IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.
The structure is also not ideal for it's current purpose. Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session. This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.
(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Found by Michael Hanscho <samba@micha.priv.at> with a WinCE client.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Jan 14 17:42:05 CET 2011 on sn-devel-104
Since commit 7022554, smbds share a printcap cache (printer_list.tdb),
therefore ordering of events between smbd processes is important when
updating printcap cache information. Consider the following two process
example:
1) smbd1 receives HUP or printcap cache time expiry
2) smbd1 checks whether pcap needs refresh, it does
3) smbd1 marks pcap as refreshed
4) smbd1 forks child1 to obtain cups printer info
5) smbd2 receives HUP or printcap cache time expiry
6) smbd2 checks whether pcap needs refresh, it does not (due to step 3)
7) smbd2 reloads printer shares prior to child1 completion (stale pcap)
8) child1 completion, pcap cache (printer_list.tdb) is updated by smbd1
9) smbd1 reloads printer shares based on new pcap information
In this case both smbd1 and smbd2 are reliant on the pcap update
performed on child1 completion.
The prior commit "reload shares after pcap cache fill" ensures that
smbd1 only reloads printer shares following pcap update, however smbd2
continues to present shares based on stale pcap data.
This commit addresses the above problem by driving pcap cache and
printer share updates from the parent smbd process.
1) smbd0 (parent) receives a HUP or printcap cache time expiry
2) smbd0 forks child0 to obtain cups printer info
3) child0 completion, pcap cache (printer_list.tdb) is updated by smbd0
4) smbd0 reloads printer shares
5) smbd0 notifies child smbds of pcap update via message_send_all()
6) child smbds read fresh pcap data and reload printer shares
This architecture has the additional advantage that only a single
process (the parent smbd) requests printer information from the printcap
backend.
Use time_mono in housekeeping functions As suggested by Björn Jacke.
Since commit eada8f8a, updates to the cups pcap cache are performed
asynchronously - cups_cache_reload() forks a child process to request
cups printer information and notify the parent smbd on completion.
Currently printer shares are reloaded immediately following the call to
cups_cache_reload(), this occurs prior to smbd receiving new cups pcap
information from the child process. Such behaviour can result in stale
print shares as outlined in bug 7836.
This fix ensures print shares are only reloaded after new pcap data has
been received.
Pair-Programmed-With: Lars Müller <lars@samba.org>
pass this in as the &now parameter. Push this call inside of
event_add_to_select_args() to the correct point so it doesn't
get called unless needed.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Dec 23 01:08:11 CET 2010 on sn-devel-104
This fixes a crash in the echo responder when the client started to send the
NetBIOS-Level 0x85-style keepalive packets. We did not correctly check the
packet length, so the code writing the signing seqnum overwrote memory after
the malloc'ed area for the 4 byte keepalive packet.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Oct 7 19:47:35 UTC 2010 on sn-devel-104
Without this, we can get a writable pipe end, but the writev call on the pipe
will block.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Oct 6 13:57:30 UTC 2010 on sn-devel-104
Previously, only one fd handler was being called per main message loop
in all smbd child processes.
In the case where multiple fds are available for reading the fd
corresponding to the event closest to the beginning of the event list
would be run. Obviously this is arbitrary and could cause unfairness.
Usually, the first event fd is the network socket, meaning heavy load
of client requests can starve out other fd events such as oplock
or notify upcalls from the kernel.
In this patch, I have changed the behavior of run_events() to unset
any fd that it has already called a handler function, as well
as decrement the number of fds that were returned from select().
This allows the caller of run_events() to iterate it, until all
available fds have been handled.
I then changed the main loop in smbd child processes to iterate
run_events(). This way, all available fds are handled on each wake
of select, while still checking for timed or signalled events between
each handler function call. I also added an explicit check for
EINTR from select(), which previously was masked by the fact that
run_events() would handle any signal event before the return code
was checked.
This required a signature change to run_events() but all other callers
should have no change in their behavior. I also fixed a bug in
run_events() where it could be called with a selrtn value of -1,
doing unecessary looping through the fd_event list when no fds were
available.
Also, remove the temporary echo handler hack, as all fds should be
treated fairly now.
If select returns -1, we can't rely on the fd sets. The current code might loop
endlessly because when putting an invalid fd (the closed socket?) on the read
set, a select implementation might choose not to touch it but directly return
with EINVAL. Thus run_events will see the socket readable, which leads to a
"return true", and thus a NT_STATUS_RETRY -> same game again.
We should never get into this situation, but to me the logfiles given in bug
7518 do not reveal enough information to understand how this can happen.
Found by the CodeNomicon test suites at the SNIA plugfest.
http://www.codenomicon.com/
If an invalid NetBIOS session request is received the code in name_len() in
libsmb/nmblib.c can hit an assert.
Re-write name_len() and name_extract() to use "buf/len" pairs and
always limit reads.
Jeremy.
This completely removes the DEBUG(0, ..) error message from write_data(). I've
gone through all callers of write_data() and made sure that they have their own
equivalent error message printing.
The move to the parent makes it possible to use an internal rpc pipe
really early and as we migrated serveral parts of samba to rpc function
this is required. This should speed up the fork of a smbd a bit cause
the rpc services are already running.
We still have several problems here which aren't solved. We don't have a
dependency tree here. For example we have to make sure that the registry
is initialized before we can use the winreg pipe. The spoolss server
requires winreg, so we have to start winreg before we can start the
spoolss server. I'm sure there are more dependencies.
Signed-off-by: Simo Sorce <idra@samba.org>
If the parent is fast enough, the echo handler should not step in. When the
socket becomes readable, the echo handler goes to sleep for a second. If within
that second, the parent has picked up the SMB request from the net, the echo
handler will just go back to select().
When both the echo responder and the 445 socket want to send stuff to the
worker smbd, the select loop is not fair. It always chooses the smaller file
descriptor to work on. This can mean that on a busy system the echo responder
never gets around to feed its stuff to the parent.
This fix chooses the async echo responder socket when both the 445 and the echo
responder socket are readable.
Yes, it is a very hackish fix which is required *now* I think. The proper fix
would be to either assign priorities to fd's in tevent, or the from my point of
view better fix would be to make tevent kindof round-robin.
Round-robin would mean that whenever a fd has been dealt with, it is taken off
the list of interested sockets, and only if no other socket is active, all of
the ones waiting are put back. This is a bit like EPOLL_ONESHOT, which I would
like to use for this in the epoll case. Although, I need to do some research if
maybe epoll already guarantees round-robin, I did not find anything in the docs
yet.
Volker
The my_yp_domain variable is just a static cache needed to avoid
making over and over expensive and potentially blocking calls to
yp_get_default_domain().
Instead of keeping this onto the smbd_server_connection struct, just
keep it local to the only function ever using this variable.
This disentagle this function (and a number of calling functions)
from having to pass around smbd_server_connection and thus having
to link against smbd. It also removes a few ifdefs.
Nothing changes from a global/local pov, as the smbd_server_connection
variable passed around is also a global one.
Signed-off-by: Andreas Schneider <asn@samba.org>
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:
ccache build w/o patch
real 4m21.529s
ccache build with patch
real 3m6.402s
pch build w/o patch
real 4m26.318s
pch build with patch
real 3m6.932s
Guenther
Makes SMB2Create call re-entrant internally.
Now this infrastructure is in place, oplocks will follow shortly.
Tested with Win7 client and with W2K8R2.
Jeremy.
Rename functions to be internally consistent. Next step is
to cope queueing single (non-compounded) SMB2 requests to
put some code inside the stubs.
Jeremy.
Allocate a uint16_t internal SMB1 mid for an SMB2 request.
Add a back pointer from the faked up smb_request struct
to the smb2 request.
Getting ready to add restart code for blocking locks,
share mode violations and oplocks in SMB2.
Jeremy.
Revert change from 3.3 -> 3.4 with read_socket_with_timeout changed
from sys_read() to sys_recv(). read_socket_with_timeout() is called
with non-fd's (with a pty in chgpasswd.c and with a disk file in
lib/dbwrap_file.c via read_data()). recv works for the disk file,
but not the pty. Change the name of read_socket_with_timeout() to
read_fd_with_timeout() to make this clear (and add comments).
Jeremy.
after the accept and fork, to smbd_init_globals(), so it's
done immediately on server startup. This is needed as some
messages are sent to all active smbd processes (including
the master listening daemon). If it gets a message that
forces it to scan it's current connections (ie. conn_find())
then it discovers that sconn->smb1.tcons.Connections dereferences
null (as sconn == NULL in the parent) and crashes. Yes,
I could fix all cases where sconn is used and explicitly
check for NULL but this fix is easier. It means that
the smbd_event_context() is initialized in the master
daemon and then re-initialized after fork, but that
should be being done correctly in every fork call anyway.
Without this change the previous fix 6a9e003910
still panics in the reproducible test case for bug
6564, as this is one case where such a message
(MSG_SMB_CONF_UPDATED) is sent to the parent. Metze
please check. This change passes valgrind.
Jeremy.
s3: Make smbd aware of permission change of usershare. Since usershare are relatively volatile and
non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect.
For now. This is a feature request and I think we need
to design it a little differently so as not to touch
core change_to_user() code.
Jeremy.
Before 3.3, an smbcontrol debug message sent to the target "smbd" would
actually be sent to all running processes including nmbd and winbindd.
This behavior was changed in 3.3 so that the "smbd" target would only
send a message to the process found in smbd.pid, while the "all" target
would send a message to all processes.
The ability to set the debug level of all processes within a single
daemon, without specifying each pid is quite useful. This was implemented
in winbindd in 065760ed. This patch does the same thing for smbd.
Upon receiving a MSG_DEBUG the parent smbd will rebroadcast it to all of
its children.
The printing process has been added to the list of smbd child processes,
and we now always track the number of smbd children regardless of the
"max smbd processes" setting.
A sesssetupAndX chained with a tconn will not correctly set the TID in
the response header. I'm seeing an XP client send this chained
sesssetup/tconn when samba has security = share. Samba's current
behavior is to return a TID of 0 in the smb header rather than the
actual TID. This patch also updates the UID in the header as well.
This changelist allows for the addition of custom performance
monitoring modules through smb.conf. Entrypoints in the main message
processing code have been added to capture the command, subop, ioctl,
identity and message size statistics.
This the global variable "orig_inbuf" in the old chain_reply code. This global
variable was one of the reasons why we had the silly restriction to not allow
async requests within a request chain.
We use a fd event and receive incoming smb requests
when the fd becomes readable. It's not completely
nonblocking yet, but it should behave like the old code.
We use timed events to trigger retries for deferred open calls.
metze
This is necessary if we want to keep the whole smb_request for deferred ops.
The explicit settings of req->inbuf will be removed once all those deferring
operations are converted to store the whole request and not just the inbuf.
This removes some explicit inbuf references and also removes a pointless check
in reply_echo. The buflen can never be more than 64k, this is just a 16 bit
value.
