IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Each cli struct has it's own local copy of this variable,
so use that in client code. In the smbd server, add one
static to smbd/proccess.c and use that inside smbd. Fix
a bunch of places where smb_rw_error could be set by
calling read_data() in places where we weren't reading
from the SMB client socket (ie. winbindd).
Jeremy.
(This used to be commit 255c2adf7b)
to zero). If non-zero, writeX calls greater than this
value will be left in the socket buffer for later handling
with recvfile (or userspace equivalent). Definition of
recvfile for your system is left as an exercise for
the reader (I'm working on getting splice working :-).
Jeremy.
(This used to be commit 11c03b75dd)
zero_addr(&ss). All current uses were always of the
AF_INET form, so simplify the call. If in the future
we need to zero an addr to AF_INET6 this can be
done separately.
Jeremy.
(This used to be commit 2e92418a13)
and into util_sock.c. is_ipaddress() now copes with link:local:v6%ifname
addresses, as does interpret_string_addr().
Jeremy
(This used to be commit a3f7db3d30)
as well as 2 typos where AF_INET6 was mistypes as AF_INET.
JERRY YOU NEED THESE FIXES.
Fixes smbclient -L localhost -U%
Bugs reported by Kukks (thanks kukks).
Jeremy.
(This used to be commit f109f82622)
to struct sockaddr_storage in most places that matter (ie.
not the nmbd and NetBIOS lookups). This passes make test
on an IPv4 box, but I'll have to do more work/testing on
IPv6 enabled boxes. This should now give us a framework
for testing and finishing the IPv6 migration. It's at
the state where someone with a working IPv6 setup should
(theorecically) be able to type :
smbclient //ipv6-address/share
and have it work.
Jeremy.
(This used to be commit 98e154c312)
Also make use of "if defined(HAVE_IPV6)" rather than testing for
AF_INET6 since this is not sufficient on HP-UX 11.11 to ensure
a working IPv6 implementation.
(This used to be commit 620785df4e)
We don't use gethostbyname any more except in one case where
we're looking for host aliases (I don't know how to do that
with getaddrinfo yet). New function should be getaddrinfo().
Next step will be fixing lib/access.c, and then changing
libsmb/namequery.c to cope with IPv6 address returns.
Jeremy.
(This used to be commit 4a56b697b6)
IPv6 in winbindd, but moves most of the socket functions that were
wrongly in lib/util.c into lib/util_sock.c and provides generic
IPv4/6 independent versions of most things. Still lots of work
to do, but now I can see how I'll fix the access check code.
Nasty part that remains is the name resolution code which is
used to returning arrays of in_addr structs.
Jeremy.
(This used to be commit 3f6bd0e1ec)
by Volker. We used to return 0.0.0.0 for the text
address of an uninitialized socket - ensure we
still do so. Once uninitialized address is as
good as any other.
Jeremy.
(This used to be commit 2827bbe0f8)
the ripple effects this causes. utmp has to change etc. Remove some
global varables and store address/port in the unexpected db.
Jeremy.
(This used to be commit 18c6a2211d)
The complete history of this patch can be found under
http://www.samba.org/~vlendec/inbuf-checkin/.
Jeremy, Jerry: If possible I would like to see this in 3.2.0. I'm only
checking into 3_2 at the moment, as it currently will slow down operations for
all non-converted (i.e. all at this moment) operations, as it will copy the
talloc'ed inbuf over the global InBuffer. It will need quite a bit of effort
to convert everything necessary for the normal operations an XP box does.
I have patches for negprot, session setup, tcon_and_X, open_and_X, close. More
to come, but I would appreciate some help here.
Volker
(This used to be commit 5594af2b20)
to restructure libsmb/smb_signing.c so it isn't in
the base libs path but lives in libsmb instead (like
smb_seal.c does).
Jeremy.
(This used to be commit 1b828f051d)
for the server side enc. (doesn't break anything).
I'll keep updating this until I've got NTLM seal working
on both client and server, then add in the gss level
seal.
Jeremy.
(This used to be commit 530ac29abf)
these out as I implement. Don't add to SAMBA_3_0_25, this
is experimental code.
NFSv4 you're now officially on notice... :-).
Jeremy.
(This used to be commit 5bfe638f21)
to make connections to ports 445 or 139 on the DC it's trying
to contact. It calls sys_select() on the non-blocking sockets,
not sys_select_intr(). This is a mistake (I believe) as it allows
a signal to early terminate the connection attempts - whereas
sys_select_intr() will ignore signals until we get back to
the main processing loop where they'll be handled correctly.
This change means winbindd_cm will not early terminate if it
gets a message whilst trying to connect to DC's.
Gunther, Volker and Jerry please review (but I think this
is correct).
Jeremy.
(This used to be commit 24aaa48677)
as they do nothing that write_socket/read_socket don't do. Add a more useful
error message when read_socket/write_socket error out on the main client fd
for a process (ie. try and list the IP of the client that errored).
Jeremy.
(This used to be commit cbd7578e7c)
timeout > 0. Better solution after much helpful input
from derrell@samba.org. We may eventually change the
read_socket_with_timeout() interface to count down the
timeout value.
Jeremy.
(This used to be commit 09c9a62aa5)
the read using a timeout to ensure that all data for the packet is received.
2 some minor changes to meet coding standards
3 eliminate some compiler warnings
(This used to be commit 7b4d4f6109)
where large print jobs can have out-of-order offsets. Bug found
by Arcady Chernyak <Arcady.Chernyak@efi.com>
Jeremy.
(This used to be commit 482f7e0e37)
This was a missing merge from HEAD or rather a commit to 3_0 from the wrong
source. Fixed slightly over HEAD, HEAD merge will follow.
Deal with connection refused according to the specs.
Volker
(This used to be commit 7230cb87eb)
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f)
ago.
This patch re-adds support for 'optional' SMB signing. It also ensures that
we are much more careful about when we enable signing, particularly with
on-the-fly smb.conf reloads.
The client code will now attempt to use smb signing by default, and disable
it if the server doesn't correctly support it.
Andrew Bartlett
(This used to be commit e27b5cbe75)
packet-termination of strings. This change ensures that when we go
past the end of a packet we hit 2 null bytes, thus terminating. We are
relying on the SAFETY_MARGIN packet allocation stuff here.
(This used to be commit 655ec16828)
get_peer_name. This is to get closer to the getsockname/getpeername system
functions.
Next step will be the %i macro for the local IP address. I still want to play
%L-games in times of port 445.
Volker
(This used to be commit d7162122ea)
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at
all and I really want to discourage that.
Jeremy.
(This used to be commit d7e35dfb92)
to pstr_sprintf() and fstr_sprintf() to try to standardize.
lots of snprintf() calls were using len-1; some were using
len. At least this helps to be consistent.
(This used to be commit 9f835b85dd)
source file. I will be making changes to sock_exec to work on VOS, which
has a blocking connect() call, but first I want to get it in its own source
file so that it can be called from a test program.
(This used to be commit 10bf65d335)
hostname.
This makes 'last -i' show the IP.
Thanks to Philip Anderson <pza@australia.op.org> for the idea.
Andrew Bartlett
(This used to be commit 107731c080)
*sync up configure.in
*don't build torture tools in make all
*make sure to remove torture tools as part of make clean
(This used to be commit 0fb724b321)
- vorlan's hosts allow with DNS names patch
- use x_fileno() in debug.c, not the struct directly.
- check for server timeout on password change (was reporting success)
- better error/status loggin in both the pam_winbind client and winbindd_pam
server code.
- (pdb_ldap) don't set the ldap version twice - we do it on every bind anyway.
(This used to be commit 9fa1863d8e)
receive_smb: You might think that we ought to set smb_read_error here,
but apparently that breaks the recursive main loop in oplock.c.
Global variables suck. :-/
(This used to be commit b6d5d02aa1)
processing work correctly in winbindd. This is a really good patch
that gives full select semantics to the Samba modified select.
Jeremy.
(This used to be commit 3af16ade17)
degree of seperation betwen reading/writing the raw NamedPipe SMB packets
and the matching operations inside smbd's RPC components.
This patch is designed for no change in behaviour, and my tests hold that to be
true. This patch does however allow for the future loadable modules interface
to specify function pointers in replacement of the fixed state.
The pipes_struct has been split into two peices, with smb_np_struct taking the
information that should be generic to where the data ends up.
Some other minor changes are made: we get another small helper function in
util_sock.c and some of the original code has better failure debugs and
variable use. (As per on-list comments).
Andrew Bartlett
(This used to be commit 8ef13cabdd)
to move this from being a static to matching its mate in lib/util_sock.c.
In any case, this should discorage anybody from using the 'wrong' version of
this function. (ie the one from TNG, which needs a bit more error checking
depending on use).
Andrew Bartlett
(This used to be commit e6a3a01f79)
This should finally kill off the remaining places where we
attempt reverse lookups of the IP of the client. It may be that some
pam modules called via the session code will need "hostname lookups = yes"
but I've left it off by default as most sites don't need it and so
many sites have broken reverse maps
(This used to be commit 2b83ad0396)
funky code that was simply setting a local int to 0 or 1 and also added
calls to strerror() in some of the debug lines.
The use of the dlevel parameter in this function is a little awkward.
There should probably be some comments about it in the source.
(This used to be commit 3031e7acdc)
we no longer lookup our own name when we create a socket in
open_socket_in(). That makes things work much better with the
broken DNS server at VA
(This used to be commit a83d506e5c)
allow us to have test targets without special configure options
- fixed make proto so that it actually does something
(This used to be commit 55109a7525)
that libsmb/ creates a local tcp socket then launches smbd as a subprocess
attached to that socket. smbd thinks it is being launched from inetd.
to use it do the following:
- compile with -DSMB_REGRESSION_TEST
- run like this (also works with smbtorture etc)
export SMBD_TEST=1
export LIBSMB_PROG=bin/smbd
smbclient //server/share -Uuser%pass
obviously you need to setup a smb.conf etc. Using --prefix to configure
is useful.
The aim of all this stuff is to add a decent set of regression tests
to the build farm, so we know if smbd actually runs correctly on all the
platforms, not just builds. We can run smbtorture, masktest, locktest etc,
plus a bunch of smbclient scripts and any new tests we write.
This doesn't help much with nmbd (at least not yet) but its a good start.
(This used to be commit 7e8e6ae9a8)
I had to modify sys_select() to not loop on EINTR. I added a wrapper
called sys_select_intr() which gives the old behaviour.
(This used to be commit b28cc4163b)
assumption that we have one socket everywhere
while doing so I discovered a few bugs!
1) the clientgen session retarget code if used from smbd or nmbd would
cause a crash as it called close_sockets() which closed our main
socket! fixed by removing close_sockets() completely - it is unnecessary
2) the caching in client_addr() and client_name() was bogus - it could
easily get fooled and give the wrong result. fixed.
3) the retarget could could recurse, allowing an easy denial of
service attack on nmbd. fixed.
(This used to be commit 5937ab14d2)
one horrible cut / paste job from smbd, plus a code split of shared
components between the two.
the job is not _yet_ complete, as i need to be able to do a become_user()
call for security reasons. i picked lsarpcd first because you don't
_need_ security on it (microsoft botched so badly on this one, it's not
real. at least they fixed this in nt5 with restrictanonymous=0x2).
fixing this involves sending the current smb and unix credentials down
the unix pipe so that the daemon it eventually goes to can pick them
up at the other end.
i can't believe this all worked!!!
(This used to be commit 2245b0c6d1)
created an "nmb-agent" utility that, yes: it connects to the 137 socket
and accepts unix socket connections which it redirects onto port 137.
it uses the name_trn_id field to filter requests to the correct
location.
name_query() and name_status() are the first victims to use this
feature (by specifying a file descriptor of -1).
(This used to be commit d923bc8da2)
groupdb/aliasdb.c groupdb/aliasfile.c groupdb/groupfile.c: Don't use snprinf, use slprintf.
include/includes.h: Fix YP problem.
include/smb.h: Fix ZERO_STRUCTP.
lib/util_sock.c: Added strerror() in debugs.
passdb/ldap.c: Don't use snprinf, use slprintf.
rpc_client/cli_lsarpc.c rpc_client/cli_pipe.c rpc_parse/parse_sec.c rpc_server/srv_pipe.c: Don't use snprinf, use slprintf.
script/installman.sh: DGUX changes.
smbd/open.c smbd/oplock.c: Fixed gcc warnings.
web/swat.c: Changes USER to SWAT_USER.
(This used to be commit 4c2b5a0098)
lib/util_sock.c: Added strerror() calls to getpeername failures (which seem to be giving IRIX trouble at the moment).
rpc_parse/parse_sec.c: Changed use of ZERO_STRUCTPN to ZERO_STRUCTP which again does zero pointer protection.
smbd/quotas.c: Fixed typo.
Jeremy.
(This used to be commit b62f008974)
and util_sock.c NOT included in Makefile.in.
registry commands added to rpcclient.
waiting for 2_0_0 split before committing modified files. these files
are new modules, and are not referenced in the Makefile.in
(This used to be commit 373f60256f)