IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This commit gets rid of all our old codepage handling and replaces it with
iconv. All internal strings in Samba are now in "unix" charset, which may
be multi-byte. See internals.doc and my posting to samba-technical for
a more complete explanation.
configure.in:
include/config.h.in:
include/profile.h:
smbd/vfs-wrap.c:
smbd/vfs.c:
Added fchmod and fchown to VFS (sorry Gerald - but we needed them anyway).
smbd/dosmode.c:
smbd/files.c:
printing/printfsp.c:
smbd/close.c:
smbd/open.c:
Fixed "dos filemode" correctly so there are no race conditions. Forces test
of open of file O_WRONLY before allowing fchmod as root. Afterwards, calls
standard close function that preserves POSIX locks due to POSIX-me-harder
braindamage. :-). Andrew please review this code.
Also - in removing the tmpdir param in smbrun an extra NULL parameter
was missed in each print_run_command() call (which is a varargs fn.).
Now fixed.
Jeremy.
a conn struct depending on the call.
We need this to have a clean NT ACL call interface.
This will break any existing VFS libraries (that's why this is pre-release
code).
Andrew gets credit for this one :-) :-).
In addition - added Herb's WITH_PROFILE changes - Herb - please examine
the changes I've made to the smbd/reply.c code you added. The original
code was very ugly and I have replaced it with a
START_PROFILE(x)/END_PROFILE(x) pair using the preprocessor.
Please check this compiles ok with the --with-profile switch.
Jeremy.
through the VFS. All file access/directory access code in smbd should now
go via the vfs. Added vfs_chown/vfs_chmod calls. Still looking at vfs_get_nt_acl()
vfs_set_nt_acl() call API design.
Jeremy.
with the current user. This will allow se_access_check() to quickly do
a SD check without having to translate uid/gid's to SIDs.
Still needs work on pipe calls.
Jeremy.
new open mechanism Andrew & I discussed.
config.sub:
configure: Included the QNX patch.
include/vfs.h:
smbd/vfs-wrap.c:
smbd/vfs.c: Added ftruncate vfs call (needed).
Note that we will also need locking calls in the vfs (to be added).
lib/util_unistr.c:
nmbd/nmbd_processlogon.c: Fix for NT domain logons causing nmbd to core dump.
Also fix for sidsize DOS bug.
locking/locking.c: Check value of ret before using it for memdup.
printing/printing.c: Convert print_fsp_open to return an allocated fsp.
rpc_server/srv_lsa.c: Fix for NT domain logons.
I have removed all use of lp_share_modes() from the code (although I
left the parameter in the table for backwards compatibility). It no longer makes
sense for this to exist.
smbd/close.c: Removed lp_share_modes().
smbd/fileio.c: Fixed parameters to unlock_share_entry call in panic code.
smbd/files.c: Correctly set the unix_ERR_code to ERRnofids on fsp allocation fail.
smbd/nttrans.c:
smbd/reply.c:
smbd/trans2.c: Changed all occurrences of open_file_shared/open_directory/
open_file_stat to return an fsp from the call.
smbd/open.c: Changed all occurrences of open_file_shared/open_directory/
open_file_stat to return an fsp from the call.
In addition I have fixed a long standing race condition in the deny mode
processing w.r.t. two smbd's creating a file. Andrew, please note that
your original idea of using open with O_EXCL in this case would not work
(I went over the races very carefully) and so we must re-check deny modes
*after* the open() call returns. This is because there is a race between
the open with O_EXCL and the lock of the share mode entry. Imagine the
case where the first smbd does the open with O_EXCL and a deny mode of DENY_ALL,
but is pre-empted before it locks the share modes and creates the deny
mode entry for DENY_ALL. A second smbd could then come in with O_RDONLY
and a deny mode of DENY_NONE and the two opens would be allowed.
The *only* way to fix this race is to lock the share modes after the
open and then do the deny mode checks *after* this lock in the case
where the file did not originally exist.
This code will need extensive testing but seems to initially work.
Jeremy.
