Age | Commit message (Collapse) | Author | Files | Lines |
|
np_open/read/write don't have to know about files_struct
|
|
It is possible for a posix file created locally or over nfs to have a
":" in the name. Since ":" is a reserved character in windows,
filenames containing a colon must be mangled in a directory listing.
Right now files containing colons will not even be displayed in
directory listings if streams modules are in use. During the
directory listing the file will be detected as a stream because of the
colon, but the streams module will fail to find the stream since it
doesn't exist. This fix adds a step to is_ntfs_stream_name that stats
the filename to differentiate between actual streams and files
containing colons.
While this is an improvement, it isn't perfect. Consider the case
where there is a file on disk called "a.txt:s1" and also a file called
"a.txt" that has a stream called "s1". This patch will always
preference "a.txt:s1" over a.txt's s1 stream.
The real issue is that at the vfs level, the vfs modules have no way
to tell between a demangled name with a colon and an actual stream. A
more invasive, but better, long-term fix would be to add all paths
that come over the wire into a struct containing metadata about the
path. This metadata could include a flag to indicate whether the path
came over the wire with a colon ":" (guaranteeing that the client is
requesting a stream). Passing this struct down to the lower levels,
including all path-based vfs calls, would allow the above case to be
handled correctly in all cases.
|
|
The goal is to move all this variables into a big context structure.
metze
|
|
Jeremy.
|
|
|
|
The test_streams_rename2 test in RAW-STREAMS verifies these changes
|
|
|
|
|
|
|
|
This replaces the is_dos_path bool with a more future-proof argument.
The next step is to plumb INTERNAL_OPEN_ONLY through this flag instead
of overridding the oplock_request.
|
|
SMB_VFS_CREATE_FILE
|
|
Now unix paths can be differentiated from windows paths so the
underlying create_file implementations can convert paths correctly.
|
|
Modify all callers of create_file to go through SMB_VFS_CREATE_FILE
|
|
This could also be handled inside each ACL VFS module, by setting the PRESENT
flag when a NULL [SD]ACL is created.
|
|
|
|
This is the one where I found the problem that led to 3.2.5. So if there is one
checkin in the last year that I would like others to review and *understand*,
it is this one :-)
Volker
|
|
This converts the range checks for the setup[] array to rely on req->wct being
set correctly in init_smb_request. As that already verifies the vwv array to be
in the range of the smb_request inbuf, we don't have to do overflow checks here
anymore.
Jeremy, please check thoroughly! :-)
Thanks,
Volker
|
|
This fixes a potential crash bug, a client can make us read memory we
should not read. Luckily I got the disp checks right...
Volker
(cherry picked from commit 64a1d80851da5b05e70ec6c96f6e9bd473748369)
(cherry picked from commit f04c5650a3aeca23591ddc781c4b297caaf9bb3f)
|
|
This is a modification of Jeremy's 7522ef15aca2429ef57c75d8297dd8121e79c9da
commit.
If no DACL/SACL is present in the packet, the SEC_INFO field should still be
passed down as is to the VFS layer to signal the creation of a NULL DACL/SACL.
As seen in metze RAW-ACL test_nttrans_create_null_dacl(), a NULL DACL is set
regardless of the SEC_DESC_DACL_PRESENT bit being set.
|
|
|
|
Jeremy.
|
|
Instead, fix up the outbuf in send_xx_reply. In those routines, we know
what we are returning.
|
|
|
|
|
|
right. Only inheritance left to fix.
Jeremy.
|
|
|
|
|
|
Now that "req" is available everywhere, use it. Rename srvstr_pull_buf_talloc()
to srvstr_pull_req()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
on the way to get rid of chain_fsp
|
|
The goal is to get rid of the chain_fsp global variable
|
|
|
|
to specific bits every time a security descriptor is set. The S4 torture suite proves
that generic bits are not returned when querying an ACL set using them (ie. only
the specific bits are stored on disk).
Jeremy.
|
|
(This used to be commit 23e9fed28cf9998534b3c55f4b20a562da507552)
|
|
When alignment was in place, we pretended to send more data/params according to
the param_offset/param_length and data_offset/data_length parameters than would
actually fit into the SMB according to the NBSS length field.
(This used to be commit ef3c132b8455c6fe4d0bb9f0be881040a806a4ed)
|
|
Some of the bits generate INVALID_PARAMETER and some bits
are ignored when they come from a client, that's why we need
to use bits from the ignored range for our internal usage.
metze
(This used to be commit 7b4c8a4e39f310eb450918fa841b0ea1b4af19f7)
|
|
This scans the list of pipes registered via rpc_pipe_register_commands instead
of using static tables.
(This used to be commit 283e6039989adea1c8921b3600b410cb67b6492a)
|
|
(This used to be commit 5f8a5e68ea166fbeda3af6e5ec381ec09d06f0f6)
|
|
This involved replacing the CHECK_NTQUOTA_HANDLE_OK macro by a function.
(This used to be commit 5595cdf837edb82db69a3e57bcf3108be7feeeb8)
|
|
fsp_belongs_conn only used the vuid struct member anyway, and this is available
in the smb_request structure as well.
(This used to be commit 64e9372ab997739d46669c0cc4a4c6edb11d5e64)
|
|
check_fsp only used the vuid struct member anyway, and this is available in the
smb_request structure as well.
(This used to be commit 8d364c4c3311b406847158fc37e9208d298cf8ba)
|
|
(This used to be commit 93111ea0a1191e8547ad6cf112e2699d3bb3799b)
|
|
(This used to be commit 368454a27cb53a408ec416cbf37235b304592fb5)
|
|
SMB_VFS_FGET_NT_ACL instead. I'd like to ultimately
remove SMB_VFS_GET_NT_ACL.
Jeremy.
(This used to be commit 4221937b68e2414295279b27c5f12a80f826ed4b)
|
|
this can only be done via fset_nt_acl() using an open
file/directory handle. I'd like to do the same with
get_nt_acl() but am concerned about efficiency
problems with "hide unreadable/hide unwritable" when
doing a directory listing (this would mean opening
every file in the dir on list).
Moving closer to rationalizing the ACL model and
maybe moving the POSIX calls into a posix_acl VFS
module rather than having them as first class citizens
of the VFS.
Jeremy.
(This used to be commit f487f742cb903a06fbf2be006ddc9ce9063339ed)
|