Age | Commit message (Collapse) | Author | Files | Lines |
|
main loop"
This reverts commit 455fccf86b6544cd17a2571c63a88f8aebff3f74.
I'll add a more generic fix for this problem.
metze
|
|
|
|
DoS protection like the max winbind clients. Settable by
nmbd:unexpected_clients
|
|
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Jan 5 16:03:24 CET 2011 on sn-devel-104
|
|
pass this in as the &now parameter. Push this call inside of
event_add_to_select_args() to the correct point so it doesn't
get called unless needed.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Dec 23 01:08:11 CET 2010 on sn-devel-104
|
|
transaction id of packets it was requested to send via a client, and
only store replies that match these ids. On the client side change
clients to always attempt to ask nmbd first for name_query and
node_status calls, and then fall back to doing socket calls if
we can't talk to nmbd (either nmbd is not running, or we're not
root and cannot open the messaging tdb's). Fix readers of unexpected.tdb
to delete packets they've successfully read.
This should fix a long standing problem of unexpected.tdb
growing out of control in noisy NetBIOS envioronments with
lots of bradcasts, yet still allow unprivileged client apps
to work mostly as well as they already did (nmblookup for
example) in an environment when nmbd isn't running.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sun Nov 14 05:22:45 UTC 2010 on sn-devel-104
|
|
Previously, only one fd handler was being called per main message loop
in all smbd child processes.
In the case where multiple fds are available for reading the fd
corresponding to the event closest to the beginning of the event list
would be run. Obviously this is arbitrary and could cause unfairness.
Usually, the first event fd is the network socket, meaning heavy load
of client requests can starve out other fd events such as oplock
or notify upcalls from the kernel.
In this patch, I have changed the behavior of run_events() to unset
any fd that it has already called a handler function, as well
as decrement the number of fds that were returned from select().
This allows the caller of run_events() to iterate it, until all
available fds have been handled.
I then changed the main loop in smbd child processes to iterate
run_events(). This way, all available fds are handled on each wake
of select, while still checking for timed or signalled events between
each handler function call. I also added an explicit check for
EINTR from select(), which previously was masked by the fact that
run_events() would handle any signal event before the return code
was checked.
This required a signature change to run_events() but all other callers
should have no change in their behavior. I also fixed a bug in
run_events() where it could be called with a selrtn value of -1,
doing unecessary looping through the fd_event list when no fds were
available.
Also, remove the temporary echo handler hack, as all fds should be
treated fairly now.
|
|
Guenther
|
|
Guenther
|
|
Jeremy.
|
|
(cherry picked from commit 4d23d777bc6d4fad20d0f3084fe658635812bee9)
|
|
Add a simple "processed packet queue" cache to stop nmbd responding to
packets received on the broadcast and non-broadcast socket (which
it has opened when "nmbd bind explicit broadcast = yes").
This is a very simple packet queue - it only keeps the packets
processed during a single call to listen_for_packets() (i.e. one
select call). This means that if the delivery notification for a
packet received on both broadcast and non-broadcast addresses
is done in two different select calls, the packet will still be
processed twice. This is a very rare occurrance and we can just
live with it when it does as the protocol is stateless. If this
is ever flagged as a repeatable problem then we can add a longer
lived cache, using timeout processing to clear etc. etc. But without
storing all packets processed we can never be *sure* we've eliminated
the race condition so I'm going to go with this simple solution until
someone proves a more complex one is needed :-).
Jeremy.
|
|
Fix a comment typo.
Jeremy.
|
|
And send replies always via the unicast address of the subnet.
This behavior is off by default (as before)
and can be enabled with "nmbd:bind explicit broadcast = yes".
metze
|
|
Jeremy.
|
|
Jeremy.
|
|
SIGTERM
The arguments of commit d98bea900ee694cdba83149620c65bd7f8765f26
are no longer valid.
metze
|
|
And always setup the fd events.
metze
|
|
otherwise (to clarify we can also pass in structs smaller than
sockaddr_storage, such as sockaddr_in).
|
|
Michael
(This used to be commit 363eb90ce8380ce1bbc74673936ba1e6d7eee23b)
|
|
myself. Use standard dlinklist macros.
Jeremy.
(This used to be commit 1b06ee69f6b737c1d6e7b29f8ae9621e6eb07d27)
|
|
negotiation works.
Jeremy.
(This used to be commit d78045601af787731f0737b8627450018902b104)
|
|
Do so now....
Jeremy.
(This used to be commit 6b1246c29a0241c8e4bb98d659d847d010826b36)
|
|
== Subject: Remote code execution in Samba's WINS
== server daemon (nmbd) when processing name
== registration followed name query requests.
==
== CVE ID#: CVE-2007-5398
==
== Versions: Samba 3.0.0 - 3.0.26a (inclusive)
...
Secunia Research reported a vulnerability that allows for
the execution of arbitrary code in nmbd. This defect may
only be exploited when the "wins support" parameter has
been enabled in smb.conf.
(This used to be commit e40c372e0ddf631dd9162c1fdfaaa49c29915f23)
|
|
to struct sockaddr_storage in most places that matter (ie.
not the nmbd and NetBIOS lookups). This passes make test
on an IPv4 box, but I'll have to do more work/testing on
IPv6 enabled boxes. This should now give us a framework
for testing and finishing the IPv6 migration. It's at
the state where someone with a working IPv6 setup should
(theorecically) be able to type :
smbclient //ipv6-address/share
and have it work.
Jeremy.
(This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
IPv6 in winbindd, but moves most of the socket functions that were
wrongly in lib/util.c into lib/util_sock.c and provides generic
IPv4/6 independent versions of most things. Still lots of work
to do, but now I can see how I'll fix the access check code.
Nasty part that remains is the name resolution code which is
used to returning arrays of in_addr structs.
Jeremy.
(This used to be commit 3f6bd0e1ec5cc6670f3d08f76fc2cd94c9cd1a08)
|
|
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
|
|
the ripple effects this causes. utmp has to change etc. Remove some
global varables and store address/port in the unexpected db.
Jeremy.
(This used to be commit 18c6a2211d9e25233d01715b3f78977edcd6d869)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
(This used to be commit 6d210fb8a13e93fe5b7bc160a343f74878dea727)
|
|
to all callers of smb_setlen (via set_message()
calls). This will allow the server to reflect back
the correct encryption context.
Jeremy.
(This used to be commit 2d80a96120a5fe2fe726f00746d36d85044c4bdb)
|
|
redundent. Remove it.
Jeremy.
(This used to be commit 140881cfbb59ce4a699b5900efe02bf315be7bd5)
|
|
but I've no option.
Jeremy.
(This used to be commit c3a565081d70b209a4f9e6e8f1859bf7194a5f74)
|
|
Jeremy.
(This used to be commit dd47e0ef1175a57ec2e9b797ac942cb79f4a5d05)
|
|
Jeremy.
(This used to be commit f4bf550b5757024b41062784b185b52a1a0e11f4)
|
|
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
|
|
by rfc1002.
Jeremy.
(This used to be commit 422fb43dda13e0840245ae272b7621640b8ad220)
|
|
Jeremy.
(This used to be commit 86c5548d272c0804c0188ae744ae1bb17eb817f6)
|
|
use the correct RR type of 0xA instead of reflecting back what
the query RR type was (0x20). See rfc1002 sections 4.2.14 and
4.2.16.
Jeremy.
(This used to be commit ab8c9240044f1ef3d5c6ac4850c8ec615c2e32fd)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
Jeremy.
(This used to be commit 65fc39fc388244923d1e36076b5a4116aa434be5)
|
|
Make nmbd use maxfd+1 in select also.
Jeremy.
(This used to be commit e3ca22b80dc1c22f0e5c829d11724c79e317641f)
|
|
Jeremy.
(This used to be commit dd9b17abd6b32c090840c1a0b797fd774711cb3a)
|
|
names in nmbd. Allows conversion from dos codepage mb strings (ie. SJIS) to
expand to utf8 size on read.
Jeremy.
(This used to be commit 834d816caf9cd6318da00febde50d9233469dac2)
|
|
(MORIYAMA Masayuki).
Don't use nstrings to hold workgroup and netbios names. The problem with them is that MB netbios
and workgroup names in unix charset (particularly utf8) may be up to 3x bigger than the name
when represented in dos charset (ie. cp932). So go back to using fstrings for these but
translate into nstrings (ie. 16 byte length values) for transport on the wire.
Jeremy.
(This used to be commit b4ea493599ab414f7828b83f40a5a8b43479ff64)
|
|
Jeremy.
(This used to be commit d085c94dacffbe8199e83315340e4f60d1f0b9a5)
|
|
iconv wasn't re-initialised on reading of "charset" parameters. This
caused workgroup name to be set incorrectly if it contained an
extended character.
Jeremy.
(This used to be commit 84ae44678a6c59c999bc1023fdd9b7ad87f4ec18)
|