IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
readX. Fix from Dmitry Shatrov <dhsatrov@linux.vnet.ibm.com>.
"In send_file_readX(), if startpos > sbuf.st_size, then smb_maxcnt is set
to an invalid large value due to integer overflow.
As for me, this resulted in MS Word hanging while trying to save
a 1.5Mb document."
This isn't in shipping code.
Jeremy.
(This used to be commit af715c602a)
This should coalesce identical adjacent notify records - making the "too large"
bug very rare indeed. Please test.
Jeremy.
(This used to be commit 1aaa1f5bbe)
Next step is to remove the bug that in the trans2 code we use the inbuf
as the base pointer to decide whether we need ucs2 alignment where we
need to use the beginning of the params buffer
Jeremy, last one for today to reviw :-)
(This used to be commit 18078b9faa)
checkin will pull this up to srvstr_get_path. At that point we can get more
independent of the inbuf, the base_ptr in pull_string will only be used
to satisfy UCS2 alignment constraints.
(This used to be commit 836782b07b)
that contains some of the fields from the SMB header, removing the need
to access inbuf directly. This right now is used only in the open file
code & friends, and creating that header is only done when needed. This
needs more work, but it is a start.
Jeremy, I'm only checking this into 3_0, please review before I merge it
to _26.
Volker
(This used to be commit ca988f4e79)
You don't want to know what I discovered about Windows
ACLs to make this work :-(. See :
http://www.codeproject.com/win32/accessctrl2.asp
Search for "Q. How does Inheritance come into this?"
for details.
Jeremy.
(This used to be commit e1d3a80d2b)
return to correctly return NT_STATUS_INVALID_OWNER if it
should be disallowed. Matches better what W2K3R3 does.
NFSv4 ACL module owners, please examine these changes.
Jeremy.
(This used to be commit fc6899a550)
to break. The Solaris CC put the static char InBuffer[TOTAL_BUFFER_SIZE] on an
odd address, the malloc'ed one is always aligned. The problem showed up in
pull_ucs2, ucs2_align uses the address of InBuffer as an indication whether to
bump up the src of the string by one. Unfortunately in the trans calls the
data portion is malloced and thus has different alignment guarantees than a
static variable. This one is bigger....
Volker
(This used to be commit 6affd7818f)
Remove the allocated inbuf/output. In async I/O we copy the buffers
explicitly now, so NewInBuffer is called exactly once. This does not
reduce memory footprint, but removes one of the larger chunks that
clobber the rest of the massif output
In getgroups_unix_user on Linux 2.6 we allocated 64k groups x 4 bytes
per group x 2 (once in the routine itself and once in libc) = 512k just
to throw it away directly again. This reduces it do a more typical limit
of 32 groups per user. We certainly cope with overflow fine if 32 is not
enough. Not 100% sure about this one, a DEVELOPER only thing?
(This used to be commit 009af09099)
why check_path_syntax should not be able to run in-line. The destination
pointer either walks side by side with the source pointer or is
decremented. So as far as I can see s>=d is true throughout the whole
routine.
Jeremy, I'm checking this only into 3_0 for now. Please review and ack
or directly merge this to 3_0_26.
Thanks,
Volker
(This used to be commit 34a13c82a3)
Jeremy, I am always very confused about the different length arguments
in convert_string and friends. Can you take a look at the change in
string_replace and verify it's ok? Thanks!
While at it, remove the pstring limit for strhasupper and strhaslower.
(This used to be commit e6e5703658)
Change rename_internals to open the file/directory and then call
rename_internals_fsp. Two reasons: Remove code duplication and remove a
race condition. The race condition was due to the fact that in
can_rename the share mode check closed the file and then after that did
the rename.
(This used to be commit aa16d8a649)
With the target being open we have to return NT_STATUS_ACCESS_DENIED and
root_fid != 0 leads to NT_STATUS_INVALID_PARAMETER
(This used to be commit b599e5b1e1)
when verifying a ticket from winbindd_pam.c.
I've found during multiple, fast, automated SSH logins (such
as from a cron script) that the replay cache in MIT's krb5
lib will occasionally fail the krb5_rd_req() as a replay attack.
There seems to be a small window during which the MIT krb5
libs could reproduce identical time stamps for ctime and cusec
in the authenticator since Unix systems only give back
milli-seconds rather than the micro-seconds needed by the
authenticator. Checked against MIT 1.5.1. Have not
researched how Heimdal does it.
My thinking is that if someone can spoof the KDC and TDS
services we are pretty hopeless anyways.
(This used to be commit cbd33da9f7)
first ask for existence of a file when we do the open_file_ntcreate in
can_rename later on anyway. That also gets us the right error message in
case the file is not there automatically.
(This used to be commit f3d582cb90)
The attached patch removes a little race condition for
people with real kernel oplock support, and reduces some
code paths. It changes reply_unlink to open_file_ntcreate,
set_delete_on_close and close_file.
The race condition happens if we break the oplock in
can_delete via open_file_ntcreate, we close the file,
someone else gets a batch oplock and we try to unlink.
It reduces code paths by calling SMB_VFS_UNLINK in 2 fewer
places.
(This used to be commit 0342ce7057)
I'm 100% certain I've forgotten to merge something, but the main code
should be in. It's mainly in dbwrap_ctdb.c, ctdbd_conn.c and
messages_ctdbd.c.
There should be no changes to the non-cluster case, it does survive make
test on my laptop.
It survives some very basic tests with ctdbd enables, I did not do the
full test suite for clusters yet.
Phew...
Volker
(This used to be commit 15553d6327)
Change the sequence :
gain_root();
sys_setgroups(ngroups, groups);
become_id(uid, gid);
to a function call :
set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups)
James - should be safe for you to create a Darwin-specific
version of this function now.
Jeremy.
(This used to be commit 8ee982b367)
