"

for s in $list; do
	o=`echo $s | cut -d ':' -f1`
	n=`echo $s | cut -d ':' -f2`
	r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
	files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
	for f in $files; do
		cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
		mv $f.tmp $f
	done
done

metze
2008-12-29 20:46:40 +01:00
Jelmer Vernooij
2ba4a79210 Eliminate another global_loadparm. 2008-09-30 03:20:46 +02:00
Jelmer Vernooij
7111645d3c Use single copy of tdb in both samba3 and samba4. 2008-09-16 15:16:31 +02:00
Simo Sorce
2daf2897d5 Use a custom init function for samba4 that sets a samba4
specific debug function.
By default do not debug, this is the most appropriate action for a library
as we cannot assume what stderr is use for in the main app.
The main app is responsible to set ev_debug_stderr if they so desire.
(This used to be commit e566a2f308)
2008-06-14 13:00:53 -04:00
Jelmer Vernooij
39b2fc37f2 Add context pointer to secrets functions.
(This used to be commit 873941d8a8)
2008-04-01 15:26:00 +02:00
Andrew Bartlett
b3c5fbec47 Remaining changes to implement the prefork process model
To use, run 'smbd -M prefork'

By default, only the smb service is preforked.  4 children are
created, and all listen for new connections.  The Linux Kernel 'wake
one' behaviour should ensure that only one is given the oportunity to
accept.  We need to look into the ideal number of worker children, as
well as load balancing behaviours.

To change, set:

prefork children : smb = 6

valid service names (smb in this example) match those in 'server services'.

Andrew Bartlett and David Disseldorp
(This used to be commit 35313c0aa3)
2008-02-04 17:59:16 +11:00
Jelmer Vernooij
df408d056e r26672: Janitorial: Remove uses of global_loadparm.
(This used to be commit 18cd08623e)
2008-01-05 13:06:03 -06:00
Jelmer Vernooij
d891c0c74a r26429: Avoid use of global_smb_iconv_convenience.
(This used to be commit d37136b7ab)
2007-12-21 05:49:56 +01:00
Jelmer Vernooij
5c4516fcf7 r26322: Fix include
(This used to be commit 9744316937)
2007-12-21 05:48:34 +01:00
Jelmer Vernooij
6901b3c64a r26278: Tallocify convenience table for iconv handles.
(This used to be commit ad64b3baa4)
2007-12-21 05:48:04 +01:00
Jelmer Vernooij
ecea5ce245 r26260: Store loadparm context in gensec context.
(This used to be commit b9e3a4862e)
2007-12-21 05:47:34 +01:00
Jelmer Vernooij
6cf69fee18 r24994: Fix some C++ warnings.
(This used to be commit 925abf74fa)
2007-10-10 15:05:26 -05:00
Andrew Tridgell
0479a2f1cb r23792: convert Samba4 to GPLv3
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac)
2007-10-10 14:59:12 -05:00
Andrew Tridgell
1cd4339b9a r20646: first preparations for cluster enablement. This changes "
uint32_t server_id
to
  struct server_id server_id;

which allows a server ID to have an node number. The node number will
be zero in non-clustered case. This is the most basic hook needed for
clustering, and ctdb.
(This used to be commit 2365abaa99)
2007-10-10 14:37:23 -05:00
Stefan Metzmacher
0671e54079 r19610: fix the build
metze
(This used to be commit 59fe6cfaba)
2007-10-10 14:25:04 -05:00
Andrew Bartlett
3c1e780ec7 r19604: This is a massive commit, and I appologise in advance for it's size.
This merges Samba4 with lorikeet-heimdal, which itself has been
tracking Heimdal CVS for the past couple of weeks.

This is such a big change because Heimdal reorganised it's internal
structures, with the mechglue merge, and because many of our 'wishes' have been granted:  we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code.  We have adapted to upstream's choice of API in these cases.

In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO
PAC.  This matches windows behavour.  We also have an option to
require the PAC to be present (which allows us to automate the testing
of this code).

This also includes a restructure of how the kerberos dependencies are
handled, due to the fallout of the merge.

Andrew Bartlett
(This used to be commit 4826f17351)
2007-10-10 14:25:03 -05:00
Jelmer Vernooij
5a6e2bc9ae r19573: Move secrets.o into param/ (subsystems haven't been integrated yet).
(This used to be commit 8143de855c)
2007-10-10 14:24:55 -05:00
Stefan Metzmacher
d12e9c4c3b r15277: - fix the build on netbsd, where stdlib.h has the setproctitle() prototype
but --with-setproctitle wasn't used

metze
(This used to be commit 0754154f51)
2007-10-10 14:05:01 -05:00
Stefan Metzmacher
7ffe0fcaee r15273: fix setproctitle support
metze
(This used to be commit 35936fd474)
2007-10-10 14:05:00 -05:00
Jelmer Vernooij
c175e066b2 r15212: Simplify setproctitle code
(This used to be commit 555ca1df1c)
2007-10-10 14:04:19 -05:00
Volker Lendecke
fce0dcf245 r15100: Port the bugfix for #3569 to Samba4
(This used to be commit 5f1d52f232)
2007-10-10 14:04:09 -05:00
Stefan Metzmacher
ad06a8bd65 r14736: - the ntvfs subsystem should not know about smb_server.h
- the process module subsystem should not know about smb_server.h
- the smb_server module should not know about process models

metze
(This used to be commit bac95bb8f4)
2007-10-10 13:59:17 -05:00
Stefan Metzmacher
651ca6553e r14079: I just found the setproctitle library from alt linux:-)
- add set_title hook to the process models
- use setproctitle library in process_model standard if available
- the the title for the task servers and on connections

metze
(This used to be commit 526f20bbec)
2007-10-10 13:56:49 -05:00
Jelmer Vernooij
17ae598141 r13938: Around round of splitups
(This used to be commit 2d655f0528)
2007-10-10 13:52:29 -05:00
Stefan Metzmacher
7d6c9bf2b2 r12815: try to fix the build on AIX
metze
(This used to be commit 21bc072c7a)
2007-10-10 13:49:59 -05:00
Jelmer Vernooij
d4de4c2d21 r12608: Remove some unused #include lines.
(This used to be commit 70e7449318)
2007-10-10 13:49:03 -05:00
Andrew Bartlett
984860f922 r12267: Try to avoid segfault in kerberos libs, because we talloc_free()'ed
the old event context in the standard process modal child.

Andrew Bartlett
(This used to be commit 0f52a9ab07)
2007-10-10 13:47:25 -05:00
Andrew Tridgell
f308cc1616 r10920: in case of a accept() failure just failing and trying again is no
good, as it is probably a resource constraint, so if we just try again
we will spin (as the incoming socket will still be readable). Using a
sleep(1) solves this by throtting smbd until the resource constraint
goes away.

if the resource constraint doesn't go away, then at least smbd won't
be spinning chewing cpu
(This used to be commit 7a5a9da477)
2007-10-10 13:39:43 -05:00