IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This will simplify future features like multi-channel and rdma.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
We need to use the connection that is used by the current request.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This makes the code more consistent with other functions
using 'struct smbXsrv_connection *xconn' as local variables.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This way it matches the code path in construct_reply_chain().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Each request needs to respond on the same connection,
where it arrived.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
As the list of pending requests moved from sconn->smb2.requests to xconn->smb2.requests,
it is more logical to use smbXsrv_connection as talloc parent.
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
We don't need two helper variables for the same thing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
We don't need this twice...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This doesn't belong to a connection, it's state used within the VFS stack.
And smbd_server_connection is the legacy structure we're using for
global VFS state.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This prepares the structures for multi-channel support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
There's no need to do syscalls, if we already have the information
in userspace.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This is similar to fsp_fnum_dbg() and fsp_str_dbg().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
When a client supports extended security but server does not,
and that client, in Flags2 field of smb header indicates that
- it supports extended security negotiation
- it does not support security signatures
- it does not require security signatures
Samba server treats a client as a Vista client.
That turns off case sensitivity and that is a problem for cifs vfs client.
So include remote cifs client along with remote samba client
to not do so otherwise.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10755
Signed-off-by: Shirish Pargaonkar <spargaonkar@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Aug 1 16:11:43 CEST 2014 on sn-devel-104
A user without access in the share acl can easily trigger those
warnings. Change the logging level, so that they do not appear with the
default logging level.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 31 01:17:30 CEST 2014 on sn-devel-104
We already have the required information as stack variable
in the current function. There's no need to call get[peer|sock]name()
twice.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
It is not used any more.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jul 24 14:23:11 CEST 2014 on sn-devel-104
This is generic enough that it could be used in all code.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jul 18 15:43:33 CEST 2014 on sn-devel-104
This prevents random garbage in the vfs_private member.
Usually it should not be a problem to leave initialization
of the vfs_private to the vfs module who wants to use it,
but further down in the directory listing code, in
vfswrap_readdir, there is in optimization introduced
with 2a65e8befe, to call
fstatat if possible to already fill stat info in the
readdir call.
The problem is that this calls fstatat directly,
not going through VFS, but still making the stat buffer
valid, leaving vfs_private with random garbage.
Hence a vfs module using vfs_private, like vfs_gpfs
does for offline info (and winAttrs in general)
does not have a chance to tell whether the vfs_private
is valid if the stat buffer is marked valid.
This is a reason for the "flapping offline flag" problem
of the vfs_gpfs module.
Initializing the vfs_private to 0 here will for the
vfs_gpfs module result in files being marked online
always in a directory listing. So this is not a real fix
but it does at least make the problem less random.
A real general fix might be to implement SMB_VFS_FSTATAT()
and use it here.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Sun Jul 13 11:26:58 CEST 2014 on sn-devel-104
We now pass the header to SMB_VFS_SENDFILE(), so we have to handle that also
in the fallback code.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10706
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 11 22:57:17 CEST 2014 on sn-devel-104
This is based on a patch from Volker. When the system supports roboust
mutexes, they will be used for the coordiations between worker and
echohandler process. This avoids another aspect of the fcntl scalibility
issue when handling many client connections. When mutexes are not
available, the code falls back to the fcntl lock.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 9 00:56:50 CEST 2014 on sn-devel-104
Most of this routine can be re-used for sending lease breaks
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Jul 8 19:54:09 CEST 2014 on sn-devel-104
We don't need the assignment to state->vector[1+SMBD_SMB2_DYN_IOV_OFS],
this is zero-initialized by talloc_zero
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This actually saves a few bytes in .text. Maybe due to the struct assignments?
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Keep the blocking lock record and the pending lock records consistent
if we are dealing with multiple blocking lock requests in one SMB1 LockingX
request.
Ensure we re-add the records under the record lock, to avoid race
conditions.
Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout.
https://bugzilla.samba.org/show_bug.cgi?id=10684
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Allows the special case in process_blocking_lock_queue()
that talks back to the client to be removed.
Bug #10684 - SMB1 blocking locks can fail notification on unlock, causing client timeout.
https://bugzilla.samba.org/show_bug.cgi?id=10684
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
When reading the code it was not immediately clear to me how one of the
conditions in [MS-SMB2] 3.3.5.14.2 was satisfied. A separate loop to me
is clearer and given that we don't expect thousands of locks in a single
call also not significantly less efficient.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This function is only used in server.c
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jun 30 17:20:00 CEST 2014 on sn-devel-104
The parent smbd process only forwards the message to the child
processes. Use a common function instead of two separate ones that do
the same thing.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Based on a fix from Hemanth Thummala <hemanth.thummala@gmail.com>
Bug #10673 - Increasing response times for byte range unlock requests.
The previous refactoring makes it obvious we need to call
remove_pending_lock() in all places where we are returning
from the SMB2 blocking lock call.
https://bugzilla.samba.org/show_bug.cgi?id=10673
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jun 30 14:59:16 CEST 2014 on sn-devel-104
SMB2 blocking locks can only have one lock per request, so
there can never be any other locks to wait for.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
SMB2 blocking locks can only have one lock per request, so
there can never be any previous locks to remove.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Fix from Volker, really - just tidied up a little.
The S_ISFIFO check may not be strictly neccessary,
but doesn't hurt (might make the code a bit more complex
than it needs to be).
Fixes bug #10671 - Samba file corruption as a result of failed lock check.
https://bugzilla.samba.org/show_bug.cgi?id=10671
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
It turns out that all the client and server need to agree on is what
protocol should have been negotiated. If they disagree, they should
disconnect. The contents of the list of protocols used during
negotiate and during FSCTL_VALIDATE_NEGOTIATE_INFO do not need to match.
Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jun 23 14:28:25 CEST 2014 on sn-devel-104
Breakout smb2_protocol_dialect_match to support future work in
fsctl_validate_neg_info.
Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug 10593 is a panic that happens if we get an oplock break reply via
dbwrap_watch for which we can't find the SMB request anymore. This
error condition can legally happen when a client cancels the create
request before the oplock break response comes in. This patch drops the
dbwrap_watch_send request waiting for the oplock break when the request
is cancelled. Yet another talloc hierarchy problem, but if done right,
talloc hierarchies can make rundown of state easy :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We exit if any of these if-statement fails, so a simple swap should not
make a difference.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The main point is to get a talloc parent that will go away when the
request is cancelled
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
MS-SMB2: 3.3.5.9 - Receiving an SMB2 CREATE Request
If the file name length is greater than zero and the
first character is a path separator character, the
server MUST fail the request with
STATUS_INVALID_PARAMETER.
Found and fix confirmed by Microsoft test tool.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
MS-SMB2: 2.2.13 SMB2 CREATE Request
ImpersonationLevel ... MUST contain one of the following values.
The server MUST validate this field, but otherwise ignore it.
NB. source4/torture/smb2/durable_open.c shows that
this check is only done on real opens, not on durable
handle reopens.
Found and fix confirmed by Microsoft test tool.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
MS-SMB2: 3.3.5.2.4 Verifying the Signature.
If the SMB2 header of the SMB2 NEGOTIATE
request has the SMB2_FLAGS_SIGNED bit set in the
Flags field, the server MUST fail the request
with STATUS_INVALID_PARAMETER.
Found and fix confirmed by Microsoft test tool.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 11 21:13:06 CEST 2014 on sn-devel-104
Recently I've got reports that SMB2_FIND is slower than trans2 findfirst,
so this tries to use recent performance-sensitive APIs right from the
start :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We need to go through filename_convert() in order for the filename
canonicalization to be done on a non-wildcard search string (as is
done in the SMB1 findfirst code path).
Fixes Bug #10650 - "case sensitive = True" option doesn't work with "max protocol = SMB2" or higher in large directories.
https://bugzilla.samba.org/show_bug.cgi?id=10650
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Reviewed-by: Ira Cooper <ira@samba.org>
Allow us to start if we bind to *either* :: or 0.0.0.0.
Allows us to cope with systems configured as only IPv4
or only IPv6.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>
Reviewed-By: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 7 01:01:44 CEST 2014 on sn-devel-104
some of the code in afs.c is needed by wbinfo that lives in the toplevel
nsswitch directory, so move the afs.c file to a new top-level lib/afs
directory. Use the name afs_funcs to avoid collisions with the afs.h
header from OpenAFS
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This avoids recursion into smbd_smb2_io_handler(),
which avoids confusion when analysing out put of
performance analysing tools, e.g. callgrind.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat May 31 04:25:36 CEST 2014 on sn-devel-104
Use security_descriptor_copy() instead, which is also provided by
libcli.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
put_long_date_timespec() correctly calls round_timespec()
on the time parameters, and is the correct function to
use when writing *any* file-based NTTIME on the wire.
Move from using NTTIME variables internally
in the server to struct timespec variables, which is
what all the other server code uses. Only map to
NTTIME as the last step of marshalling the output
data.
The previous SMB2 create code missed the round_timespec()
call before marshalling.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
put_long_date_timespec() correctly calls round_timespec()
on the time parameters, and is the correct function to
use when writing *any* file-based NTTIME on the wire.
The smb2_close() code being modified already did this by
hand, and so this doesn't change any of the functionality, only
makes the SMB2 code match all of the other server
code in Samba. Move from using NTTIME variables internally
in the server to struct timespec variables, which is
what all the other server code uses. Only map to
NTTIME as the last step of marshalling the output
data.
Not following the put_long_date_timespec()
convention in the SMB2 create code caused the
round_timespec() step to have been missed in
that code.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
This code is unused since the move to the waf build system.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Wed May 14 01:35:41 CEST 2014 on sn-devel-104
No longer used (hurrah!).
Bug 10564 - Lock order violation and file lost
https://bugzilla.samba.org/show_bug.cgi?id=10564
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 2 23:47:38 CEST 2014 on sn-devel-104
get_file_handle_for_metadata() is a new function that
finds an existing open handle (fsp->fh->fd != -1) for
a given dev/ino if there is one available, and uses
INTERNAL_OPEN_ONLY with WRITE_DATA access if not.
Allows open_file_fchmod() to be removed next.
Bug 10564 - Lock order violation and file lost
https://bugzilla.samba.org/show_bug.cgi?id=10564
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
This causes deadlocks which cause smbd to crash if the locking
database has already been locked for a compound operation we
need to be atomic (as in the file rename case).
Ensure INTERNAL_OPEN_ONLY opens are synonymous with req==NULL.
INTERNAL_OPEN_ONLY opens leave a NO_OPLOCK record in
the share mode database, so they can be detected by other
processes for share mode violation purposes (because
they're doing an operation on the file that may include
reads or writes they need to have real state inside the
locking database) but have an fnum of FNUM_FIELD_INVALID
and a local share_file_id of zero, as they will never be
seen on the wire.
Ensure validate_my_share_entries() ignores
INTERNAL_OPEN_ONLY records (share_file_id == 0).
Bug 10564 - Lock order violation and file lost
https://bugzilla.samba.org/show_bug.cgi?id=10564
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
In changes to come this will be possible for an INTERNAL_OPEN_ONLY.
The protection was already in place for some code paths, this
makes the coverage compete.
Bug 10564 - Lock order violation and file lost
https://bugzilla.samba.org/show_bug.cgi?id=10564
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Change-Id: I69297d91ab8c857204e1f78cafb210b9a05f3b77
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 2 03:41:31 CEST 2014 on sn-devel-104
This can break smbd if we end up leaving a SHARING_VIOLATION
retry record on the queue.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is a bit lazy programming, we could and possibly should do this in
exit_server() in the child. But this way we make sure the cleanup works. If it
only was executed for unclean exits, we might not detect failure of this code
in the parent.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This will fix the raw.notify test with the new messaging system. With the new
messaging system messages come in via yet another fd that has to line up in
poll next to the incoming client TCP socket. With the signal-based messaging
messages were always handled before client requests. The new scheme means that
notify messages might be deferred a bit (something which can happen in a
cluster already now), which then means that notify_marshall_changes() will
coalesce entries, which in turn makes raw.notify unhappy.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
In a cluster and with changed messaging it can happen that messages are
scheduled after new SMB requests. This re-ordering breaks a few notify tests.
This starts the infrastructure to add timestamps to notify events, so that they
can be sorted before they are sent out. The timestamp will be the current local
time of notify_fname, that's all we can do.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Messaging based on unix domain datagram sockets
This makes every process participating in messaging bind on a unix domain
datagram socket, similar to the source4 based messaging. The details are a bit
different though:
Retry after EWOULDBLOCK is done with a blocking thread, not by polling. This
was the only way I could in experiments avoid a thundering herd or high load
under Linux in extreme overload situations like many thousands of processes
sending to one blocked process. If there are better ideas to do this in a
simple way, I'm more than happy to remove the pthreadpool dependency again.
There is only one socket per process, not per task. I don't think that per-task
sockets are really necessary, we can do filtering in user space. The message
contains the destination server_id, which contains the destination task_id. I
think we can rebase the source4 based imessaging on top of this, allowing
multiple imessaging contexts on top of one messaging_context. I had planned to
do this conversion before this goes in, but Jeremy convinced me that this has
value in itself :-)
Per socket we also create a fcntl-based lockfile to allow race-free cleanup of
orphaned sockets. This lockfile contains the unique_id, which in the future
will make the server_id.tdb obsolete.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Add --with-systemd / --without-systemd options to check whether
libsystemd-daemon library is available and use it to report service
startup status to systemd for smbd/winbindd/nmbd and AD DC.
The problem it solves is correct reporting of the Samba services
at the point when they are ready to serve clients, important for
high availability software integration.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-User(master): Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date(master): Wed Apr 23 01:49:09 CEST 2014 on sn-devel-104
Always allow the client to turn on SMB1 signing using
FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Apr 16 10:07:56 CEST 2014 on sn-devel-104
smb2req always comes from talloc_zero().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Apr 11 23:55:17 CEST 2014 on sn-devel-104
This way the buffer will likely be allocated within the existing talloc_pool,
which avoids one malloc() per request.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
For recvfile we haven't read and may not allocated the dyn buffer.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
For recvfile we haven't read and may not allocated the dyn buffer.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
It's more logical to check the fnum instead of tid here.
This will make it easier to reuse the logic for SMB2 and
allows per fsp recvfile detection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Based on work proposed by Jones <jones.kstw@gmail.com>.
Removes set_blocking()/set_unblocking() fcntl
calls around RECVFILE on the non-blocking socket.
Instead uses RECVFILE in a loop, and only drops
back to set_blocking()/set_unblocking() once
RECVFILE returns -1/EAGAIN/EWOULDBLOCK.
From the samba-technical list:
------------------------------------------------
The iometer 512b sequential write shows following result,
Before applying this patch: 75333 IOps
After applying this patch: 82691 IOps
------------------------------------------------
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
When a smbd process dies, pending messages.tdb records for this process
might not get cleaned up. Implement a cleanup for dead records that is
triggered after a smbd dies uncleanly; the records for that PID are
deleted.
Based on a patchset from Christof Schmitt <cs@samba.org>.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Change-Id: Iedf516e8c24e0d18064aeedd8e287ed692d3c5b4
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
This is the correct thing to do the smb request buffer contains
just bytes (uint8_t).
It also avoids strange casting in the callers.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10388
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Apr 1 23:16:19 CEST 2014 on sn-devel-104
All ctdb specific code is isolated in samba-cluster-support.so now.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Mar 24 19:08:44 CET 2014 on sn-devel-104
Git commit 86d1e1db8e
fixed share_access not being reset between users,
by changing make_connection_snum() to call a common
function check_user_share_access() in the same way
that change_to_user() (which can be called on any
incoming packet) does.
Unfortunately that bugfix was incorrect and
broke "force user" and "force group" as it
called check_user_share_access() inside
make_connection_snum() using the conn->session_info
pointer instead of the vuser->session_info pointer.
conn->session_info represents the token to use
when actually accessing the file system, and so
is modified by force user and force group.
conn->session_info represents the "pristine"
token of the user logging in, and is never modified
by force user and force group.
Samba 3.6.x checked the share access based on
the "pristine" token of the user logging in,
not the token modified by force user and force group.
This change restores the expected behavior.
Fixes bug #9878 - force user does not work as expected
https://bugzilla.samba.org/show_bug.cgi?id=9878
Signed-off-by: Jeremy Allison <jra@samba.org>
Tested-by: Gerhard Wiesinger <lists@wiesinger.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Mar 18 19:19:31 CET 2014 on sn-devel-104
This old password change mechanism does not provide the plaintext to
validate against password complexity, and it is not used by modern
clients. It also has quite difficult semantics to handle regarding
password lockout.
The missing features in both implementations (by design) were:
- the password complexity checks (no plaintext)
- the minimum password length (no plaintext)
Additionally, the source3 version did not check:
- the minimum password age
- pdb_get_pass_can_change() which checks the security
descriptor for the 'user cannot change password' setting.
- the password history
- the output of the 'passwd program' if 'unix passwd sync = yes'.
Finally, the mechanism was almost useless, as it was incorrectly
only made available to administrative users with permission
to reset the password. It is removed here so that it is not
mistakenly reinstated in the future.
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245
Change-Id: If2edd3183c177e5ff37c9511b0d0ad0dd9038c66
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://gerrit.samba.org/37
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
In the common case with just one request, we can use a preallocated
req->out.vector.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 6 00:59:29 CET 2014 on sn-devel-104
It is only important that the content of info->data stays alive
for the lifetime of the request, but the DATA_BLOB structure itself
can be on the stack, while passing it as 'dyn' to smbd_smb2_request_done_ex().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Use a preallocated buffer for the first response in the compound chain.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We can use a preallocated buffer for the possible error
response of the first response in the compound chain.
This avoids a talloc_array_zero() call for the common case.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We can avoid a talloc_zero_array() call in the
common case (without compound requests) and use a
preallocated array instead.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar 5 22:53:34 CET 2014 on sn-devel-104
Using helper variables make it much easier to understand.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We're now sure that sconn->smb1.sessions.max_send is >= SMB_BUFFER_SIZE_MIN.
in order to garantee some progress we need to make sure our assumed
header overhead is less than SMB_BUFFER_SIZE_MIN.
Assuming 372 bytes for the SMBtrans headers should still be more than
enough.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This makes sure sconn->smb1.sessions.max_send is always >= SMB_BUFFER_SIZE_MIN.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
SMB_BUFFER_SIZE_MAX is UINT16_MAX and the largest value a client
can possibly specify in the session setup request.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The current limit of 128*1024 causes problems as the value has to be
<= UINT16_MAX otherwise some clients get confused, as they want to
use the MaxBufferSize value from the negprot response (uint32_t)
for the MaxBufferSize value in thet session setup request (uint16_t).
E.g. Windows 7 (as client) sends MaxBufferSize = 0 if the server value
is > UINT16_MAX.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
While running smbtorture test raw.write under valgrind an "Invalid read"
was reported in methid reply_writeclose, it seems after closing a file
sometime later we try to access it again.
Signed-off-by: Noel Power <noel.power@suse.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar 3 20:42:40 CET 2014 on sn-devel-104
If smbd_server_connection_terminate("CTDB_SRVID_RELEASE_IP") is triggered from
within ctdbd_migrate(), we got a smb_panic complaining about invalid
lock_order, as ctdbd_migrate is called from dbwrap_fetch_locked().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10444
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 21 14:51:51 CET 2014 on sn-devel-104
If it returns true the passed ip address matched and we
let a nested ctdb operation fail with NT_STATUS_ADDRESS_CLOSED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
If this isn't NT_STATUS_OK, we skip any io on the socket.
This avoids possible problems during shutdown.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is a hack, but it should fix the bug:
change_notify_add_request() talloc moves smb_request away,
which is not expected by the smb2_notify.c code...
smbd_smb2_notify_reply() uses tevent_req_defer_callback()
(in older versions an immediate event) to defer the response.
This is needed as change_notify_reply() will do more things
after calling reply_fn() (smbd_smb2_notify_reply is this case)
and often change_notify_remove_request() is called after
change_notify_reply().
change_notify_remove_request() implicitly free's the smb_request
that was passed to change_notify_add_request().
smbd_smb2_fake_smb_request() added the smb_request as smb2req->smb1req,
which is expected to be available after smbd_smb2_notify_recv() returned.
The long term solution would be the following interface:
struct tevent_req *change_notify_request_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct files_struct *fsp,
uint32_t max_length,
uint32_t filter,
bool recursive);
NTSTATUS change_notify_request_recv(struct tevent_req *req,
TALLOC_CTX *mem_ctx,
DATA_BLOB *buffer);
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10442
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 14 11:18:15 CET 2014 on sn-devel-104
Coverity fix. Initialize status to NT_STATUS_OK. Otherwise, there are
code paths that would cause the smbXsrv_open_cleanup() function to
return an uninitialized value.
Cov: 1168008
Signed-off-by: Christopher R. Hertel (crh) <crh@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Feb 12 23:57:05 CET 2014 on sn-devel-104
This removes the ability to set paths like the sbindir, bindir, and changes the tool for setting lockdir
statedir etc to be via --option="lock dir=/var/lock".
These were originally added by commit 90a6873b05
by James Peach <jpeach@samba.org>
The important use case, qemu, does not use these options, but specifies these directories via an smb.conf.
They are being removed to remove a layer from the loadparm system, now that options
can be specified from the command line. It will also make it easier to generate the affected
parameters from the XML documentation if this layer of indirection is removed.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Feb 12 16:42:14 CET 2014 on sn-devel-104
Substitution isn't really necessary for this parameter.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This parameter is renamed because it does not normally return the current smb.conf file, but
instead returns the next one, as found in a config file = directive, to be loaded.
This avoids a conflict with the lpcfg_configfile from lib/param, which does refer to the
current smb.conf path.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Michael Adam <obnox@samba.org>
They have been changed to function like normal parameters,
removing a special case in the loadparm system.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Michael Adam <obnox@samba.org>
