Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
|
|
through an smb.conf option.
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Parts of the Samba RPC client and server code misinterpret authenticated
packets.
DCE authenticated packets actually look like this :
+--------------------------+
|header |
| ... frag_len (packet len)|
| ... auth_len |
+--------------------------+
| |
| Data payload |
... ....
| |
+--------------------------+
| |
| auth_pad_len bytes |
+--------------------------+
| |
| Auth footer |
| auth_pad_len value |
+--------------------------+
| |
| Auth payload |
| (auth_len bytes long) |
+--------------------------+
That's right. The pad bytes come *before* the footer specifying how many pad
bytes there are. In order to read this you must seek to the end of the packet
and subtract the auth_len (in the packet header) and the auth footer length (a
known value).
The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long
as the pad alignment is on an 8 byte boundary (there are some special cases in
the code for this).
Tridge discovered there are some (DRS replication) cases where on 64-bit
machines where the pad alignment is on a 16-byte boundary. This breaks the
existing S3 hand-optimized rpc code.
This patch removes all the special cases in client and server code, and allows
the pad alignment for generated packets to be specified by changing a constant
in include/local.h (this doesn't affect received packets, the new code always
handles them correctly whatever pad alignment is used).
This patch also works correctly with rpcclient using sign+seal from
the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow)
so even as a server it should still work with older libsmbclient and
winbindd code.
Jeremy
|
|
large number of files
Win7 needs a min of 16k file handles to work against a
server.
Jeremy.
|
|
files
from Windows 7. Original patch by me fixed up with the correct open files number
by jmaggard10@hotmail.com.
Jeremy.
|
|
that "offered" read from the rpc packet in spoolss is under
that size. Tidyup from analysis from Veracode.
Jeremy.
|
|
metze
(This used to be commit df8c100c2b53575a0d425a2daf52e2d59904746a)
|
|
Might need to be a parameter ?
Jeremy.
(This used to be commit 98d8d9399bb287319578daaf2a2fb42f3c48f858)
|
|
this allows us to experiment with ensuring the tdb hash
size for our open files and locking db are appropriately
sized. Make the hash size larger by default (10007 instead
of 1049) and make the locking db hash size the same as the
open file db hash size.
Jeremy.
(This used to be commit e7225f7e813423c3e2a94af6a9d7ce8a1b50a166)
|
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
to be set in local.h. Change from the default (131) to
another prime (1049). Should this be an smb.conf tunable parameter
based on the number of open file descriptors available ?
If so what scaling factor ? More tests to follow.
Jeremy.
(This used to be commit 6a902ec49ffea5d0ca0308d5ff51584cece41043)
|
|
"allocation roundup size", by default set as 1Mb. From
advice by BlueArc about Windows client behaviour. VC++
people can set this to zero to turn it off.
Jeremy.
(This used to be commit 833ca101772bfab65dbd79eb64f63464177f144e)
|
|
idea, and aparently improved performance in some circumstances, but it
breaks the VC++ compiler :-(. Not cool. Fix bug #2146.
Jeremy.
(This used to be commit b9f147634df0126320ffe3b9a23068e76f6c1681)
|
|
sleep time is not more than 5 seconds. Should fix issue
reported by Chris Garrigues <cwg@deepeddy.com>.
Jeremy.
(This used to be commit fbc06831d3a7e8645409158ee1ae1f9f192913a7)
|
|
fix. I'm
still doing more testing, but it fixes a behaviour that we've been wrong
on ever since the start of Samba.
Jeremy.
(This used to be commit 894cc6d16296b934c112786eec896846156aee5d)
|
|
backlog of 5 is way too small these days.
(This used to be commit bbb92d2b0ea6bc10c71bed62924bfc95c11172a5)
|
|
(This used to be commit 66fcf6b4938a87e5ded7c7e5830a6a54e4439544)
|
|
the unix domain sockets used by winbindd (also solves FD_SETSIZE problem
in winbindd to boot !). Adds a "last_access" field to winbindd connections,
and will close the oldest idle connection once the number of open connections
goes over WINBINDD_MAX_SIMULTANEOUS_CLIENTS (defined in local.h as 200
currently).
Jeremy.
(This used to be commit 7a586552a3aeb4a26495f0965af4bd027456a011)
|
|
(This used to be commit fcc7a197b1ec85f9492e335a824317a904b0c919)
|
|
Jeremy.
(This used to be commit daf179bcd6297b525bfc644efb154734723f4d58)
|
|
Jeremy.
(This used to be commit 947a56ce00e552e8b8d2ed64435eabde6225f044)
|
|
MAX_PRINT_JOBS in a queue.
Jeremy.
(This used to be commit 9fe3c0b90d4bff2217e3cb5a34b4683ca314c06e)
|
|
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
|
|
(This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
|
|
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
|
|
mangling implementation, selectable using "mangling method = " in smb.conf
It also tidies the interface a little, although it is still nasty.
(This used to be commit be23d87a178e7d0691e7d942adf89bb3d2d533c2)
|
|
of the connections db on smbd startup. This should fix the Solaris large
load bug.... (fingers crossed).
Jeremy.
(This used to be commit 5b2b9c25af28543e67762805d1387524cbb6c39d)
|
|
This allows embedded systems to compile out the higher debug
levels. It should gain speed as well as reducing the code
size. Setting it to 1 saves about 300k of code on my system.
(This used to be commit f34cac3b312f273a2363919655ddd1e25cb91305)
|
|
(This used to be commit 868999ad3c82ad72f11d5b3208b0e42b1ed95096)
|
|
Jeremy.
(This used to be commit 9ff6b0c20cc88ef0bcd62a596fcb96f898b5b29d)
|
|
- move the arbitrary 21 day timeout to local.h
(This used to be commit 11075f543470c3283accce0246d0b2983420695a)
|
|
about it to stop account lockouts with "security=server" mode. Sorry for
the delay David.
Jeremy.
(This used to be commit e8819715038ed49b07ed5639b1b88ad12e994b53)
|
|
the pam password change code to ensure that existing and working password
chat scripts don't break with 2.2.1. PAM password changing has to be explicitly
requested.
Allowed wildcards in pam password change matching (matches password chat
script matching). Had to add const (sorry Tim :-) to ms_fnmatch() to
stop warnings. Don't worry - the const changes are isolated and don't
cause any other warnings :-).
Jeremy.
(This used to be commit 47b4d82536c09bffe3a0d9917fa31d935f1be7d8)
|
|
Jeremy.
(This used to be commit 6703f621ea798bd1877bd3baa523307ee288dccd)
|
|
(This used to be commit f52a5014ee325f9d91f266f88eac51b6136a75b9)
|
|
- removes SMB_ALIGNMENT. That macro caused all sorts of problems with
getting unicode aligned right in sub-protocols (such as SMBtrans and
SMBtrans2). I believe the performance reasons for having
SMB_ALIGNMENT has gone away with the new variants of the SMB
protocol anyway, as newer commands tend to have their own internal
alignment.
- fix the locations where we set smb_flg2 to absolute values. We must
never do this if we want a hope of coping with unicode.
- add initial support for unicode on the wire in smbd. Currently
enabled using SMBD_USE_UNICODE environment variable.
(This used to be commit b98b1435e9d8f8622444c9ff33082977e661f16b)
|
|
(This used to be commit a81371a4fd6f7972b054bea90428d1d2fd6d1d22)
|
|
- got rid of guest map code in lpq parser
(This used to be commit 8e53f781d3cf6a7007764916a0d8e8f1abea1f66)
|
|
(This used to be commit f137648504362479143d50477fa38ebf7147968b)
|
|
this means "nmblookup -S" now always works, even with broken servers
the database stores all unexpected replies and these can be accessed
by any client.
while doing this I cleaned up a couple of functions, and put in place
a better trn_id generator. in most places the code got quite a bit
simpler due to the addition of simple helper functions.
I haven't yet put the code in to take advantage of this for pdc
replies - that will be next. Jeremys pdc finding code will then work :)
(This used to be commit 280e6359d36c9bc8dcded302f15c3a1db8e3feeb)
|
|
Jeremy.
(This used to be commit 1ba42aca2163c534f6be4e4a733604e3dffe0ed8)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
include/smb.h:
param/loadparm.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
printing/printing.c: Added J.F.'s latest fix.
rpc_parse/parse_misc.c:
parse_reg.c:
rpcclient/cmd_reg.c:
rpcclient/display.c: SGI compiler signed/unsigned issues.
smbd/reply.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
utils/testparm.c: Added extra test.
Jeremy.
(This used to be commit 9668a5ef50be2e6b575f9989e87ee2ff8da5ac1d)
|
|
on by default on OSes that support it, given the network IO pattern
that Samba uses. He doesn't think it will cause problems.
(This used to be commit 15016aa024854ca56ef20d1f29f54f9698a1911b)
|
|
MS client doesn't respond to a oplock break request then we might try
resending the request.
This morning Sues Win95 machine had this problem (thus forcing me to
do something about it!). When starting winword her box refused to
answer an oplock break request. I have added code to resend the oplock
break request up to 3 times at 10 second intervals before killing the
socket.
of course, as soon as I did this her box started to behave again so I
haven't been able to tell if this fix actually works, but it can't be
worse than dropping the socket immediately.
(This used to be commit a1c4d8351b9171416693e6d7a9045bdce9217edb)
|
|
As we're only using 1 bit per fd when idle it doesn't matter too much....
Jeremy.
(This used to be commit dba55b2d3453bd18e1a0cb031d012733e5a214b9)
|
|
Sets up the files array correctly - limited by the smb.conf parameter
and by the max fd's per process as found by getrlimit().
Jeremy.
(This used to be commit eca24bd24352c688cdf48c1ef14adb8ac353468f)
|
|
I've finally changed this because I've found a real effect that this
has. Win95 shows long filenames in a directory listing in a dos box
only if this is set to NTFS or HPFS (only ones I've found so far
anyway).
If NTFS poses problems of some kind then we should try HPFS
I wonder if this change will trigger any attempts to use ACLs ?
(This used to be commit 410d54fa0dba319e802d7327d89c4c1e61f2db65)
|
|
(This used to be commit 9c275bcd98cbbd9367d9b7a2204889fcefd74638)
|
|
SOFF_T() macro for setting an SMB_OFF_T variable
also limited mmap based reads to MAX_MMAP_SIZE. We really can't mmap
2^50 bytes due to virtual address space problems.
(This used to be commit 4e784b18899eddd2399a51fa7d8c219560432922)
|