IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Since the catia translation is implemented for open, it should not
also be done in createfile. By removing createfile from catia,
translation is now done correctly for the primary open path.
In order to support systems that have custom createfile
implementations that don't eventually call SMB_VFS_OPEN,
SMB_VFS_TRANSLATE_NAME has been expanded to take an additional
argument that specifies direction.
Signed-off-by: Tim Prouty <tprouty@samba.org>
The Schannel verifier (aka NL_AUTH_SIGNATURE) structure (32 byte) sent from a
W2k8r2 DC is passed in a buffer with the size of a NL_AUTH_SHA2_SIGNATURE (56
byte). We should just ignore the remaining 12 zeroed bytes and proceed.
Guenther
Revert change from 3.3 -> 3.4 with read_socket_with_timeout changed
from sys_read() to sys_recv(). read_socket_with_timeout() is called
with non-fd's (with a pty in chgpasswd.c and with a disk file in
lib/dbwrap_file.c via read_data()). recv works for the disk file,
but not the pty. Change the name of read_socket_with_timeout() to
read_fd_with_timeout() to make this clear (and add comments).
Jeremy.
This vop is designed to work in tandem with SMB_VFS_READDIR to allow
vfs modules to make modifications to arbitrary filenames before
they're consumed by callers. Subsequently the core directory
enumeration code in smbd is now changed to free the memory that may be
allocated in a module. This vop enables the new version of catia in
the following patch.
Signed-off-by: Tim Prouty <tprouty@samba.org>
This is a small performance optimization. Instead of opening the tdb
on every smb connection in the forked child process, we now open it in
the parent and share the fd.
This also reduces the total fd usage in the system.
This is necessary because MIT 1.5 can't deal with certain types (Tree Root) of
transitive AD trusts. The workaround is to add a [capaths] directive to
/etc/krb5.conf, which we don't automatically put into the krb5.conf winbind
creates.
The alternative would have been something like a "krb5 conf include", but I
think if someone has to mess with /etc/krb5.conf at this level, it should be
easy to add the site-local KDCs as well.
Next alternative is to correctly figure out the [capaths] parameter for all
trusted domains, but for that I don't have the time right now. Sorry :-)
On filesystems that can't store less than one second timestamps,
round the incoming timestamp set requests so the client can't discover
that a time set request has been truncated by the filesystem.
Needs backporting to 3.4, 3.3, 3.2 and (even) 3.0.
Jeremy
