IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The calls to sid_to_gid and sid_to_uid create id mapping entries themselves,
which makes it pretty difficult to reliably delete id mapping entries
everywhere just using a SID.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Sep 5 16:30:41 CEST 2011 on sn-devel-104
Be smarter about setting default permissions when a ACL_GROUP_OBJ isn't given. Use the
principle of least surprises for the user.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Sep 3 00:16:05 CEST 2011 on sn-devel-104
Don't call check_owning_objs() to convert ACL_USER->ACL_USER_OBJ and
AC_GROUP->ACL_GROUP_OBJ for default (directory) ACLs, we do this separately
inside ensure_canon_entry_valid().
If a smb1 negprot negotiated smb2 we forked the echo responder. This will
eventually lead to a panic from
[2011/08/30 10:33:29.212578, 0, pid=3846917] smbd/smb2_server.c:243(smbd_smb2_request_create)
Invalid SMB packet: first request: 0x0009
because from the echo responder we always read using the normal smb1 protocol
handling routine. If that is a bit down the smb2 stream, we get a non-negprot
packet and panic.
BTW, the echo responder is not required for smb2 anyway, Microsoft confirmed
that it probes the server liveness using TCP keepalives and not smb2 echo
requests.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 31 17:58:48 CEST 2011 on sn-devel-104
According to [MS-SMB2] 3.3.5.9.7
(http://msdn.microsoft.com/en-us/library/cc246784%28v=PROT.13%29.aspx),
smbd must reply with NT_STATUS_OBJECT_NAME_NOT_FOUND as it does not
support durable file-handles yet.
I have seen w2k8r2 running xcopy /C ending up in an endless loop
trying to get back the original file handle from smbd sending the same
requests over and over.
Metze, Jeremy, please check!
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Aug 30 22:20:36 CEST 2011 on sn-devel-104
The IDMAP term is normally associated with Winbind's idmap stuff.
These functions deal with id caching not id mapping.
Signed-off-by: Simo Sorce <idra@samba.org>
We must leave the MSG_IDMAP_KILL operation in SMBD as it uses smbd
specific internal globals and makes sense only in the context of a smbd
daemon.
The rest is moved under lib/ as we need to deal with id cache cleanups
in other daemons too (like lsasd).
Signed-off-by: Simo Sorce <idra@samba.org>
Ensure we always use vfs_ChDir() to keep the singleton cache coherent.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Aug 19 00:43:05 CEST 2011 on sn-devel-104
OS/2 sends an unexpected write&x/read&x chain
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Aug 14 08:48:58 CEST 2011 on sn-devel-104
Be more correct in load printers at startup.
If async process have already started we do not need to force a reload, but we
just need to load the printers. If other process have not finished initializing
it makes no sense to try to force them as they are masking SIGHUP unitl init is
done anyway.
Signed-off-by: Andreas Schneider <asn@samba.org>
This way we are sure the cache is primed properly and messages can be sent to
processes if necessary as all messaging has been set up.
Signed-off-by: Andreas Schneider <asn@samba.org>
Use a child for the background updater process
Forward printer update messages from spoolss to background update process.
Signed-off-by: Andreas Schneider <asn@samba.org>
Currently we skip, the "gone async" interim response on read and write,
this caused the aio code path to grant 0 credits to the client
in the read/write responses.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Aug 7 22:23:57 CEST 2011 on sn-devel-104
This avoids having the same check in 3 different parts of the code
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Aug 3 12:45:04 CEST 2011 on sn-devel-104
There is no longer any theft of memory as the underlying routines now
produce a new auth_session_info for this caller, allocating it
on the supplied memory context.
Andrew Bartlett
This tests if the auth_generic_start() hook is available on the auth
context during the negprot, and if so it uses auth_generic_start() to
hook to GENSEC to handle the full SPNEGO blob.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Rather than passing this value around the callers, and eventually
setting it in register_existing_vuid(), we simply pass it to
create_local_token(). This also removes the need for
auth_ntlmssp_get_username().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This helps map on to the GENSEC semantics better, and ensures that the
full set of desired features are set before the mechanism starts.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This is changed so that the callers ask for the additional flags
that they need, starting with no additional flags.
This helps to create a proper abstraction layer in
ntlmssp_wrap/auth_ntlmssp.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This means we no longer need two different map to guest functions
and have consistent logic with fewer layering violations.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This way we can properly deal with pcap updates in the background queue process
if it is enabled (on by default) and not perform these actions in the main
smbd process.
Signed-off-by: Günther Deschner <gd@samba.org>
Modify the credit granting algorithm to closer to what I believe
Windows does.
Split up max_credits into 1/16ths, and then scale
the requested credits by how many 16ths have been
currently granted. Less than 1/16th == grant all
requested (100%), scale down as more have been
granted. Never ask for less than 1 if the client
asked for at least 1.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Jul 29 20:37:42 CEST 2011 on sn-devel-104
Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and
make the fallbacke implementation functoins non-static and create a
dbwrap_private.h header file that contains their prototypes.
Without this, an active client connection can starve the echo responder. This
leads to apparently "lost" SMBs.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Jul 28 18:53:38 CEST 2011 on sn-devel-104
Put InternalPipes related functions in rpc_handles.c and out of rpc_ncacn_np.c
rpc_handles.c is the only file that really uses them after all and ncacn_np.c
is the wrong place for that stuff.
While ther remove unnecessary wrapper functions now that the InternalPipes
static variable is directly accessible.
Also move all pipes_struct related header stuff in its own rpc_pipes.h header.
Signed-off-by: Andreas Schneider <asn@samba.org>
Instead, we base our guest calculations on the presence or absense of the
authenticated users group in the token, ensuring that we have only
one canonical source of this important piece of authorization data
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This patch finally has the same structure being used to describe the
authorization data of a user across the whole codebase.
This will allow of our session handling to be accomplished with common code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This makes auth3_session_info identical to auth_session_info
The logic to convert the info3 to a struct auth_user_info is
essentially moved up the stack from the named pipe proxy in
source3/rpc_server to create_local_token().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This brings this structure one step closer to the struct auth_session_info.
A few SMB_ASSERT calls are added in some key places to ensure that
this pointer is initialised, to make tracing any bugs here easier in
future.
NOTE: Many of the users of this structure should be reviewed, as unix
and NT access checks are mixed in a way that should just be done using
the NT ACL. This patch has not changed this behaviour however.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This seperation between the structure used inside the auth modules and
in the wider codebase allows for a gradual migration from struct
auth_serversupplied_info -> struct auth_session_info (from auth.idl)
The idea here is that we keep a clear seperation between the structure
before and after the local groups, local user lookup and the session
key modifications have been processed, as the lack of this seperation
has caused issues in the past.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
The --log-stdout option was compromised by the log file descriptors being
closed once the file process forked.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Remove
int toupper_ascii(int c);
int tolower_ascii(int c);
int isupper_ascii(int c);
int islower_ascii(int c);
and replace with their _m equivalents, as they are identical.
I think we should reject invalid access early,
before we might create new files.
Also smbd_check_open_rights() is only called if the file existed.
metze
This is handled by a common header and a .c file that is included into
both loadparm.c files.
In the process, _lp functions were renamed to lp__ to allow the common
function definition declarations to be used by source3 and source4
(which have different macro definitions).
The only parameter to change type is 'strict_locking' which was a
bool, and is now an int, to accommodate the 'Auto' value from source3.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Jul 8 12:35:56 CEST 2011 on sn-devel-104
Move the num_requests field out of the smb1 struct into the generic
struct smbd_server_connection struct. Use it to count SMB2 requests
as well as SMB1 and ensure that check_log_size() is called every 50
SMB2 requests.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Jul 8 01:14:53 CEST 2011 on sn-devel-104
For all requests which don't operate on a tcon, we should call
change_to_root_user(), to match the SMB1 behavior.
For SMB1 we do the following operations without AS_USER:
/* 0x70 */ { "SMBtcon",reply_tcon,0},
/* 0x71 */ { "SMBtdis",reply_tdis,DO_CHDIR},
/* 0x72 */ { "SMBnegprot",reply_negprot,0},
/* 0x73 */ { "SMBsesssetupX",reply_sesssetup_and_X,0},
/* 0x74 */ { "SMBulogoffX",reply_ulogoffX, 0}, /* ulogoff doesn't give a valid TID */
/* 0x75 */ { "SMBtconX",reply_tcon_and_X,0},
...
/* 0x2b */ { "SMBecho",reply_echo,0},
...
/* 0xa4 */ { "SMBntcancel",reply_ntcancel, 0 },
For SMB2tdis we still call smbd_smb2_request_check_tcon()
as close_cnum() calls change_to_root_user() when needed.
metze
Signed-off-by: Jeremy Allison <jra@samba.org>
use the correct alias instead of FD directly
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Tue Jul 5 19:51:42 CEST 2011 on sn-devel-104
We can't allow open with access that has been denied via the share
security descriptor
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jul 5 16:21:54 CEST 2011 on sn-devel-104
when smbd tries to clean up locks after a premature end of a smb2
connection, lock_db has already been freed and so it crashes
this patch changes the order in which items are freed so that
lock_db is still around when it is needed
Jeremy, Metze, please check
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Mon Jul 4 20:00:26 CEST 2011 on sn-devel-104
when CTDB is unhealthy, log a message and exit cleanly
instead of creating a core file
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Thu Jun 30 13:18:12 CEST 2011 on sn-devel-104
Pass in the correct vector to the signing algorithm in an async
response - we must start with vector[1] which has the SMB2_HDR_BODY
length, not vector[0] which is the 4 byte packet length. Also
note we're passing in 2 vectors not 3.
Metze please review.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jun 29 20:09:21 CEST 2011 on sn-devel-104
Caused by referencing an uninitialized variable in the
duplicated struct smbd_smb2_request when sending a signed
intermediate reply.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jun 29 04:37:28 CEST 2011 on sn-devel-104
This should fix DCERPC responses with fragments larger than 1024 bytes.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jun 24 11:25:36 CEST 2011 on sn-devel-104
Move lp_acl_check_permissions() into can_delete_file_in_directory()
where it makes sense. Remove ACL check when requesting DELETE_ACCESS
when lp_acl_check_permissions is false.
Thanks to John Janosik @ IBM for noticing this.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Jun 24 01:18:11 CEST 2011 on sn-devel-104
The only users I can find of this on the internet involve confused
users, and our own documentation recommends never setting this. Don't
confuse our users any longer.
Andrew Bartlett
The become_root() and similar 'smbd' functions that are used widely in
Samba libraries had 'dummy' copies in dummysmbd.c and dummyroot.c.
These have been replaced by a runtime plugin mechanim, which ensures
that standlone binaries still do nothing, while in smbd the correct
function is used.
This avoids having these as duplicate symbols in the smbd binary,
which can cause unpredictable behaviour.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
My previous patches fixed up all direct TDB callers, but there are a
few utility functions and the db_context functions which are still
using the old -1 / 0 return codes.
It's clearer to fix up all the callers of these too, so everywhere is
consistent: non-zero means an error.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This is a helper for the common case of opening a tdb with a logging
function, but it doesn't do all the work, since TDB1 and TDB2's log
functions are different types.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
TDB2 returns a negative error number on failure. This is compatible
if we always check for < 0 instead of == -1.
Also, there's no tdb_traverse_read in TDB2: we don't try to make
traverse reliable any more, so there are no write locks anyway.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
We change all the headers and wscript files to use tdb_compat; this
means we have one place to decide whether to use TDB1 or TDB2.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This is at least one instance which I could identify
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Jun 14 19:06:39 CEST 2011 on sn-devel-104
This should fix the build on FreeBSD
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jun 14 09:38:49 CEST 2011 on sn-devel-104
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.
Andrew Bartlett
When changing ownership on a new file make sure we
must have a valid stat struct before making the inheritance
calls (as they may look at it), and if we make changes we
must have a valid stat struct after them.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jun 8 03:07:04 CEST 2011 on sn-devel-104
This brings these helpful utility functions in common, as they are not
based on either loadparm system.
(The 'modules dir' parameter from Samba4 will shortly be removed, so
there is no loss in functionality)
Andrew Bartlett
Force the open operation (which is the expensive one anyway) to
acquire and release locks in a way compatible with the more common
do_lock check.
Jeremy.
Several places want "microseconds from current time", and several were
simply handing "usecs" values which could be over a million.
Using a helper to do this is safer and more readable.
I didn't replace any obviously correct callers (ie. constants).
I also renamed wait_nsec in source3/lib/util_sock.c; it's actually
microseconds not nanoseconds (introduced with this code in Volker's
19b783cc Async wrapper for open_socket_out_send/recv).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Several places want "milliseconds from current time", and several were
simply doing "msec * 1000" which can (and does in one place) result in
a usec value over 1 a million.
Using a helper to do this is safer and more readable.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This has been a wrapper around server_event_context() for some time
now, and removing this from dummmysmbd.c assists with library
dependencies.
Andrew Bartlett
The dependency chain of find_service can't be satisfied sensibly
outside smbd, so don't include this in the main 'param' subsystem.
Also remove the duplicate find_service() and conn_snum_used() from
dummysmbd.c: The WAF build does not need these dummies any more, but
file.
Andrew Bartlett
The idea with this split is to make it easier to handle dependencies,
avoiding having the loadparm code depend on the global server
variables, without resorting to dummy functions and linker tricks.
conn_clear_vuid_cache() is brought in from uid.c to make it static
Andrew Bartlett
This provides the 'sconn' parameter to this key functions, that
is currently duplicated in dummysmbd.c, which causes duplicate symbol
issues in the waf build.
This has natrually caused a number of consequential changes across the
codebase, includning not passing a messaging context into initial
reload_services():
This causes problems because the global smbd_server_connection isn't
yet set up, as there isn't a connection here, just the initial
process.
Andrew Bartlett
Otherwise smbd will crash at an unclean exit. Without this conn_close_all will
do a close_cnum() on all connection_struct's. In smb2, those are talloc
children of the smbd_smb2_tcon's. sconn is talloc_free'ed after the
conn_close_all, but the smbd_smb2_tcon destructor will still reference
tcon->compat_conn, referencing then free'ed (and null'ed out) memory.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon May 30 22:49:53 CEST 2011 on sn-devel-104
We were not correctly checking the output of asn1_start_tag().
asn1_start_tag() returns -1 and sets data->has_error if the
remaining blob size is too short to contain the tag length.
We were checking data->has_error and returning NT_STATUS_OK
(to allow the second asn.1 parse to fail in that case). We
should not be checking data->has_error in this case, but
falling through to the code that already checks the length.
Thanks to Jim for reproducing this for me. We don't get bitten
by this as we announce a max buffer size of 16k, greater than
Windows's 4k, which means that most krb5 spnego packets already
fit.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri May 27 02:57:27 CEST 2011 on sn-devel-104
When doing SMB2 renames, we need to match all filetypes (no attributes field in the SMB2 call).
By default a file starting with a period is returned as FILE_ATTRIBUTE_HIDDEN in Samba.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri May 20 19:26:04 CEST 2011 on sn-devel-104
in the early CTDB days, the RELEASE_IP message was defined
and some code was added to react on such a message to make
smbd exit if the IP address it was using for the server socket
is removed by CTDB.
Later, it was discovered that we need to stop smbd immediately
and logic was added to ctdb_conn to call release_ip() without
going through the messaging system.
So this code is not used and can be removed
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Fri May 20 16:18:24 CEST 2011 on sn-devel-104
This enables activating the echo responder also if SMB2 is enabled, albeit it
will only be used for SMB1 at this moment.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri May 20 15:06:03 CEST 2011 on sn-devel-104
release_ip() needs the private_data, but it was never saved away
to feed it into release_ip() later
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Thu May 19 21:21:14 CEST 2011 on sn-devel-104
The extra checks added for Windows correctness in our metadata changing paths
to ensure the file handle has been opened with the correct access mask to
allow FILE_WRITE_ATTRIBUTES etc. caused problems with the POSIX open code.
The old POSIX open code maped O_RDONLY into FILE_READ, O_WRONLY into FILE_WRITE,
and O_RDWR into FILE_READ|FILE_WRITE. This patch extends the mapping to add
FILE_WRITE_ATTRIBUTES, FILE_READ_ATTRIBUTES and FILE_WRITE_EA, FILE_READ_EA to
allow POSIX opens to set these values.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed May 18 02:22:32 CEST 2011 on sn-devel-104
"struct smbd_server_connection" is called sconn elsewhere, avoid confusion
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue May 17 19:00:20 CEST 2011 on sn-devel-104
In the oplock refactoring, the algorithm underwent an unnoticed change.
In 3.5.x stat_opens were silently (i.e. no explicit code had comments
explaining this) ignored when looking for oplock breaks and share mode
violations. After the refactoring, the function find_oplock_types()
no longer ignored stat_open entries in the share mode table when looking
for batch and exclusive oplocks. This patch adds two changes to find_oplock_types()
to ignore the case where the incoming open request is a stat open being
tested against existing opens, and also when the incoming open request
is a non-stat open being tested against existing stat opens. Neither
of these cause an oplock break or share mode violation. Thanks a *lot*
to Volker, who persevered in reproducing this problem.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon May 16 22:38:20 CEST 2011 on sn-devel-104
This way we can configure which rpc service we actually want to connect to.
By default it uses an "embedded" interface and calls rpc_pipe_open_internal()
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri May 13 14:40:26 CEST 2011 on sn-devel-104
this allows the fd to be setup by subsystems that want to use the s3
server core code
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sun May 8 12:01:13 CEST 2011 on sn-devel-104
This also makes unix_nt_errmap private to errmap_unix.c and errormap.c
so the tables themselves cannot be duplicate symbols until merged.
Andrew Bartlett
This #if _SAMBA_BUILD == 3 is very unfortunate, as it means that in
the top level build, these options are not available for these
databases. However, having two different tdb_wrap lists is a worse
fate, so this will do for now.
Andrew Bartlett
using sizeof(user) when user is "fstring user" as a C parameter
actually returns sizeof(char *), which means that long usernames
aren't allowed.
Jeremy, you need a longer username :-)
Cheers, Tridge
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Tue May 3 13:04:11 CEST 2011 on sn-devel-104
Ensure create_options are passed down to SMB_VFS_CREATE_FILE().
Correctly set create_options is SMB_O_DIRECTORY is set or pathname
is known to be a directory.
Jeremy.
We are conflating the O_CREAT|O_EXCL with the O_TRUNC
processing, they need to be separate. We need to chose
using (O_CREAT|O_EXCL) first, then modify if O_TRUNC is
set. This needs two separate switch statements.
Jeremy
This should finally fix the AIX build and allow to remove AIX specific ifdefs.
Guenther
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Apr 21 02:01:20 CEST 2011 on sn-devel-104
