| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Aug 4 19:06:39 CEST 2011 on sn-devel-104
|
|
Ensure we never add fd's set to -1 to the pollfd set.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Jun 30 21:15:25 CEST 2011 on sn-devel-104
|
|
There is no reason this can't be a normal constant string in the
loadparm system. (Past reasons were that we didn't have lp_set_cmdline())
Andrew Bartlett
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_ZERO_ARRAY isn't standard talloc.
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_ARRAY isn't standard talloc.
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_REALLOC_ARRAY isn't standard talloc.
Andrew Bartlett
|
|
Guenther
|
|
|
|
|
|
as the original macro auto-added the -1.
|
|
|
|
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Feb 14 11:46:50 CET 2011 on sn-devel-104
|
|
main loop"
This reverts commit 455fccf86b6544cd17a2571c63a88f8aebff3f74.
I'll add a more generic fix for this problem.
metze
|
|
|
|
DoS protection like the max winbind clients. Settable by
nmbd:unexpected_clients
|
|
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Jan 5 16:03:24 CET 2011 on sn-devel-104
|
|
pass this in as the &now parameter. Push this call inside of
event_add_to_select_args() to the correct point so it doesn't
get called unless needed.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Dec 23 01:08:11 CET 2010 on sn-devel-104
|
|
transaction id of packets it was requested to send via a client, and
only store replies that match these ids. On the client side change
clients to always attempt to ask nmbd first for name_query and
node_status calls, and then fall back to doing socket calls if
we can't talk to nmbd (either nmbd is not running, or we're not
root and cannot open the messaging tdb's). Fix readers of unexpected.tdb
to delete packets they've successfully read.
This should fix a long standing problem of unexpected.tdb
growing out of control in noisy NetBIOS envioronments with
lots of bradcasts, yet still allow unprivileged client apps
to work mostly as well as they already did (nmblookup for
example) in an environment when nmbd isn't running.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sun Nov 14 05:22:45 UTC 2010 on sn-devel-104
|
|
Previously, only one fd handler was being called per main message loop
in all smbd child processes.
In the case where multiple fds are available for reading the fd
corresponding to the event closest to the beginning of the event list
would be run. Obviously this is arbitrary and could cause unfairness.
Usually, the first event fd is the network socket, meaning heavy load
of client requests can starve out other fd events such as oplock
or notify upcalls from the kernel.
In this patch, I have changed the behavior of run_events() to unset
any fd that it has already called a handler function, as well
as decrement the number of fds that were returned from select().
This allows the caller of run_events() to iterate it, until all
available fds have been handled.
I then changed the main loop in smbd child processes to iterate
run_events(). This way, all available fds are handled on each wake
of select, while still checking for timed or signalled events between
each handler function call. I also added an explicit check for
EINTR from select(), which previously was masked by the fact that
run_events() would handle any signal event before the return code
was checked.
This required a signature change to run_events() but all other callers
should have no change in their behavior. I also fixed a bug in
run_events() where it could be called with a selrtn value of -1,
doing unecessary looping through the fd_event list when no fds were
available.
Also, remove the temporary echo handler hack, as all fds should be
treated fairly now.
|
|
Guenther
|
|
Guenther
|
|
Jeremy.
|
|
(cherry picked from commit 4d23d777bc6d4fad20d0f3084fe658635812bee9)
|
|
Add a simple "processed packet queue" cache to stop nmbd responding to
packets received on the broadcast and non-broadcast socket (which
it has opened when "nmbd bind explicit broadcast = yes").
This is a very simple packet queue - it only keeps the packets
processed during a single call to listen_for_packets() (i.e. one
select call). This means that if the delivery notification for a
packet received on both broadcast and non-broadcast addresses
is done in two different select calls, the packet will still be
processed twice. This is a very rare occurrance and we can just
live with it when it does as the protocol is stateless. If this
is ever flagged as a repeatable problem then we can add a longer
lived cache, using timeout processing to clear etc. etc. But without
storing all packets processed we can never be *sure* we've eliminated
the race condition so I'm going to go with this simple solution until
someone proves a more complex one is needed :-).
Jeremy.
|
|
Fix a comment typo.
Jeremy.
|
|
And send replies always via the unicast address of the subnet.
This behavior is off by default (as before)
and can be enabled with "nmbd:bind explicit broadcast = yes".
metze
|
|
Jeremy.
|
|
Jeremy.
|
|
SIGTERM
The arguments of commit d98bea900ee694cdba83149620c65bd7f8765f26
are no longer valid.
metze
|
|
And always setup the fd events.
metze
|
|
otherwise (to clarify we can also pass in structs smaller than
sockaddr_storage, such as sockaddr_in).
|
|
Michael
(This used to be commit 363eb90ce8380ce1bbc74673936ba1e6d7eee23b)
|
|
myself. Use standard dlinklist macros.
Jeremy.
(This used to be commit 1b06ee69f6b737c1d6e7b29f8ae9621e6eb07d27)
|
|
negotiation works.
Jeremy.
(This used to be commit d78045601af787731f0737b8627450018902b104)
|
|
Do so now....
Jeremy.
(This used to be commit 6b1246c29a0241c8e4bb98d659d847d010826b36)
|
|
== Subject: Remote code execution in Samba's WINS
== server daemon (nmbd) when processing name
== registration followed name query requests.
==
== CVE ID#: CVE-2007-5398
==
== Versions: Samba 3.0.0 - 3.0.26a (inclusive)
...
Secunia Research reported a vulnerability that allows for
the execution of arbitrary code in nmbd. This defect may
only be exploited when the "wins support" parameter has
been enabled in smb.conf.
(This used to be commit e40c372e0ddf631dd9162c1fdfaaa49c29915f23)
|
|
to struct sockaddr_storage in most places that matter (ie.
not the nmbd and NetBIOS lookups). This passes make test
on an IPv4 box, but I'll have to do more work/testing on
IPv6 enabled boxes. This should now give us a framework
for testing and finishing the IPv6 migration. It's at
the state where someone with a working IPv6 setup should
(theorecically) be able to type :
smbclient //ipv6-address/share
and have it work.
Jeremy.
(This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
IPv6 in winbindd, but moves most of the socket functions that were
wrongly in lib/util.c into lib/util_sock.c and provides generic
IPv4/6 independent versions of most things. Still lots of work
to do, but now I can see how I'll fix the access check code.
Nasty part that remains is the name resolution code which is
used to returning arrays of in_addr structs.
Jeremy.
(This used to be commit 3f6bd0e1ec5cc6670f3d08f76fc2cd94c9cd1a08)
|
|
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
|
|
the ripple effects this causes. utmp has to change etc. Remove some
global varables and store address/port in the unexpected db.
Jeremy.
(This used to be commit 18c6a2211d9e25233d01715b3f78977edcd6d869)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
(This used to be commit 6d210fb8a13e93fe5b7bc160a343f74878dea727)
|
|
to all callers of smb_setlen (via set_message()
calls). This will allow the server to reflect back
the correct encryption context.
Jeremy.
(This used to be commit 2d80a96120a5fe2fe726f00746d36d85044c4bdb)
|
|
redundent. Remove it.
Jeremy.
(This used to be commit 140881cfbb59ce4a699b5900efe02bf315be7bd5)
|
|
but I've no option.
Jeremy.
(This used to be commit c3a565081d70b209a4f9e6e8f1859bf7194a5f74)
|
|
Jeremy.
(This used to be commit dd47e0ef1175a57ec2e9b797ac942cb79f4a5d05)
|
