IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
major changes include:
- added NSTATUS type
- added automatic mapping between dos and nt error codes
- changed all ERROR() calls to ERROR_DOS() and many to ERROR_NT()
these calls auto-translate to the client error code system
- got rid of the cached error code and the writebmpx code
We eventually will need to also:
- get rid of BOOL, so we don't lose error info
- replace all ERROR_DOS() calls with ERROR_NT() calls
but that is too much for one night
smbds. This should fix one case of logs not getting rotated properly.
We may need to test this to make sure there is no big performance hit from
the extra stat call.
- removes SMB_ALIGNMENT. That macro caused all sorts of problems with
getting unicode aligned right in sub-protocols (such as SMBtrans and
SMBtrans2). I believe the performance reasons for having
SMB_ALIGNMENT has gone away with the new variants of the SMB
protocol anyway, as newer commands tend to have their own internal
alignment.
- fix the locations where we set smb_flg2 to absolute values. We must
never do this if we want a hope of coping with unicode.
- add initial support for unicode on the wire in smbd. Currently
enabled using SMBD_USE_UNICODE environment variable.
pool is getting bloated. Also added a talloc_zero function to return zeroed memory.
Added debug in rpc_server/srv_pipe_hnd.c so we know when a talloc pool is being
freed. Syncup with srv_pipe_hnd.c from 2.2 so we are freeing memory at the same time.
Jeremy.
smbd/nttrans.c: Realloc mem fixes based on those that went into trans2.c
smbd/process.c: Move to a table based dispatch, based on a comment from Andrew
about Antons work.
Jeremy.
on exit. Needed to fix printing.tdb from groving to 300Mb+ if being
driven by smbclient clients that never ask for status... (effective
DOS attack :-).
Jeremy.
get ready and fix se_access_check().
Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid()
functions that look via winbind first the fall back on local lookup.
All Samba should use these rather than trying to call winbindd code
directly.
Added NT_USER_TOKEN struct in user_struct, contains list of NT sids
associated with this user.
se_access_check() should use this (cached) value rather than attempting
to do the same thing itself when given a uid/gid pair.
More work needs to be done to preserve these things accross security
context changes (especially with the tricky pipe problem) but I'm
beginning to see how this will be done..... probably by registering
a new vuid for an authenticated RPC pipe and not treating the
pipe calls specially.
More thoughts needed - but we're almost there...
Jeremy.
in the RPC code. This change was prompted by trying to save a long (>256)
character comment in the printer properties page.
The new system associates a TALLOC_CTX with the pipe struct, and frees
the pool on return of a complete PDU.
A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx
code, and is freed in the main loop.
This code works with insure, and seems to be free of memory leaks and
crashes (so far) but there are probably the occasional problem with
code that uses UNISTRxx structs on the stack and expects them to contain
storage without doing a init_unistrXX().
This means that rpcclient will probably be horribly broken.
A TALLOC_CTX also needed associating with the struct cli_state also,
to make the prs_xx code there work.
The main interface change is the addition of a TALLOC_CTX to the
prs_init calls - used for dynamic allocation in the prs_XXX calls.
Now this is in place it should make dynamic allocation of all RPC
memory on unmarshall *much* easier to fix.
Jeremy.
handling in Samba. This was needed due to several limitations and
races in the previous code - as a side effect the new code is much
cleaner :)
in summary:
- changed sys_select() to avoid a signal/select race condition. It is a
rare race but once we have signals doing notification and oplocks it
is important.
- changed our main processing loop to take advantage of the new
sys_select semantics
- split the notify code into implementaion dependent and general
parts. Added the following structure that defines an implementation:
struct cnotify_fns {
void * (*register_notify)(connection_struct *conn, char *path, uint32 flags);
BOOL (*check_notify)(connection_struct *conn, uint16 vuid, char *path, uint32 flags, void *data, time_t t);
void (*remove_notify)(void *data);
};
then I wrote two implementations, one using hash/poll (like our old
code) and the other using the new Linux kernel change notify. It
should be easy to add other change notify implementations by creating
a sructure of the above type.
- fixed a bug in change notify where we were returning the wrong error
code.
- rewrote the core change notify code to be much simpler
- moved to real-time signals for leases and change notify
Amazingly, it all seems to work. I was very surprised!
rpc_server/srv_pipe.c: Use accessor functions rather than diddling with structure
internals directly.
smbd/process.c:
smbd/reply.c: Remove READ_PREDICTION #ifdefs.
Jeremy.
userdom_struct. As the name implies this also contains a domain
(unused at the moment).
This will be important shortly, as operation in appliance mode needs
the domain to be always carried with the username.
When a file is being closed, once it passes the fnum and tid tests then
the locking context should be ignored when removing all locks. This is
what is done in the brl close case, but when you have outstanding
POSIX locks, then you cannot remove all the brl locks in one go, you
have to get the lock list and call do_unlock individually. As this
uses global_smbpid as the locking context, you need to make sure
that this is set correctly for the specific lock being removed. I
now do this by storing the smbpid in each entry in the unlock list returned from
the query call. I removed the smbpid from fsp (not needed) and
things seem ok (even with the stupid smbpid tricks that smbtorture plays :-).
Jeremy.
smbpid used when a file was opened in the files_struct. Else we use
the wrong global_smbpid when we are closing the file and trying to
remove the brl locks - this causes the brl locks to be left when the
file is closed as the samba_context check fails.
Jeremy.
Modified to do checks in timeout processing not in main loop. This (IMHO)
is the correct place as (a) we are already root, and (b) it is guarenteed
to be called every 200 smb requests.
Jeremy.
assumption that we have one socket everywhere
while doing so I discovered a few bugs!
1) the clientgen session retarget code if used from smbd or nmbd would
cause a crash as it called close_sockets() which closed our main
socket! fixed by removing close_sockets() completely - it is unnecessary
2) the caching in client_addr() and client_name() was bogus - it could
easily get fooled and give the wrong result. fixed.
3) the retarget could could recurse, allowing an easy denial of
service attack on nmbd. fixed.
note the ugly global_smbpid - I hope that won't bethere for long, I
just didn't want to do two lots of major surgery at the one time.
Using global_smbpid avoids the big change of getting rid of our
inbuf/outbuf interface to reply routines. I'll do that once the
locking stuff passes all tests.
