IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Change-Id: Ic2e06e448fce1d91422b711abf663b9253009a53
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Apr 2 13:07:24 CEST 2014 on sn-devel-104
We no longer return early if there are no members, we just return an empty array.
Change-Id: I7b0949e0c0b9277426a8007514a8658615f6c709
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Change-Id: I0aa703bb2766f1353a176a0c3f25424bbc4953f5
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Change-Id: I94469de9d463ee90365bae43094231efaf0a7d8c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
This is done by calling make_auth4_context_s4(), avoiding code duplication.
Change-Id: I3a3bf4e4273f27078c308d55102e4a1f4b052d17
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Change-Id: Iedf516e8c24e0d18064aeedd8e287ed692d3c5b4
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
This is the correct thing to do the smb request buffer contains
just bytes (uint8_t).
It also avoids strange casting in the callers.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Some modules use samba_init_module as the name for the init functions,
others use a name based on the module name.
Rename the init functions from samba_init_module, to be consistent
across all modules. This change also allows to build idmap_tdb2 and
perfcount_test statically.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 2 08:50:04 CEST 2014 on sn-devel-104
BUG: https://bugzilla.samba.org/show_bug.cgi?id=8449
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 2 02:36:08 CEST 2014 on sn-devel-104
Any code in source3 is permitted to use talloc_tos() at any point, so we must protect all the library interfaces
against memory leaks this way.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10388
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Apr 1 23:16:19 CEST 2014 on sn-devel-104
Use similar behaviour to the diskshadow.exe FSRVP client, which aborts
the shadow-copy set if it receives a failed commit response.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 1 00:54:06 CEST 2014 on sn-devel-104
The Windows Server 2012 FSRVP server exhibits strange behaviour when
exposing hidden shadow copy shares. If the hidden share UNC in the
AddToShadowCopySet request includes a trailing backslash (e.g.
"\\server\share$\"), then the new shadow-copy share will also be hidden
(e.g. "\\server\share$@{ShadowCopy.ShadowCopyId}$").
However, if the UNC does not include a trailing backslash, which until
now was rpcclient's default behaviour, then the exposed shadow-copy
share is not hidden.
Thanks to the MS Open Specifications team for helping me track down this
one.
bug: https://bugzilla.samba.org/show_bug.cgi?id=10521
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
When multiple aio requests finish simultaneously, this saves a few syscalls
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 27 08:05:46 CET 2014 on sn-devel-104
This makes use of C99 dynamic arrays. In this performance-sensitive code, I
would like to avoid malloc/free, and I think 15 years after the standard we
might be able to use this feature. Alternatively, we could use the "results"
memory area and store the jobids in the upper range, playing some cast-tricks.
Should work as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This can avoid syscalls when multiple jobs are finished simultaneously
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
pthreadpool_add_job is in our hottest code path for r/w intensive workloads, so
we should avoid anything CPU-intensive. pthreadpool used to malloc each job and
free it in the worker thread. This patch adds a FIFO queue for jobs that helper
threads copy from, avoiding constant malloc/free. This cuts user space
CPU in the local-bench-pthreadpool benchmark by roughly 10% on my system.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
smbtorture is now always the same version as the rest of Samba, and is strictly required.
Andrew Bartlett
Change-Id: I89d9c52275477177fa8a89050920ff8a2fec9288
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar 26 04:20:16 CET 2014 on sn-devel-104
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 25 18:29:06 CET 2014 on sn-devel-104
This code needs to special-case the guest user, as
this token can have the token_sid[0] set to the Guest
SID, not the mapping of UNIX uid -> SID.
Other users that may have a well-known SID
set in token_sid[0] (like SYSTEM) are usually
not mappable to UNIX users and can be ignored
when adding local groups from /etc/group.
Found by <linux@kukkukk.com>.
Second part of the bugfix for:
https://bugzilla.samba.org/show_bug.cgi?id=10508
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
All ctdb specific code is isolated in samba-cluster-support.so now.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Mar 24 19:08:44 CET 2014 on sn-devel-104
Only files in 'samba3-ctdb-client' will see HAVE_CTDB* defines.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This is better than a compile time check for
HAVE_CTDB_CONTROL_CHECK_SRVIDS_DECL.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This allows runtime selection of libsamba-cluster-support.so
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This gets all dummy functions for the build without CLUSTER_SUPPORT.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This collects the ctdb version dependent files,
which allows vendors to provide multiple versions
of libsamba-cluster-support.so each compiled against different
ctdb versions.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 21 21:22:24 CET 2014 on sn-devel-104
This has to be done in every code path that creates
an NT token, as remote users may have been added to
the local /etc/group database. Tokens created merely
from the info3 structs (via the DC or via the krb5 PAC)
won't have these local groups.
https://bugzilla.samba.org/show_bug.cgi?id=10508
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
We need to call pipe_init_outgoing_data() as the first thing in
process_complete_pdu(). Otherwise the caller may use uninitialized
memory and tries to write a response into the socket.
The problem happens only if a real socket is used, which means
in all cases for master and only with external rpc daemons in v4-0
and v4-1.
The problem looks like this in the logs.
[2014/03/20 14:49:35.531663, 10, pid=7309, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1627(process_complete_pdu)
Processing packet type 0
[2014/03/20 14:49:35.531695, 10, pid=7309, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1472(dcesrv_auth_request)
Checking request auth.
[2014/03/20 14:49:35.531738, 10, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:521(named_pipe_packet_process)
Sending 1 fragments in a total of 0 bytes
[2014/03/20 14:49:35.531769, 10, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:526(named_pipe_packet_process)
Sending PDU number: 0, PDU Length: 4294967228
[2014/03/20 14:49:35.531801, 2, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:565(named_pipe_packet_done)
Writev failed!
[2014/03/20 14:49:35.531845, 2, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:595(named_pipe_packet_done)
Fatal error(Message too long). Terminating client(127.0.0.1) connection!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10481
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Guenther Deschner <gd@samba.org
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Mar 20 18:30:17 CET 2014 on sn-devel-104
Git commit 86d1e1db8e
fixed share_access not being reset between users,
by changing make_connection_snum() to call a common
function check_user_share_access() in the same way
that change_to_user() (which can be called on any
incoming packet) does.
Unfortunately that bugfix was incorrect and
broke "force user" and "force group" as it
called check_user_share_access() inside
make_connection_snum() using the conn->session_info
pointer instead of the vuser->session_info pointer.
conn->session_info represents the token to use
when actually accessing the file system, and so
is modified by force user and force group.
conn->session_info represents the "pristine"
token of the user logging in, and is never modified
by force user and force group.
Samba 3.6.x checked the share access based on
the "pristine" token of the user logging in,
not the token modified by force user and force group.
This change restores the expected behavior.
Fixes bug #9878 - force user does not work as expected
https://bugzilla.samba.org/show_bug.cgi?id=9878
Signed-off-by: Jeremy Allison <jra@samba.org>
Tested-by: Gerhard Wiesinger <lists@wiesinger.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Mar 18 19:19:31 CET 2014 on sn-devel-104
When this option is set to no, an attempt to open an offline file will
be rejected with access denied. This helps preventing recall storms
triggered by careless applications like Finder and Explorer.
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This old password change mechanism does not provide the plaintext to
validate against password complexity, and it is not used by modern
clients. It also has quite difficult semantics to handle regarding
password lockout.
The missing features in both implementations (by design) were:
- the password complexity checks (no plaintext)
- the minimum password length (no plaintext)
Additionally, the source3 version did not check:
- the minimum password age
- pdb_get_pass_can_change() which checks the security
descriptor for the 'user cannot change password' setting.
- the password history
- the output of the 'passwd program' if 'unix passwd sync = yes'.
Finally, the mechanism was almost useless, as it was incorrectly
only made available to administrative users with permission
to reset the password. It is removed here so that it is not
mistakenly reinstated in the future.
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245
Change-Id: If2edd3183c177e5ff37c9511b0d0ad0dd9038c66
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://gerrit.samba.org/37
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Use "filename=string" to define a file where to save the unencrypted PAC to.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Mar 12 13:02:59 CET 2014 on sn-devel-104
Rename it to "net ads kerberos pac dump" and add a "type=num" option to allow
dumping of individial pac buffer types. Ommitting type= or using type=0 will
dump the whole PAC structure on stdout.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
gencache_parse calling tdb shows up in profiles when we do a lot of open/close
traffic with large ACLs. For every file we convert unix ids to sids, and in the
domain member case this goes through gencache.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 11 19:56:47 CET 2014 on sn-devel-104
Clients using UNIX extensions need chmod() to go through catia.
Signed-off-by: Ralph Boehme <rb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Mar 11 13:39:17 CET 2014 on sn-devel-104
Add stream name defines that are usable with Samba's way of storing
stream names internally.
Signed-off-by: Ralph Boehme <rb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Change-Id: I19bbd3b34548258201dabdc0ec8dc049e28d0049
Reviewed-by: David Disseldorp <ddiss@samba.org>
Tested-by: Thomas Schulz <schulz@adi.com>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Mar 8 05:53:08 CET 2014 on sn-devel-104
This avoids issues with whatever sys.platform may return, fixes the
order of arguments to the CHECK_FUNCS_IN call, and only runs after
Linux-style POSIX ACL detection fails.
Andrew Bartlett
Change-Id: I930dff1e03c1cd1ceb8f3a35823ceb805694b66a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Tested-by: Thomas Schulz <schulz@adi.com>
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Mar 8 03:52:44 CET 2014 on sn-devel-104
Just calling print_canonical_sockaddr() is sufficient, as it already deals with
ipv6 as well. The port handling, which was only done for IPv6 (not IPv4), is
removed as well. It was pointless because it always derived the port number from
the provided address which was either a SMB (usually port 445) or LDAP
connection. No KDC will ever run on port 389 or 445 on a Windows/Samba DC.
Finally, the kerberos libraries that we support and build with, can deal with
ipv6 addresses in krb5.conf, so we no longer put the (unnecessary) burden of
resolving the DC name on the kerberos library anymore.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
In the common case with just one request, we can use a preallocated
req->out.vector.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 6 00:59:29 CET 2014 on sn-devel-104
It is only important that the content of info->data stays alive
for the lifetime of the request, but the DATA_BLOB structure itself
can be on the stack, while passing it as 'dyn' to smbd_smb2_request_done_ex().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Use a preallocated buffer for the first response in the compound chain.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We can use a preallocated buffer for the possible error
response of the first response in the compound chain.
This avoids a talloc_array_zero() call for the common case.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We can avoid a talloc_zero_array() call in the
common case (without compound requests) and use a
preallocated array instead.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar 5 22:53:34 CET 2014 on sn-devel-104
Using helper variables make it much easier to understand.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We're now sure that sconn->smb1.sessions.max_send is >= SMB_BUFFER_SIZE_MIN.
in order to garantee some progress we need to make sure our assumed
header overhead is less than SMB_BUFFER_SIZE_MIN.
Assuming 372 bytes for the SMBtrans headers should still be more than
enough.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This makes sure sconn->smb1.sessions.max_send is always >= SMB_BUFFER_SIZE_MIN.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
SMB_BUFFER_SIZE_MAX is UINT16_MAX and the largest value a client
can possibly specify in the session setup request.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The current limit of 128*1024 causes problems as the value has to be
<= UINT16_MAX otherwise some clients get confused, as they want to
use the MaxBufferSize value from the negprot response (uint32_t)
for the MaxBufferSize value in thet session setup request (uint16_t).
E.g. Windows 7 (as client) sends MaxBufferSize = 0 if the server value
is > UINT16_MAX.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is the original cause of the wbc NT_STATUS_OBJECT_NAME_NOT_FOUND issues in recent git master, as the
build was able to progress without the correct path being set as an override.
Andrew Bartlett
Change-Id: I1dbc7350695756356e869199b589eb781eb5c673
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Mar 5 18:34:48 CET 2014 on sn-devel-104
Following the current coding guidelines, it is considered bad practice to return from
within a macro and change control flow as they look like normal function calls.
Change-Id: I421e169275fe323e2b019c6cc5d386289aec07f7
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Following the current coding guidelines, it is considered bad practice to return from
within a macro and change control flow as they look like normal function calls.
Change-Id: I133eb5a699757ae57b87d3bd3ebbcf5b556b0268
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
smbd currently prints the following level 0 error when a client attempts
to connect to an unsupported named pipe (e.g. browser):
ERROR! 'browser' is not a registred pipe
This change reduces the severity of the error (0->2) and fixes a couple
of typos.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Mar 5 16:31:42 CET 2014 on sn-devel-104
Windows Server starts some named pipe services on demand, and responds
to initial open requests with STATUS_PIPE_NOT_AVAILABLE. The FssagentRpc
named pipe on Windows Server 2012 exhibits this behaviour.
This change sees rpcclient retry named pipe open requests when the
server responds with STATUS_PIPE_NOT_AVAILABLE. The retry logic is
contained in an asynchronous tevent_timer callback, to allow for
non-blocking callers.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
While running smbtorture test raw.write under valgrind an "Invalid read"
was reported in methid reply_writeclose, it seems after closing a file
sometime later we try to access it again.
Signed-off-by: Noel Power <noel.power@suse.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar 3 20:42:40 CET 2014 on sn-devel-104
This might be the reason for a few flaky builds.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Mar 3 16:30:53 CET 2014 on sn-devel-104
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Simo Sorce <simo@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
The current could would crash if a pthreadpool was created, deleted and the
process then fork()s. "pthreadpools" is NULL in this case, but the
pthread_atfork handlers are in place. This fixes walking the pthreadpools list
in reverse.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Simo Sorce <simo@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
If the same process tries to re-lock the same record
it has already locked, don't go to the ctdbd again.
There are situations where we already have a lock on a record
and then do a dbwrap_parse_record() on that record, for instance
in locking code:
do_lock()
-> grabs lock on brl record with brl_get_locks()
-> calls brl_lock()
-> calls brl_lock_posix or _windows_default()
-> calls contend_level2_oplocks_begin()
-> calls brl_locks_get_read_only()
-> calls dbwrap_parse_record on the same brl record as above
In the local (tdb) case, this is not a problem, because
identical fcntl locks in the same process don't contend each other,
but calling out to ctdb for this lets smbd and ctdb deadlock.
db_ctdb_fetch_lock() already correclty checks first
whether we can simply try to lock locally. But db_ctdb_parse_record()
failed to do so for empty records, i.e. records that only
consist of the ctdb record header. (These can be deleted records
but can also be freshly created and still empty records.)
This patch lets db_ctdb_parse_record() not skip local access
for empty records, hence fixing the deadlock.
PLAN: In the long run, it would be better to solve this
generically on the dbwrap_layer, i.e. root the notion of
an already locked record there, and skip any call to the
db (tdb or ctdb backend) if we have it. This would also
solve the problem for all calls like fetch_locked, parse_record
and possibly others. But this is the urgent fix for now.
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Tested-by: Björn Baumbach <bb@sernet.de>
The current FSCTL_GET_SHADOW_COPY_DATA/FSCTL_SRV_ENUMERATE_SNAPSHOTS
handler squashes all non-ENOSYS errors into an NT_STATUS_UNSUCCESSFUL
response.
This commit ensures that all errors are propagated up to the client, to
aid debugging.
The Windows Explorer "Previous Versions" dialogue doesn't appear to
distinguish between error codes. It displays "There are no previous
versions available".
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 27 22:42:50 CET 2014 on sn-devel-104
brl_get_locks_readonly() currently returns NULL when it can't
find any byte range locks on the file. This is an error - it
should return a valid struct byte_range_lock containing num_locks == 0
so it can be cached.
Returning NULL when there are no locks causes POSIX lock
tests to fail returning NT_STATUS_NO_MEMORY (as it thinks
it can't allocate the struct) instead of NT_STATUS_OK.
Fixes bug:
Bug 10431 - STATUS_NO_MEMORY response from Query File Posix Lock request
https://bugzilla.samba.org/show_bug.cgi?id=10431
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
We have messaging_send_buf, so there's no point to use an explicit
DATA_BLOB here.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Feb 25 23:27:21 CET 2014 on sn-devel-104
Change-Id: I74347199e54be0d1dc031985534da1e56fd3e280
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Christopher R. Hertel <crh@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Change-Id: If1b54e62b4fc2240aa17e5d1eae8f279f2fdfc42
Signed-off-by: Christopher R. Hertel <crh@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Ira Cooper <ira@samba.org>
Change-Id: I98b512da2e0e56f061247a7c48ce576287b43827
Signed-off-by: Christopher R. Hertel <crh@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Ira Cooper <ira@samba.org>
https://bugzilla.samba.org/show_bug.cgi?id=9993
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Feb 25 13:19:37 CET 2014 on sn-devel-104
If we have no name indexes for a domain, all names were domain
names and have been resolved earlier, including the domain name.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10463
Change-Id: I5a7a387fa89d2b2bdd465c13b3dca0e18ca0482c
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Feb 25 11:17:18 CET 2014 on sn-devel-104
Hand the *input* name as input into the normalize call,
not the (potentially uninitialized...) *output* name...
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10463
Change-Id: I4f3fc25882c22d96329e252d0a53bbe13d533472
Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10463
Change-Id: I6a8a8c272b9cf7dbce4f9a99012209c29c31e839
Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Previously only members of these domains were handled.
But we also need to handle the domain itself.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10463
Change-Id: I44f85267eda243d586fffd24a799e153de0ff982
Pair-Programmed-With: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@sernet.de>
Reviewed-by: Michael Adam <obnox@samba.org>
Coverity-Id: 710708
Signed-off-by: Poornima Gurusiddaiah <pgurusid@redhat.com>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Coverity-id: 1107228,1107227
Signed-off-by: Poornima Gurusiddaiah <pgurusid@redhat.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
secrets_fetch_machine_password() sets pwd to point to memdup()'d (and thus
malloc()'d) memory. This memory should be freed before we go out of scope.
Change-Id: I07e575819c309fa5b85627dce2eb969bc720ce4e
Coverity-Id: 1168001
Reviewed-by: Ira Cooper <ira@samba.org>
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Simo Sorce <idra@samba.org>
Autobuild-Date(master): Sat Feb 22 00:58:23 CET 2014 on sn-devel-104
Moved the call to the talloc autofree function to as early a point as
possible. init_ldap_from_sam() already calls smbldap_set_mod(), and there's
a chance that the init will fail after having already allocated memory for
&mods.
Coverity-Id: 1167997
Change-Id: Ic26bfb3c530f90aa885e447b8409deba49708d64
Reviewed-by: Ira Cooper <ira@samba.org>
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Simo Sorce <idra@samba.org>
As a domain member we should always use a DC of our own domain.
It would be possible to pass all sids in one single dcerpc_wbint_LookupSids()
call. For now we just fix bug.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10458
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
We need to make sure that r->out.domains remains valid,
otherwise we're not able to marshall the response.
Note that wbint_LookupSids() has [out,ref] lsa_RefDomainList *domains,
while lsa_LookupSids() has [out,ref] lsa_RefDomainList **domains.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10458
Signed-off-by: Gregor Beck <gbeck@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
If smbd_server_connection_terminate("CTDB_SRVID_RELEASE_IP") is triggered from
within ctdbd_migrate(), we got a smb_panic complaining about invalid
lock_order, as ctdbd_migrate is called from dbwrap_fetch_locked().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10444
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 21 14:51:51 CET 2014 on sn-devel-104
If it returns true the passed ip address matched and we
let a nested ctdb operation fail with NT_STATUS_ADDRESS_CLOSED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
If this isn't NT_STATUS_OK, we skip any io on the socket.
This avoids possible problems during shutdown.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Feb 21 02:49:36 CET 2014 on sn-devel-104
In preparation for propagation of memory allocation errors from
is_subpath().
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
In preparation for propagation of memory allocation errors from
tar_path_in_list() and friends.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Add a separate NTSTATUS return code, as base string may be NULL on
successful return.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 20 22:58:59 CET 2014 on sn-devel-104
Failure in ads_search_retry() deallocates the memory occupied
by "ads" which should not be used after.
CID: 242096
Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
The current messaging implementation is based on a tdb indexed by server_id. If
we have more than one messaging context in a process, messages might not arrive
at the right context and be dropped, depending on which signal handler is
triggered first.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
After the fork, the code created a fresh messaging_context before doing the
reinit_after_fork. This means to have two initialized messaging contexts in
that process. This patch aligns spoolssd with lsad.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
With the use of the shared globals structure, lp_dnsdomain is no longer used in the code and removing it would remove a notable special case
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Change-Id: I59526c40c58e132a134d67fa7944dfeacd05f4c6
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@samba.org>
The previous libarchive linker and header file check was not suitible
for older libarchive versions that do not provide the function
archive_read_support_filter_all().
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Feb 19 20:19:07 CET 2014 on sn-devel-104
tar_parse_args() already prints the warning if a tarmode argument is
provided.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
